From a43a5ebb2136a77be8e79546f329412e4bef14c4 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Mon, 13 Jul 2015 02:00:26 +0200 Subject: Windows: Modify PIM parts in GUI to make it easier to use. Users must explicitly check "User PIM" to enable its use. --- src/Common/Common.rc | 17 +++++++++-------- src/Common/Dlgcode.c | 8 +++++++- src/Common/Dlgcode.h | 1 + src/Common/Language.xml | 9 ++++++--- src/Common/Password.c | 7 +++++++ src/Common/Resource.h | 3 ++- 6 files changed, 32 insertions(+), 13 deletions(-) (limited to 'src/Common') diff --git a/src/Common/Common.rc b/src/Common/Common.rc index 7df10586..652b407f 100644 --- a/src/Common/Common.rc +++ b/src/Common/Common.rc @@ -73,26 +73,27 @@ BEGIN CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,11,194,10 CONTROL "Mount volume as removable &medium",IDC_MOUNT_REMOVABLE, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,25,195,10 + CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11 CONTROL "Mount partition &using system encryption without pre-boot authentication",IDC_MOUNT_SYSENC_PART_WITHOUT_PBA, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,53,259,11 CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,86,252,10 EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,104,151,14,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP + EDITTEXT IDC_PIM,112,145,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,148,112,8,NOT WS_VISIBLE CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,165,90,10 CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,178,90,10 - PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,167,60,14 - LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,193,247,10,SS_NOTIFY + PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,204,174,60,14 DEFPUSHBUTTON "OK",IDOK,211,7,60,14 PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14 + LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,193,247,10,SS_NOTIFY RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,139 - CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11 - COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,126,91,17 - EDITTEXT IDC_PIM,112,145,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER - RTEXT "Volume PIM:",IDT_PIM,15,148,91,17 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,148,112,8 + RTEXT "Volume PIM:",IDT_PIM,15,148,91,17,NOT WS_VISIBLE + CONTROL "Use PIM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,152,97,10 END IDD_KEYFILES DIALOGEX 0, 0, 345, 237 diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 478af87c..2742317f 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -118,6 +118,7 @@ BOOL bPortableModeConfirmed = FALSE; // TRUE if it is certain that the instance BOOL bInPlaceEncNonSysPending = FALSE; // TRUE if the non-system in-place encryption config file indicates that one or more partitions are scheduled to be encrypted. This flag is set only when config files are loaded during app startup. /* Globals used by Mount and Format (separately per instance) */ +BOOL PimEnable = FALSE; BOOL KeyFilesEnable = FALSE; KeyFile *FirstKeyFile = NULL; KeyFilesDlgParam defaultKeyFilesParam; @@ -9185,6 +9186,10 @@ void Applink (char *dest, BOOL bSendOS, char *extraOutput) { StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Contact"); } + else if (strcmp(dest, "pim") == 0) + { + StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20%28PIM%29"); + } else { StringCbCopyA (url, sizeof (url),TC_APPLINK); @@ -10765,7 +10770,8 @@ std::string FindLatestFileOrDirectory (const std::string &directory, const char int GetPim (HWND hwndDlg, UINT ctrlId) { int pim = 0; - if (IsWindowEnabled (GetDlgItem (hwndDlg, ctrlId))) + HWND hCtrl = GetDlgItem (hwndDlg, ctrlId); + if (IsWindowEnabled (hCtrl) && IsWindowVisible (hCtrl)) { char szTmp[MAX_PIM + 1] = {0}; if (GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIM + 1) > 0) diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 175282fe..18e581f5 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -137,6 +137,7 @@ extern char bCachedSysDevicePathsValid; extern BOOL bHyperLinkBeingTracked; extern BOOL bInPlaceEncNonSysPending; +extern BOOL PimEnable; extern BOOL KeyFilesEnable; extern KeyFile *FirstKeyFile; extern KeyFilesDlgParam defaultKeyFilesParam; diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 889d7bbb..a02da93c 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -48,6 +48,7 @@ &Keyfiles... Information on hash algorithms More information + Information on PIM &MB More information More information about system encryption @@ -57,6 +58,7 @@ &Never save history Open Outer Volume &Pause + Use PIM Quick Format &Display password &Display password @@ -617,14 +619,15 @@ Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume. Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found. - \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. + \n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly. Remember Number to Mount Volume Outer Volume PIM Hidden Volume PIM PIM for Hidden Operating System - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\n\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA small PIM value will lead to a quicker mount but it can reduce security if the password is not strong enough. - PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\n\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA small PIM value will lead to a quicker boot but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System + You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM diff --git a/src/Common/Password.c b/src/Common/Password.c index f8cf4616..fe9a9370 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -134,6 +134,13 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim return FALSE; } #endif + + if ((pim != 0) && (pim > (bForBoot? 98 : 485))) + { + // warn that mount/boot will take more time + MessageBoxW (hwndDlg, GetString ("PIM_LARGE_WARNING"), lpszTitle, MB_OK|MB_ICONWARNING); + + } return TRUE; } diff --git a/src/Common/Resource.h b/src/Common/Resource.h index 2d593b65..f1c20214 100644 --- a/src/Common/Resource.h +++ b/src/Common/Resource.h @@ -191,6 +191,7 @@ #define IDT_PIM 5129 #define IDC_PIM 5130 #define IDC_PIM_HELP 5131 +#define IDC_PIM_ENABLE 5132 // Next default values for new objects // @@ -199,7 +200,7 @@ #define _APS_NO_MFC 1 #define _APS_NEXT_RESOURCE_VALUE 542 #define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 5132 +#define _APS_NEXT_CONTROL_VALUE 5133 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif -- cgit v1.2.3