From c0ff7a7c521b1d658316d9a177383ab0c403007a Mon Sep 17 00:00:00 2001
From: Felix Reichmann <54814163+Van-Fouran@users.noreply.github.com>
Date: Thu, 25 Aug 2022 09:46:58 +0200
Subject: New sys enc wizard (#957)

* New VeraCrypt interface (for system encryption) with improved usability

* System Encryption: translate password to US keyboard layout + improved new interface

* Windows: Fix build error following merge

* Windows: Remove unused variable

* Windows: Add missing string in Language.xml

* Windows: fix buffer overrun caused by wrong use of wmemset

* Do not delete password file

Since the file is only available in \Release\Setup Files\ it would be fully deleted after running this script the first time.

* Correct return code

Originally the function would have always returned the return-code 1 resulting that the user is not able to change the location for the rescue zip.

* Added hint for sysenc

Added a hint why the field for repeating the password is initially greyed out within the system encryption.

* Corrected spelling mistake

Corrected spelling mistake

* Removed not working copy job

The file to be copied was stored at the source location. Therefore the copyjob will not work. Instead the file is already in the target folder.

* Removed RIPEMD-160 from Product64.wxs

See commit from 21.03.2022

* Added german translation for new interface

* Fixed PIM bug

* Corrected translation file based on the guidelines within the pull request

* Fixing merge conflicts

* Fixed Compiling issues. Reverted keyboard translation

* Removed artifacts of password translation

* Corrected language.xml

* Fixed order within german language file

* Corrected positions

Co-authored-by: Bruna2803 <bruna.radeljak@hotmail.com>
Co-authored-by: felixreichmann <30237956+felixreichmann@users.noreply.github.com>
Co-authored-by: Mounir IDRASSI <mounir.idrassi@idrix.fr>
---
 src/Format/Tcformat.c | 1261 +++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 1053 insertions(+), 208 deletions(-)

(limited to 'src/Format/Tcformat.c')

diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index efd95caf..db0a8209 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -13,6 +13,10 @@
 
 #include "Tcdefs.h"
 
+#include <iostream>		
+#include <fstream>
+#include <set>
+#include <iterator>
 #include <stdlib.h>
 #include <limits.h>
 #include <time.h>
@@ -20,6 +24,7 @@
 #include <io.h>
 #include <sys/stat.h>
 #include <shlobj.h>
+#include <commctrl.h>
 
 #include "Crypto.h"
 #include "cpu.h"
@@ -128,6 +133,15 @@ enum sys_encryption_cmd_line_switches
 	SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV
 };
 
+enum password_status
+{
+	very_weak = 0,
+	weak,
+	medium,
+	strong,
+	very_strong
+};
+
 typedef struct
 {
 	int NumberOfSysDrives;			// Number of drives that contain an operating system. -1: unknown, 1: one, 2: two or more
@@ -160,7 +174,14 @@ BOOL DirectNonSysInplaceDecResumeMode = FALSE;
 BOOL DirectPromptNonSysInplaceEncResumeMode = FALSE;
 BOOL DirectCreationMode = FALSE;
 
-volatile BOOL bInPlaceEncNonSys = FALSE;		/* If TRUE, existing data on a non-system partition/volume are to be encrypted (or decrypted if bInPlaceDecNonSys is TRUE) in place (for system encryption, this flag is ignored) */
+int iIconX=0;
+int iIconY=0;
+HWND hDlgItemTooltip = NULL;
+HANDLE hIconTooltip = NULL;
+char tempPassword[MAX_PASSWORD + 1];
+int iPasswordStrength;
+
+volatile BOOL bInPlaceEncNonSys = TRUE;		/* If TRUE, existing data on a non-system partition/volume are to be encrypted (or decrypted if bInPlaceDecNonSys is TRUE) in place (for system encryption, this flag is ignored) */
 volatile BOOL bInPlaceDecNonSys = FALSE;		/* If TRUE, existing data on a non-system partition/volume are to be decrypted in place (for system encryption, this flag is ignored) */
 volatile BOOL bInPlaceEncNonSysResumed = FALSE;	/* If TRUE, the wizard is supposed to resume (or has resumed) process of non-system in-place encryption/decryption. */
 volatile BOOL bFirstNonSysInPlaceEncResumeDone = FALSE;
@@ -236,6 +257,7 @@ Password volumePassword;			/* User password */
 Password outerVolumePassword;			/* Outer volume user password */
 char szVerify[MAX_PASSWORD + 1];	/* Tmp password buffer */
 char szRawPassword[MAX_PASSWORD + 1];	/* Password before keyfile was applied to it */
+BOOL bNextButtonClicked = FALSE;
 
 int volumePim = 0;
 int outerVolumePim = 0;
@@ -301,6 +323,11 @@ BOOL bIsSparseFilesSupportedByHost = FALSE;
 
 vector <HostDevice> DeferredNonSysInPlaceEncDevices;
 
+BOOL bChecklistA;
+BOOL bChecklistB;
+BOOL bChecklistC;
+BOOL bCheckboxPretest;
+
 int iMaxPasswordLength = MAX_PASSWORD;
 
 // specific definitions and implementation for support of resume operation
@@ -1419,89 +1446,11 @@ void ComboSelChangeEA (HWND hwndDlg)
 	else
 	{
 		wchar_t name[100];
-		wchar_t auxLine[4096];
-		wchar_t hyperLink[256] = { 0 };
-		int cipherIDs[5];
-		int i, cnt = 0;
 
 		nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);
 		EAGetName (name, ARRAYSIZE(name),nIndex, 0);
 
-		if (wcscmp (name, L"AES") == 0)
-		{
-			StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name);
-
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AES_HELP"));
-		}
-		else if (wcscmp (name, L"Serpent") == 0)
-		{
-			StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name);
-
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SERPENT_HELP"));
-		}
-		else if (wcscmp (name, L"Twofish") == 0)
-		{
-			StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name);
-
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("TWOFISH_HELP"));
-		}
-		else if (wcscmp (name, L"Kuznyechik") == 0)
-		{
-			StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name);
-
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("KUZNYECHIK_HELP"));
-		}
-		else if (wcscmp (name, L"Camellia") == 0)
-		{
-			StringCbPrintfW (hyperLink, sizeof(hyperLink) / 2, GetString ("MORE_INFO_ABOUT"), name);
-
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("CAMELLIA_HELP"));
-		}
-		else if (EAGetCipherCount (nIndex) > 1)
-		{
-			// Cascade
-			cipherIDs[cnt++] = i = EAGetLastCipher(nIndex);
-			while (i = EAGetPreviousCipher(nIndex, i))
-			{
-				cipherIDs[cnt] = i;
-				cnt++;
-			}
-
-			switch (cnt)	// Number of ciphers in the cascade
-			{
-			case 2:
-				StringCbPrintfW (auxLine, sizeof(auxLine), GetString ("TWO_LAYER_CASCADE_HELP"),
-					CipherGetName (cipherIDs[1]),
-					CipherGetKeySize (cipherIDs[1])*8,
-					CipherGetName (cipherIDs[0]),
-					CipherGetKeySize (cipherIDs[0])*8);
-				break;
-
-			case 3:
-				StringCbPrintfW (auxLine, sizeof(auxLine), GetString ("THREE_LAYER_CASCADE_HELP"),
-					CipherGetName (cipherIDs[2]),
-					CipherGetKeySize (cipherIDs[2])*8,
-					CipherGetName (cipherIDs[1]),
-					CipherGetKeySize (cipherIDs[1])*8,
-					CipherGetName (cipherIDs[0]),
-					CipherGetKeySize (cipherIDs[0])*8);
-				break;
-			}
-
-			StringCbCopyW (hyperLink, sizeof(hyperLink), GetString ("IDC_LINK_MORE_INFO_ABOUT_CIPHER"));
-
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), auxLine);
-		}
-		else
-		{
-			// No info available for this encryption algorithm
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), L"");
-		}
-
-
-		// Update hyperlink
-		SetWindowTextW (GetDlgItem (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER), hyperLink);
-		AccommodateTextField (hwndDlg, IDC_LINK_MORE_INFO_ABOUT_CIPHER, FALSE, hUserUnderlineFont);
+		SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("AES_HELP_NEW"));
 	}
 }
 
@@ -3776,31 +3725,80 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			break;
 
 		case SYSENC_TYPE_PAGE:
+			{
 
 			bHiddenVolHost = bHiddenVol = bHiddenOS;
 
-			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_TYPE_PAGE_TITLE"));
+			wchar_t finalMsg[8024] = {0};
 
-			SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_HIDDEN), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE);
-			SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_NORMAL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE);
-
-			DisableIfGpt(GetDlgItem(hwndDlg, IDC_SYSENC_HIDDEN));
+			try
+			{
+				StringCbPrintfW (finalMsg, sizeof(finalMsg),
+					GetString ("SYSENC_TYPE_PAGE_TITLE"),
+					GetSystemDriveLetter ());
+			}
+			catch (Exception &e)
+			{
+				e.Show (hwndDlg);
+				EndMainDlg (MainDlg);
+				return 0;
+			}
 
-			CheckButton (GetDlgItem (hwndDlg, bHiddenOS ? IDC_SYSENC_HIDDEN : IDC_SYSENC_NORMAL));
+			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), finalMsg);
 
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_TYPE_HELP"));
-			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP_SYSENC_NORMAL), GetString ("SYSENC_NORMAL_TYPE_HELP"));
+			memset (finalMsg, 0, sizeof (finalMsg));
+			try
+			{
+				StringCbPrintfW (finalMsg, sizeof(finalMsg),
+					GetString ("SYSENC_INFO"),
+					GetSystemDriveLetter ());
+			}
+			catch (Exception &e)
+			{
+				e.Show (hwndDlg);
+				EndMainDlg (MainDlg);
+				return 0;
+			}
 
-			ToHyperlink (hwndDlg, IDC_HIDDEN_SYSENC_INFO_LINK);
+			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), finalMsg);
+			SetWindowTextW (GetDlgItem (hwndDlg, IDT_SYSENC_INFO_2), GetString ("SYSENC_INFO_2"));
+			
+			if (bSystemIsGPT)
+			{
+				ShowWindow (GetDlgItem(hwndDlg, IDC_ADVANCE_INTRO), SW_HIDE);
+				ShowWindow (GetDlgItem(hwndDlg, IDC_INFORMATION_TIP), SW_HIDE);
+			}
+			else
+			{
+				EnableWindow (GetDlgItem(hwndDlg, IDC_ADVANCE_INTRO), TRUE);
+				iIconX = GetSystemMetrics (SM_CXSMICON);
+				iIconY = GetSystemMetrics (SM_CYSMICON);
 
+				hIconTooltip = LoadImage (NULL, MAKEINTRESOURCE (104), IMAGE_ICON, iIconX, iIconY, LR_DEFAULTCOLOR);
+				SendDlgItemMessage (hwndDlg, IDC_INFORMATION_TIP, STM_SETICON, (WPARAM) hIconTooltip, 0);
+			
+				hDlgItemTooltip = GetDlgItem (hwndDlg, IDC_INFORMATION_TIP);
+				if (hDlgItemTooltip)
+				{
+					CreateToolTip (hwndDlg, hDlgItemTooltip, GetString ("ADV_FEATURES_INTRO_TOOLTIP"));
+				}
+				else
+				{
+					MessageBox (0, TEXT("Cannot find dialog item"), 0, 0);
+				}
+			}
+			
 			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
 			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bDirectSysEncMode);
 
 			SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT"));
 			SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV"));
 			SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL"));
+			
+			// Start loading the password dictonary into memory ("need" is just a random word for initializing the process)	
+			CheckWord("need");
 			break;
-
+			}
 		case SYSENC_HIDDEN_OS_REQ_CHECK_PAGE:
 
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_TITLE"));
@@ -3835,7 +3833,6 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
 			break;
 
-
 		case SYSENC_PRE_DRIVE_ANALYSIS_PAGE:
 
 			Init2RadButtonPageYesNo (SysEncDetectHiddenSectors);
@@ -4363,6 +4360,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			{
 				wchar_t str[1000];
 
+				EnableWindow(GetDlgItem(hwndDlg, IDC_VERIFY), FALSE);
+
 				hPasswordInputField = GetDlgItem (hwndDlg, IDC_PASSWORD);
 				hVerifyPasswordInputField = GetDlgItem (hwndDlg, IDC_VERIFY);
 
@@ -4374,28 +4373,41 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 					ToBootPwdField (hwndDlg, IDC_PASSWORD);
 					ToBootPwdField (hwndDlg, IDC_VERIFY);
 
-					StringCbPrintfW (OrigKeyboardLayout, sizeof(OrigKeyboardLayout), L"%08X", (DWORD) GetKeyboardLayout (NULL) & 0xFFFF);
+					StringCbPrintfW(OrigKeyboardLayout, sizeof(OrigKeyboardLayout), L"%08X", (DWORD)GetKeyboardLayout(NULL) & 0xFFFF);
 
-					if ((DWORD) GetKeyboardLayout (NULL) != 0x00000409 && (DWORD) GetKeyboardLayout (NULL) != 0x04090409)
+					if ((DWORD)GetKeyboardLayout(NULL) != 0x00000409 && (DWORD)GetKeyboardLayout(NULL) != 0x04090409)
 					{
-						DWORD keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE);
+						DWORD keybLayout = (DWORD)LoadKeyboardLayout(L"00000409", KLF_ACTIVATE);
 
 						if (keybLayout != 0x00000409 && keybLayout != 0x04090409)
 						{
-							Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg);
-							EndMainDlg (MainDlg);
+							Error("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg);
+							EndMainDlg(MainDlg);
 							return 1;
 						}
 						bKeyboardLayoutChanged = TRUE;
 					}
 
-
 					if (SetTimer (MainDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)
 					{
 						Error ("CANNOT_SET_TIMER", MainDlg);
 						EndMainDlg (MainDlg);
 						return 1;
 					}
+
+					ShowWindow(GetDlgItem(hwndDlg, IDC_KEYFILES_ENABLE), SW_HIDE);
+					ShowWindow(GetDlgItem(hwndDlg, IDC_KEY_FILES), SW_HIDE);
+					ShowWindow(GetDlgItem(hwndDlg, IDC_PIM_ENABLE), SW_HIDE);
+
+					ShowWindow(GetDlgItem(hwndDlg, IDC_ADVANCE), SW_SHOW);
+				}
+				else
+				{
+					SetCheckBox (hwndDlg, IDC_PIM_ENABLE, PimEnable);
+
+					SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect());
+					EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable && !SysEncInEffect());
+					EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), !SysEncInEffect());
 				}
 
 				if (bHiddenVolHost)
@@ -4410,20 +4422,14 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				}
 				else
 				{
-					StringCbCopyW (str, sizeof(str), GetString ("PASSWORD_HELP"));
+					StringCbCopyW (str, sizeof(str), GetString ("PASSWORD_HELP_SYSENC"));
 				}
 
-				SetPassword (hwndDlg, IDC_PASSWORD, szRawPassword);
-				SetPassword (hwndDlg, IDC_VERIFY, szVerify);
+				SetPassword(hwndDlg, IDC_PASSWORD, szRawPassword);
+				SetPassword(hwndDlg, IDC_VERIFY, szVerify);
 
 				SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD));
 
-				SetCheckBox (hwndDlg, IDC_PIM_ENABLE, PimEnable);
-
-				SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect());
-				EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable && !SysEncInEffect());
-				EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), !SysEncInEffect());
-
 				SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str);
 
 				if (CreatingHiddenSysVol())
@@ -4431,7 +4437,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				else if (bHiddenVol)
 					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PASSWORD_HIDVOL_HOST_TITLE" : "PASSWORD_HIDVOL_TITLE"));
 				else if (WizardMode == WIZARD_MODE_SYS_DEVICE)
-					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD"));
+					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("CHOOSE_PASSWORD_TITLE"));
 				else
 					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_TITLE"));
 
@@ -4447,7 +4453,40 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 							  NULL,
 							  KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());
 				volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
+			
+				if(SysEncInEffect ())
+				{
+					/* Random pool parameter is here because random page is removed */
+
+					mouseEntropyGathered = 0xFFFFFFFF;
+					mouseEventsInitialCount = 0;
+					bUseMask = FALSE;
+				
+					{
+						HCRYPTPROV hRngProv;
+						if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
+						{
+							if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool))
+								bUseMask = TRUE;
+							CryptReleaseContext (hRngProv, 0);
+						}
+					}
+
+					SetTimer(GetParent(hwndDlg), TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL);
+
+					hRandPoolSys = GetDlgItem(hwndDlg, IDC_SYS_POOL_CONTENTS);
+					hEntropyBar = GetDlgItem(hwndDlg, IDC_ENTROPY_BAR);
+					SendMessage(hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel);
+					SendMessage(hEntropyBar, PBM_SETSTEP, 1, 0);
+					SendMessage(GetDlgItem(hwndDlg, IDC_SYS_POOL_CONTENTS), WM_SETFONT, (WPARAM)hFixedDigitFont, (LPARAM)TRUE);
+
+					/* set default values */
 
+					hash_algo = bSystemIsGPT ? SHA512 : DEFAULT_HASH_ALGORITHM_BOOT;
+					RandSetHashFunction(hash_algo); 
+					
+					nWipeMode = TC_WIPE_NONE;
+				}
 			}
 			break;
 
@@ -4577,6 +4616,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
 			SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_INFO), bSystemIsGPT? GetString ("RESCUE_DISK_EFI_INFO"): GetString ("RESCUE_DISK_INFO"));
+			SetWindowTextW(GetDlgItem(hwndDlg, IDT_RESCUE_DISK_INFO_2), GetString("RESCUE_DISK_INFO_2"));
+
 			SetCheckBox (hwndDlg, IDC_SKIP_RESCUE_VERIFICATION, bDontVerifyRescueDisk);
 			SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO);
 			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1));
@@ -4608,25 +4649,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_BURN_INFO), szTmp);
 				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
 
-				/* The 'Back' button must be disabled now because the user could burn a Rescue Disk, then go back, and
-				generate a different master key, which would cause the Rescue Disk verification to fail (the result
-				would be confusion and bug reports). */
-				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE);
-
-				if (bSystemIsGPT)
-				{
-					ShowWindow (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), SW_HIDE);
-				}
-				else
-				{
-					if (IsWindowsIsoBurnerAvailable())
-						SetWindowTextW (GetDlgItem (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE), GetString ("LAUNCH_WIN_ISOBURN"));
-
-					ToHyperlink (hwndDlg, IDC_DOWNLOAD_CD_BURN_SOFTWARE);
-
-					if (IsWindowsIsoBurnerAvailable() && !bDontVerifyRescueDisk)
-						LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO);
-				}
+				/* The 'Back' button is enabled but user can't go back, instead warning is provided */
+				EnableWindow(GetDlgItem(GetParent(hwndDlg), IDC_PREV), TRUE);
+				
 			}			
 			break;
 
@@ -4651,24 +4676,76 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 		case SYSENC_WIPE_MODE_PAGE:
 		case NONSYS_INPLACE_ENC_WIPE_MODE_PAGE:
 			{
-				if (nWipeMode == TC_WIPE_1_RAND)
-					nWipeMode = TC_WIPE_NONE;
-
-				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE"));
-				SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("INPLACE_ENC_WIPE_MODE_INFO"));
-
-				PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE),
-					SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING && !bInPlaceEncNonSys,
-					TRUE,
-					FALSE);
+				if (SysEncInEffect ())
+				{
+					/* Wipe mode page is now checklist page */
+					ShowWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDT_WIPE_MODE), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), SW_HIDE);
+
+					SetWindowTextW (GetDlgItem (hwndDlg, IDC_REMEMBER_PASSWORD), GetString ("REMEMBER_PASSWORD"));
+					SetWindowTextW (GetDlgItem (hwndDlg, IDC_STORE_RESCUE_DISK), GetString ("STORE_RESCUE_DISK"));
+					SetWindowTextW (GetDlgItem (hwndDlg, IDC_BACKUP_DATA), GetString ("BACKUP_DATA"));
+			 	
+					SendMessage(GetDlgItem(hwndDlg, IDC_REMEMBER_PASSWORD), WM_SETFONT, (WPARAM)hUserBoldFont, (LPARAM)TRUE);
+					SendMessage(GetDlgItem(hwndDlg, IDC_STORE_RESCUE_DISK), WM_SETFONT, (WPARAM)hUserBoldFont, (LPARAM)TRUE);
+					SendMessage(GetDlgItem(hwndDlg, IDC_BACKUP_DATA), WM_SETFONT, (WPARAM)hUserBoldFont, (LPARAM)TRUE);
+
+					bChecklistA = FALSE;
+					bChecklistB = FALSE;
+					bChecklistC = FALSE;
+				
+					SetWindowTextW(GetDlgItem(GetParent(hwndDlg), IDC_BOX_TITLE), GetString("CHECKLIST_TITLE"));
+			
+					SetDlgItemText(hwndDlg, IDC_BROWSE, GetString ("OPEN_PATH_CHECKLIST_PAGE"));
+					SetWindowTextW (GetDlgItem (hwndDlg, IDT_STORE_RESCUE_DISK), GetString ("RESCUE_DISK_CHECKLIST_B"));
+					SetWindowTextW (GetDlgItem (hwndDlg, IDT_REMEMBER_PASSWORD), GetString ("RESCUE_DISK_CHECKLIST_A"));
+					SetWindowTextW (GetDlgItem (hwndDlg, IDT_BACKUP_DATA), GetString ("RESCUE_DISK_CHECKLIST_C"));
+
+					EnableWindow(GetDlgItem(hwndDlg, IDC_REMEMBER_PASSWORD), TRUE);
+					EnableWindow(GetDlgItem(hwndDlg, IDC_STORE_RESCUE_DISK), TRUE);
+					EnableWindow(GetDlgItem(hwndDlg, IDC_BACKUP_DATA), TRUE);
+
+					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
+
+					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
+					EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
+					EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE);
+				}
+				else
+				{
+					/* Hide elements from Checklist page and show Wipe mode page */
+					ShowWindow (GetDlgItem (hwndDlg, IDC_CHECKLIST_A), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_CHECKLIST_B), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_CHECKLIST_C), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_STORE_RESCUE_DISK), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_REMEMBER_PASSWORD), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_BACKUP_DATA), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDT_REMEMBER_PASSWORD), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDT_STORE_RESCUE_DISK), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDT_BACKUP_DATA), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_BROWSE), SW_HIDE);
+					ShowWindow (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH), SW_HIDE);
+					
+					if (nWipeMode == TC_WIPE_1_RAND)
+						nWipeMode = TC_WIPE_NONE;
+
+					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("WIPE_MODE_TITLE"));
+					SetWindowTextW (GetDlgItem (hwndDlg, IDT_WIPE_MODE_INFO), GetString ("INPLACE_ENC_WIPE_MODE_INFO"));
+
+					PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE),
+						SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING && !bInPlaceEncNonSys,
+						TRUE,
+						FALSE);
 
-				SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
+					SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
 
-				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
+					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
 
-				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
-				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
-				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
+					EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
+					EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+				}
 			}
 			break;
 
@@ -4691,7 +4768,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				{
 					StringCbPrintfW (finalMsg, sizeof(finalMsg),
 						GetString ("SYS_ENCRYPTION_PRETEST_INFO"),
-						BootEncObj->GetSystemDriveConfiguration().DriveNumber);
+						GetSystemDriveLetter ());
 				}
 				catch (Exception &e)
 				{
@@ -4715,14 +4792,30 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_TITLE"));
 			SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_INFO"));
 
+			ShowWindow (GetDlgItem (hwndDlg, IDC_CHECKBOX_PRETEST), SW_SHOW);
+			SetWindowTextW (GetDlgItem (hwndDlg, IDC_CHECKBOX_PRETEST), GetString ("PRETEST_CHECKBOX"));
+
+			bCheckboxPretest = FALSE;
+
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("ENCRYPT"));
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
 			SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER"));
 
-			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
-			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE);
+			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE);
+			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
 			EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE);
 
+			HWND hTooltip;
+			hTooltip = GetDlgItem (GetParent (hwndDlg), IDC_PREV);
+			if (hTooltip)
+			{
+				CreateToolTip (hwndDlg, hTooltip, GetString ("PRETEST_BACK_BUTTON"));
+			}
+			else
+			{
+				MessageBox (0, TEXT ("Cannot find dialog item for tooltip!"), 0, 0);
+			}
+
 			break;
 
 		case SYSENC_ENCRYPTION_PAGE:
@@ -4744,8 +4837,9 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 
 				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE),
 					GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPTION" : "DECRYPTION"));
-
-				SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_ENCRYPTION_PAGE_INFO"));
+				
+				SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), 
+					GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "SYSENC_ENCRYPTION_PAGE_INFO" : "SYSENC_DECRYPTION_PAGE_INFO"));
 
 				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER"));
 
@@ -4763,8 +4857,6 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE);
 				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE);
 
-				ToHyperlink (hwndDlg, IDC_MORE_INFO_SYS_ENCRYPTION);
-
 				if (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING)
 				{
 					nWipeMode = TC_WIPE_NONE;
@@ -4780,6 +4872,13 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 					SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);
 				}
 
+				if (nWipeMode == TC_WIPE_NONE)
+				{
+					ShowWindow (GetDlgItem(hwndDlg, IDC_WIPE_MODE), SW_HIDE);
+					ShowWindow (GetDlgItem(hwndDlg, IDT_FORMAT_OPTIONS), SW_HIDE);
+					ShowWindow (GetDlgItem(hwndDlg, IDT_WIPE_MODE), SW_HIDE);
+				}
+
 				PostMessage (hwndDlg, TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS, 0, 0);
 			}
 			else
@@ -5269,6 +5368,38 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 
 	case WM_CTLCOLORSTATIC:
 		{
+			if ((HWND)lParam == GetDlgItem (hwndDlg, PASSWORD_METER) && iPasswordStrength == 1)
+			{
+				// we're about to draw the static
+				// set the text colour in (HDC)lParam
+				SetBkMode ((HDC)wParam, TRANSPARENT);
+				SetTextColor ((HDC)wParam, RGB(255, 0, 0)); // password weak red	
+				return (BOOL)GetSysColorBrush(COLOR_MENU);
+			}
+
+			if ((HWND)lParam == GetDlgItem (hwndDlg, PASSWORD_METER) && iPasswordStrength == 2)
+			{	
+				// we're about to draw the static
+				// set the text colour in (HDC)lParam
+				SetBkMode ((HDC)wParam, TRANSPARENT);
+				SetTextColor ((HDC)wParam, RGB (255, 165, 0)); // password medium orange	
+				return (BOOL) GetSysColorBrush (COLOR_MENU);
+			}
+			
+			if ((HWND)lParam == GetDlgItem (hwndDlg, PASSWORD_METER) && iPasswordStrength == 3)
+			{
+				SetBkMode ((HDC)wParam, TRANSPARENT);
+				SetTextColor ((HDC)wParam, RGB (218, 218, 0)); // password strong yellow	
+				return (BOOL) GetSysColorBrush (COLOR_MENU);
+			}
+			
+			if ((HWND)lParam == GetDlgItem (hwndDlg, PASSWORD_METER) && iPasswordStrength == 4)
+			{
+				SetBkMode((HDC)wParam, TRANSPARENT);
+				SetTextColor((HDC)wParam, RGB(50, 205, 50)); // password very strong green	
+				return (BOOL) GetSysColorBrush (COLOR_MENU);
+			}
+
 			if (PimValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIM_HELP)) )
 			{
 				// we're about to draw the static
@@ -5331,6 +5462,22 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			}
 		}
 
+		if (lw == IDC_ADVANCE_INTRO && nCurPageNo == SYSENC_TYPE_PAGE)
+		{
+			DialogBoxParamW(hInst,
+				MAKEINTRESOURCEW(IDD_ADVANCE_MBR), hwndDlg,
+				(DLGPROC)AdvanceDlgProcIntro, NULL);
+			return 1;
+		}
+
+		if (lw == IDC_ADVANCE && nCurPageNo == PASSWORD_PAGE)	
+		{
+			DialogBoxParamW(hInst,
+				MAKEINTRESOURCEW(IDD_ADVANCE), hwndDlg,
+				(DLGPROC)AdvanceDlgProc, NULL);
+			return 1;
+		}
+
 		if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE && lw == IDC_HIDDEN_SYSENC_INFO_LINK)
 		{
 			Applink ("hiddensysenc");
@@ -5679,14 +5826,56 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 
 		if (hw == EN_CHANGE && nCurPageNo == PASSWORD_PAGE)
 		{
-			VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT),
-				GetDlgItem (hwndDlg, IDC_PASSWORD),
-				GetDlgItem (hwndDlg, IDC_VERIFY),
-				NULL,
-				NULL,
-				KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());
+			// If 'Next' button was clicked (and keyboard layout is not US), don't verify
+			if (!bNextButtonClicked)
+			{
+				VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT),
+						GetDlgItem(hCurPage, IDC_PASSWORD),
+						GetDlgItem(hCurPage, IDC_VERIFY),
+						NULL,
+						NULL,
+						KeyFilesEnable && FirstKeyFile != NULL && !SysEncInEffect());
+
+				bNextButtonClicked = FALSE;
+			}
+
 			volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
+			
+			SendMessage (GetDlgItem (hwndDlg, PASSWORD_METER), WM_SETFONT, (WPARAM)hUserBoldFont, (LPARAM)TRUE);
+			
+			memset (&tempPassword[0], 0, sizeof (tempPassword));
+
+			if (GetPassword (hCurPage, IDC_PASSWORD, tempPassword, iMaxPasswordLength + 1, FALSE, TRUE))
+				iPasswordStrength = PrintStrongness (tempPassword, strlen (tempPassword));
+			else
+				Error ("ERROR_GETTING_PWD", hwndDlg);
 
+			burn (tempPassword, sizeof (tempPassword));
+
+			if (iPasswordStrength == very_strong)
+			{
+				SetWindowTextW (GetDlgItem (hwndDlg, PASSWORD_METER), GetString ("VERY_STRONG_PASSWORD"));
+				EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), TRUE);
+			}
+			else if (iPasswordStrength == strong)
+			{
+				SetWindowTextW (GetDlgItem (hwndDlg, PASSWORD_METER), GetString ("STRONG_PASSWORD"));
+				EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), TRUE);
+			}
+			else if (iPasswordStrength == medium)
+			{
+				EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), TRUE);
+				SetWindowTextW (GetDlgItem (hwndDlg, PASSWORD_METER), GetString ("MEDIUM_PASSWORD"));
+			}
+			else if (iPasswordStrength == weak)
+			{
+				EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+				SetWindowTextW (GetDlgItem (hwndDlg, PASSWORD_METER), GetString ("WEAK_PASSWORD"));
+			}
+			else
+			{
+				SetWindowTextW (GetDlgItem (hwndDlg, PASSWORD_METER), GetString ("VERY_WEAK_PASSWORD"));
+			}
 			return 1;
 		}
 
@@ -5721,6 +5910,32 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			return 1;
 		}
 
+		if (lw == IDC_CHECKLIST_A)
+		{
+			bChecklistA = GetCheckBox (hwndDlg, IDC_CHECKLIST_A);
+			bChecklistB = GetCheckBox (hwndDlg, IDC_CHECKLIST_B);
+			bChecklistC = GetCheckBox (hwndDlg, IDC_CHECKLIST_C);
+		}
+		
+		if (lw == IDC_CHECKLIST_B)	
+		{
+			bChecklistA = GetCheckBox (hwndDlg, IDC_CHECKLIST_A);
+			bChecklistB = GetCheckBox (hwndDlg, IDC_CHECKLIST_B);
+			bChecklistC = GetCheckBox (hwndDlg, IDC_CHECKLIST_C);
+		}
+
+		if (lw == IDC_CHECKLIST_C)
+		{
+			bChecklistA = GetCheckBox (hwndDlg, IDC_CHECKLIST_A);
+			bChecklistB = GetCheckBox (hwndDlg, IDC_CHECKLIST_B);
+			bChecklistC = GetCheckBox (hwndDlg, IDC_CHECKLIST_C);
+		}
+
+		if (lw == IDC_CHECKBOX_PRETEST)
+		{
+			bCheckboxPretest = GetCheckBox (hwndDlg, IDC_CHECKBOX_PRETEST);
+		}
+
 		if (lw == IDC_PIM_ENABLE)
 		{
 			PimEnable = GetCheckBox (hwndDlg, IDC_PIM_ENABLE);
@@ -6050,14 +6265,47 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			}
 		}
 
-		if (nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE && lw == IDC_DOWNLOAD_CD_BURN_SOFTWARE)
+		/* The password and rescue checkbox have to be clicked in order to enable the next button */
+		if ((nCurPageNo == SYSENC_WIPE_MODE_PAGE || nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE) && 
+			(lw == IDC_CHECKLIST_A || lw == IDC_CHECKLIST_B || lw == IDC_CHECKLIST_C))
 		{
-			if (IsWindowsIsoBurnerAvailable())
-				LaunchWindowsIsoBurner (hwndDlg, szRescueDiskISO);
-			else
-				Applink ("isoburning");
+			if (SysEncInEffect ())
+			{
+				if (bChecklistA && bChecklistB && bChecklistC)
+					EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+				else
+					EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE);
+			}
+		}
 
-			return 1;
+		if (lw == IDC_BROWSE && (nCurPageNo == SYSENC_WIPE_MODE_PAGE || nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE))
+		{
+			wchar_t tmpszRescueDiskISO [TC_MAX_PATH+1];
+
+			StringCbCopyW (tmpszRescueDiskISO, sizeof(tmpszRescueDiskISO), szRescueDiskISO);
+
+			//detects the last '\' in order to remove the name of the zip file and save file name	
+			for (int i = wcslen(tmpszRescueDiskISO); i > 1; i--)
+			{
+				if (tmpszRescueDiskISO[i] == '\\')
+				{
+					for (int j = i + 1; i < wcslen(tmpszRescueDiskISO); i++)
+						tmpszRescueDiskISO[j] = '\0';
+					break;
+				}
+			}
+			
+			if(!BrowseFile (hwndDlg, "RESCUE_DISK_PATH", tmpszRescueDiskISO))
+				return 1;
+
+			return 0;
+		}
+		if (nCurPageNo == SYSENC_PRETEST_RESULT_PAGE && lw == IDC_CHECKBOX_PRETEST)
+		{
+			if (bCheckboxPretest)
+				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
+			else
+				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), FALSE);
 		}
 
 		if ((nCurPageNo == SYSENC_WIPE_MODE_PAGE
@@ -6371,11 +6619,9 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			}
 
 			SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, szRescueDiskISO);
-			if (bSystemIsGPT)
-				StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.zip");
-			else
-				StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.iso");
 
+			StringCbCatW (szRescueDiskISO, sizeof(szRescueDiskISO), L"\\VeraCrypt Rescue Disk.zip");
+			
 			if (IsOSAtLeast (WIN_VISTA))
 			{
 				// Availability of in-place encryption (which is pre-selected by default whenever
@@ -6659,6 +6905,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 
 					keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE);
 
+					// East Asian languages are not translated to US keyboard layout so we need to change keyboard layout
 					if (keybLayout != 0x00000409 && keybLayout != 0x04090409)
 					{
 						KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD);
@@ -6666,34 +6913,31 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						EndMainDlg (MainDlg);
 						return 1;
 					}
-
+						
 					bKeyboardLayoutChanged = TRUE;
-
 					wchar_t szTmp [4096];
 					StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED"));
 					StringCbCatW (szTmp, sizeof(szTmp), L"\n\n");
 					StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION"));
 					MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST);
-				}
-
-				/* Watch the right Alt key (which is used to enter various characters on non-US keyboards) */
 
-				if (bKeyboardLayoutChanged && !bKeybLayoutAltKeyWarningShown)
-				{
-					if (GetAsyncKeyState (VK_RMENU) < 0)
+					if (bKeyboardLayoutChanged && !bKeybLayoutAltKeyWarningShown)
 					{
-						bKeybLayoutAltKeyWarningShown = TRUE;
+						if (GetAsyncKeyState (VK_RMENU) < 0)
+						{
+							bKeybLayoutAltKeyWarningShown = TRUE;
 
-						wchar_t szTmp [4096];
-						StringCbCopyW (szTmp, sizeof(szTmp), GetString ("ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION"));
-						StringCbCatW (szTmp, sizeof(szTmp), L"\n\n");
-						StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION"));
-						MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION  | MB_SETFOREGROUND | MB_TOPMOST);
+
+							wchar_t szTmp [4096];
+							StringCbCopyW (szTmp, sizeof(szTmp), GetString ("ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION"));
+							StringCbCatW (szTmp, sizeof(szTmp), L"\n\n");
+							StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION"));
+							MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION  | MB_SETFOREGROUND | MB_TOPMOST);
+						}
 					}
 				}
 			}
 			return 1;
-
 		case TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS:
 
 			if (bSysEncDriveAnalysisInProgress)
@@ -7014,7 +7258,20 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 
 		if (lw == IDHELP)
 		{
-			OpenPageHelp (hwndDlg, nCurPageNo);
+			if (nCurPageNo == SYSENC_RESCUE_DISK_CREATION_PAGE ||
+				nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE ||
+				nCurPageNo == SYSENC_RESCUE_DISK_VERIFIED_PAGE)
+			{
+				Applink("rescue");
+			}
+			else if (nCurPageNo == PASSWORD_PAGE)
+			{
+				Applink("passwords");
+			}
+			else
+			{
+				OpenPageHelp(hwndDlg, nCurPageNo);
+			}
 			return 1;
 		}
 		else if (lw == IDCANCEL)
@@ -7083,7 +7340,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				}
 
 				if (!bHiddenOS)
-					nNewPageNo = SYSENC_SPAN_PAGE - 1;	// Skip irrelevant pages
+					nNewPageNo = PASSWORD_PAGE - 1;	// Skip irrelevant pages
 			}
 			else if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE)
 			{
@@ -7627,6 +7884,11 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 
 			else if (nCurPageNo == PASSWORD_PAGE)
 			{
+				if (SysEncInEffect ())
+				{
+					wchar_t tmpPwd[MAX_PASSWORD + 1];
+					GetWindowText (GetDlgItem (hCurPage, IDC_PASSWORD), tmpPwd, iMaxPasswordLength + 1);
+				}
 				VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT),
 					GetDlgItem (hCurPage, IDC_PASSWORD),
 					GetDlgItem (hCurPage, IDC_VERIFY),
@@ -7644,7 +7906,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg);
 						return 1;
 					}
-					// Check password length (check also done for outer volume which is not the case in TrueCrypt).
+					// Check password length (check also done for outer volume which is not the case in TrueCrypt).	
 					else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), SysEncInEffect()? hash_algo : 0, FALSE, FALSE))
 					{
 						return 1;
@@ -7683,7 +7945,6 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						else
 							bKeyboardLayoutChanged = FALSE;
 					}
-
 				}
 
 				if (!PimEnable)
@@ -7704,11 +7965,6 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						}
 					}
 
-					if (SysEncInEffect ())
-					{
-						nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1;	// Skip irrelevant pages
-					}
-
 					if (bInPlaceEncNonSys)
 					{
 						nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1;		// Skip irrelevant pages
@@ -7721,20 +7977,55 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 					}
 
 				}
-			}
-
-			else if (nCurPageNo == PIM_PAGE)
-			{
-				volumePim = GetPim (hCurPage, IDC_PIM, 0);
 
-				if (!SysEncInEffect() && (volumePim > MAX_PIM_VALUE))
-				{
-					SetFocus (GetDlgItem(hCurPage, IDC_PIM));
-					Error ("PIM_TOO_BIG", hwndDlg);
-					return 1;
-				}
 
-				if (!CreatingHiddenSysVol() && bHiddenVol && !bHiddenVolHost)
+				if (SysEncInEffect ())
+				{
+					if (PimEnable)
+						nNewPageNo = PIM_PAGE - 1;
+					else
+					{
+						nNewPageNo = SYSENC_RESCUE_DISK_CREATION_PAGE - 1; // Skip irrelevant pages
+						
+						wchar_t tmp[RANDPOOL_DISPLAY_SIZE + 1];
+						if (!bInPlaceEncNonSys)
+						{
+							/* Generate master key and other related data (except the rescue disk) for system encryption. */
+							try
+							{
+								WaitCursor();
+								BootEncObj->PrepareInstallation(!bWholeSysDrive, volumePassword, nVolumeEA, FIRST_MODE_OF_OPERATION_ID, hash_algo, volumePim, L"");
+							}
+							catch (Exception &e)
+							{
+								e.Show(hwndDlg);
+								NormalCursor();
+								return 1;
+							}
+						}
+						KillTimer(hwndDlg, TIMER_ID_RANDVIEW);
+						// Attempt to wipe the GUI field showing portions of randpool	
+						wmemset(tmp, L'X', ARRAYSIZE(tmp));
+						tmp[ARRAYSIZE(tmp) - 1] = 0;
+						SetWindowText(hRandPoolSys, tmp);
+						NormalCursor();
+					}
+
+				}
+			}
+
+			else if (nCurPageNo == PIM_PAGE)
+			{
+				volumePim = GetPim (hCurPage, IDC_PIM, 0);
+
+				if (!SysEncInEffect() && (volumePim > MAX_PIM_VALUE))
+				{
+					SetFocus (GetDlgItem(hCurPage, IDC_PIM));
+					Error ("PIM_TOO_BIG", hwndDlg);
+					return 1;
+				}
+
+				if (!CreatingHiddenSysVol() && bHiddenVol && !bHiddenVolHost)
 				{
 					if (	(volumePim == outerVolumePim)
 						&&	(volumePassword.Length == outerVolumePassword.Length)
@@ -7756,18 +8047,12 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						return 1;
 					}
 					// Check password length (check also done for outer volume which is not the case in TrueCrypt).
-					else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePim, SysEncInEffect(), SysEncInEffect()? hash_algo : 0, TRUE, FALSE))
+					else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePim, SysEncInEffect(), SysEncInEffect()? hash_algo : 0, FALSE, FALSE))
 					{
 						return 1;
 					}
 				}
 
-				if (SysEncInEffect ())
-				{
-
-					nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1;	// Skip irrelevant pages
-				}
-
 				if (bInPlaceEncNonSys)
 				{
 					nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1;		// Skip irrelevant pages
@@ -7778,6 +8063,34 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				{
 					nNewPageNo = FORMAT_PAGE - 1;				// Skip irrelevant pages
 				}
+
+				if (SysEncInEffect ())
+				{
+					nNewPageNo = SYSENC_RESCUE_DISK_CREATION_PAGE - 1;	// Skip irrelevant pages
+					
+					wchar_t tmp[RANDPOOL_DISPLAY_SIZE + 1];
+					if (!bInPlaceEncNonSys)
+					{
+						/* Generate master key and other related data (except the rescue disk) for system encryption. */
+						try
+						{
+							WaitCursor();
+							BootEncObj->PrepareInstallation(!bWholeSysDrive, volumePassword, nVolumeEA, FIRST_MODE_OF_OPERATION_ID, hash_algo, volumePim, L"");
+						}
+						catch (Exception &e)
+						{
+							e.Show(hwndDlg);
+							NormalCursor();
+							return 1;
+						}
+					}
+					KillTimer(hwndDlg, TIMER_ID_RANDVIEW);
+					// Attempt to wipe the GUI field showing portions of randpool	
+					wmemset(tmp, L'X', ARRAYSIZE(tmp));
+					tmp[ARRAYSIZE(tmp) - 1] = 0;
+					SetWindowText(hRandPoolSys, tmp);
+					NormalCursor();
+				}
 			}
 
 			else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE
@@ -8803,6 +9116,26 @@ ovf_end:
 				if (!bHiddenOS)
 					nNewPageNo = SYSENC_TYPE_PAGE + 1;
 			}
+
+			if (nCurPageNo == SYSENC_RESCUE_DISK_CREATION_PAGE)
+			{
+				if (SysEncInEffect ())
+				{
+					nNewPageNo = (PimEnable? PIM_PAGE : PASSWORD_PAGE) + 1;
+				}
+			}
+
+			if (nCurPageNo == SYSENC_RESCUE_DISK_BURN_PAGE)
+			{
+				nNewPageNo = SYSENC_RESCUE_DISK_BURN_PAGE + 1; // Stay on the same page
+				Warning("RESCUE_DISK_BACK_BUTTON", hwndDlg);
+			}
+
+			if (nCurPageNo == SYSENC_PRETEST_RESULT_PAGE)
+			{
+				nNewPageNo = SYSENC_PRETEST_RESULT_PAGE + 1; // Stay on the same page
+			}
+
 			if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE)
 			{
 				// Skip the drive analysis page(s) or other irrelevant pages when going back
@@ -8928,7 +9261,10 @@ ovf_end:
 
 				if (SysEncInEffect ())
 				{
-					nNewPageNo = CIPHER_PAGE + 1;				// Skip irrelevant pages
+					if (!bHiddenOS)
+						nNewPageNo = SYSENC_TYPE_PAGE + 1;			// Skip irrelevant pages
+					else
+						nNewPageNo = CIPHER_PAGE + 1;				// Skip irrelevant pages
 
 					KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD);
 
@@ -10631,3 +10967,512 @@ static DWORD GetFormatSectorSize ()
 
 	return geometry.Geometry.BytesPerSector;
 }
+
+/* This function is called when advanced dialog in intro page is open */
+BOOL CALLBACK AdvanceDlgProcIntro (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam)
+{
+	WORD lw = LOWORD(wParam);
+
+	switch (msg)
+	{
+	case WM_INITDIALOG:
+
+		bHiddenVolHost = bHiddenVol = bHiddenOS;
+			
+		SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_HIDDEN), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE);
+		SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_NORMAL), WM_SETFONT, (WPARAM) hUserBoldFont, (LPARAM) TRUE);
+
+		CheckButton (GetDlgItem (hwndDlg, bHiddenOS ? IDC_SYSENC_HIDDEN : IDC_SYSENC_NORMAL));
+		
+		return 1;
+	case WM_COMMAND:
+		{
+			if (lw == IDCANCEL)
+			{
+				EndDialog(hwndDlg, lw);
+				return 1;
+			}
+
+			if(lw == IDOK)
+			{
+				if (bHiddenOS)
+				{
+					bWholeSysDrive = FALSE;
+					bHiddenVolDirect = FALSE;
+				}
+				EndDialog(hwndDlg, lw);
+				return 1;
+			}
+			
+			if (lw == IDC_SYSENC_HIDDEN)
+			{
+				SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_NORMAL), BM_SETCHECK, BST_UNCHECKED, 0);
+				
+				bHiddenOS = TRUE;
+				bHiddenVol = TRUE;
+				bHiddenVolHost = TRUE;
+				return 1;
+			}	
+
+			if (lw == IDC_SYSENC_NORMAL)
+			{
+				SendMessage (GetDlgItem (hwndDlg, IDC_SYSENC_HIDDEN), BM_SETCHECK, BST_UNCHECKED, 0);
+
+				bHiddenOS = FALSE;
+				bHiddenVol = FALSE;
+				bHiddenVolHost = FALSE;
+				return 1;
+			}
+				
+			if(lw == IDHELP)
+			{
+				Applink ("hiddensysenc");
+				return 1;
+			}
+		}
+	}
+	return 0;
+}
+
+/* AES, HASH, Pim and Wipe mode can be selected here */
+BOOL CALLBACK AdvanceDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam)
+{
+	WORD lw = LOWORD(wParam);
+	WORD hw = HIWORD(wParam);
+	int ea, hid;
+	wchar_t  buf[100];	
+	BOOL bNTFSallowed = FALSE;
+	BOOL bFATallowed = FALSE;
+	BOOL bEXFATallowed = FALSE;
+	BOOL bReFSallowed = FALSE;
+	BOOL bNoFSallowed = FALSE;
+	hCurPage = hwndDlg;
+	
+	switch (msg)
+	{
+	case WM_INITDIALOG:
+	{
+		SetWindowTextW ( GetDlgItem (hwndDlg, IDT_IMPORTANT_NOTE), GetString ("ADV_FEATURES_NOTE"));
+		SetWindowTextW ( GetDlgItem (hwndDlg, IDT_PIM_INFO), GetString ("PIM_INFO"));
+		SetWindowTextW ( GetDlgItem (hwndDlg, IDT_WIPE_INFO), GetString ("WIPE_INFO"));
+		
+		/* Encryption algorithms */
+
+		SendMessage(GetDlgItem(hwndDlg, IDC_COMBO_BOX), CB_RESETCONTENT, 0, 0);
+		
+		for (ea = EAGetFirst (); ea != 0; ea = EAGetNext (ea))
+		{
+			if (EAIsFormatEnabled (ea) && (!SysEncInEffect () || bSystemIsGPT || EAIsMbrSysEncEnabled (ea)))
+				AddComboPair (GetDlgItem (hwndDlg, IDC_COMBO_BOX), EAGetName (buf, ARRAYSIZE(buf), ea, 1), ea);
+		}
+
+		SelectAlgo (GetDlgItem (hwndDlg, IDC_COMBO_BOX), &nVolumeEA);
+		ComboSelChangeEA (hwndDlg);
+		SetFocus (GetDlgItem (hwndDlg, IDC_COMBO_BOX));
+						
+		/* Hash algorithms */
+		if (SysEncInEffect())
+		{
+			RandSetHashFunction(hash_algo);
+			for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)
+			{
+				// Use blake2s for hashing
+				if (((hid == BLAKE2S) || !HashIsDeprecated(hid)) && (bSystemIsGPT || HashForSystemEncryption(hid)))
+					AddComboPair(GetDlgItem(hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid);
+			}
+		}
+		else
+		{
+			hash_algo = RandGetHashFunction();
+			for (hid = FIRST_PRF_ID; hid <= LAST_PRF_ID; hid++)
+			{
+				if (!HashIsDeprecated(hid))
+					AddComboPair(GetDlgItem(hwndDlg, IDC_COMBO_BOX_HASH_ALGO), HashGetName(hid), hid);
+			}
+		}
+
+		if (CreatingHiddenSysVol())
+				Warning ("HIDDEN_OS_PRE_CIPHER_WARNING", MainDlg);
+
+		SetWindowText(GetDlgItem(hwndDlg, IDC_SHA512_HELP), GetString("SHA512_HELP"));
+		SelectAlgo(GetDlgItem(hwndDlg, IDC_COMBO_BOX_HASH_ALGO), &hash_algo);
+
+		/* file system options */
+		SetTimer(GetParent(hwndDlg), TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL);
+
+		hMasterKey = GetDlgItem(hwndDlg, IDC_DISK_KEY);
+		hHeaderKey = GetDlgItem(hwndDlg, IDC_HEADER_KEY);
+		hRandPool = GetDlgItem(hwndDlg, IDC_RANDOM_BYTES);
+
+		SendMessage(GetDlgItem(hwndDlg, IDC_RANDOM_BYTES), WM_SETFONT, (WPARAM)hFixedDigitFont, (LPARAM)TRUE);
+		SendMessage(GetDlgItem(hwndDlg, IDC_DISK_KEY), WM_SETFONT, (WPARAM)hFixedDigitFont, (LPARAM)TRUE);
+		SendMessage(GetDlgItem(hwndDlg, IDC_HEADER_KEY), WM_SETFONT, (WPARAM)hFixedDigitFont, (LPARAM)TRUE);
+
+		/* Quick/Dynamic */
+
+		if (bHiddenVol)
+		{
+			quickFormat = !bHiddenVolHost;
+			dynamicFormat = FALSE;
+			bSparseFileSwitch = FALSE;
+		}
+		else
+		{
+			if (bDevice)
+			{
+				dynamicFormat = FALSE;
+				bSparseFileSwitch = FALSE;
+			}
+			else
+			{
+				wchar_t root[TC_MAX_PATH];
+				DWORD fileSystemFlags = 0;
+
+				/* Check if the host file system supports sparse files */
+
+				if (GetVolumePathName (szFileName, root, array_capacity (root)))
+				{
+					GetVolumeInformation (root, NULL, 0, NULL, NULL, &fileSystemFlags, NULL, 0);
+					bSparseFileSwitch = fileSystemFlags & FILE_SUPPORTS_SPARSE_FILES;
+				}
+				else
+					bSparseFileSwitch = FALSE;
+				if (!bSparseFileSwitch)
+				{
+					dynamicFormat = FALSE;
+				}
+			}
+		}
+		SendMessage (GetDlgItem (hwndDlg, IDC_SHOW_KEYS), BM_SETCHECK, showKeys ? BST_CHECKED : BST_UNCHECKED, 0);
+		SetWindowText (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), showKeys ? L"" : L"********************************                                              ");
+		SetWindowText (GetDlgItem (hwndDlg, IDC_HEADER_KEY), showKeys ? L"" : L"********************************                                              ");
+		SetWindowText (GetDlgItem (hwndDlg, IDC_DISK_KEY), showKeys ? L"" : L"********************************                                              ");
+
+		SendMessage(GetDlgItem(hwndDlg, IDC_CLUSTERSIZE), CB_RESETCONTENT, 0, 0);
+		AddComboPairW(GetDlgItem(hwndDlg, IDC_CLUSTERSIZE), GetString("DEFAULT"), 0);
+		SendMessage(GetDlgItem(hwndDlg, IDC_CLUSTERSIZE), CB_SETCURSEL, 0, 0);
+		EnableWindow(GetDlgItem(hwndDlg, IDC_CLUSTERSIZE), TRUE);
+
+		/* Filesystems */
+		bNTFSallowed = FALSE;
+		bFATallowed = FALSE;
+		bEXFATallowed = FALSE;
+		bReFSallowed = FALSE;
+		bNoFSallowed = FALSE;
+
+		SendMessage(GetDlgItem(hwndDlg, IDC_FILESYS), CB_RESETCONTENT, 0, 0);
+		EnableWindow(GetDlgItem(hwndDlg, IDC_FILESYS), TRUE);
+
+		uint64 dataAreaSize = GetVolumeDataAreaSize (bHiddenVol && !bHiddenVolHost, nVolumeSize);
+		
+		if (!CreatingHiddenSysVol())
+		{
+			if (dataAreaSize >= TC_MIN_NTFS_FS_SIZE && dataAreaSize <= TC_MAX_NTFS_FS_SIZE)
+			{
+				AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"NTFS", FILESYS_NTFS);
+				bNTFSallowed = TRUE;
+			}
+
+			if (dataAreaSize >= TC_MIN_FAT_FS_SIZE && dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * GetFormatSectorSize())
+			{
+				AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"FAT", FILESYS_FAT);
+				bFATallowed = TRUE;
+			}
+
+			//exFAT support added starting from Vista SP1
+			if (IsOSVersionAtLeast (WIN_VISTA, 1) && dataAreaSize >= TC_MIN_EXFAT_FS_SIZE && dataAreaSize <= TC_MAX_EXFAT_FS_SIZE)
+			{
+				AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"exFAT", FILESYS_EXFAT);
+				bEXFATallowed = TRUE;
+			}
+
+			//ReFS write support activated by default starting from Windows 10
+			//We don't support it yet for the creation of hidden volumes
+			if ((!bHiddenVolHost) && IsOSVersionAtLeast (WIN_10, 0) && dataAreaSize >= TC_MIN_REFS_FS_SIZE && dataAreaSize <= TC_MAX_REFS_FS_SIZE)
+			{
+				AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"ReFS", FILESYS_REFS);
+				bReFSallowed = TRUE;
+			}
+		}
+		else
+		{
+			// We're creating a hidden volume for a hidden OS, so we don't need to format it with
+			// any filesystem (the entire OS will be copied to the hidden volume sector by sector).
+			EnableWindow (GetDlgItem (hwndDlg, IDC_FILESYS), FALSE);
+			EnableWindow (GetDlgItem (hwndDlg, IDC_CLUSTERSIZE), FALSE);
+		}
+		if (!bHiddenVolHost)
+		{
+			AddComboPairW(GetDlgItem(hwndDlg, IDC_FILESYS), GetString("NONE"), FILESYS_NONE);
+			bNoFSallowed = TRUE;
+		}
+		if (fileSystem == FILESYS_NONE)	// If no file system has been previously selected	
+		{
+			// Set default file system
+
+			if (bFATallowed && !(nNeedToStoreFilesOver4GB == 1 && (bNTFSallowed || bEXFATallowed || bReFSallowed)))
+				fileSystem = FILESYS_FAT;
+			else if (bEXFATallowed)
+				fileSystem = FILESYS_EXFAT;
+			else if (bNTFSallowed)
+				fileSystem = FILESYS_NTFS;
+			else if (bReFSallowed)
+				fileSystem = FILESYS_REFS;
+			else if (bNoFSallowed)
+				fileSystem = FILESYS_NONE;
+			else
+			{
+				AddComboPair (GetDlgItem (hwndDlg, IDC_FILESYS), L"---", 0);
+			}
+		}
+		
+		SendMessage(GetDlgItem(hwndDlg, IDC_FILESYS), CB_SETCURSEL, 0, 0);
+		SelectAlgo(GetDlgItem(hwndDlg, IDC_FILESYS), (int *)&fileSystem);
+	
+		/* PIM and Wipe mode */
+		SetCheckBox(hwndDlg, IDC_PIM_ENABLE, PimEnable);
+		
+		PopulateWipeModeCombo(GetDlgItem(hwndDlg, IDC_WIPE_MODE),
+			SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING && !bInPlaceEncNonSys,
+			TRUE,
+			FALSE);
+		SelectAlgo(GetDlgItem(hwndDlg, IDC_WIPE_MODE), (int *)&nWipeMode);
+		SetFocus(GetDlgItem(GetParent(hwndDlg), IDOK));
+	}
+	return 1;
+	case WM_COMMAND:
+		if (lw == IDCANCEL)
+		{
+			EndDialog(hwndDlg, lw);
+			return 1;
+		}
+		if (lw == IDOK)
+		{
+			/* Save hash and encryption algo */
+			LPARAM nIndex;
+			nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0);
+			nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);
+			
+			if (!bSystemIsGPT && SysEncInEffect ()
+				&& EAGetCipherCount (nVolumeEA) > 1)		// Cascade?
+			{
+				if (AskWarnNoYes ("CONFIRM_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg) == IDNO)
+					return 1;
+
+				if (!bHiddenOS)
+					Info ("NOTE_CASCADE_FOR_SYS_ENCRYPTION", hwndDlg);
+			}
+
+			nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETCURSEL, 0, 0);
+			hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), CB_GETITEMDATA, nIndex, 0);
+
+			RandSetHashFunction (hash_algo);
+
+			/* Save PIM and Wipe mode */
+			nWipeMode = (WipeAlgorithmId)SendMessage(GetDlgItem(hwndDlg, IDC_WIPE_MODE),
+				CB_GETITEMDATA,
+				SendMessage(GetDlgItem(hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0),
+				0);
+
+			PimEnable = GetCheckBox(hwndDlg, IDC_PIM_ENABLE);
+			SetCheckBox(hwndDlg, IDC_PIM_ENABLE, PimEnable);
+
+			EndDialog(hwndDlg, lw);
+			return 1;
+		}
+		if (lw == IDC_CIPHER_TEST)
+		{
+			LPARAM nIndex;
+			int c;
+
+			nIndex = SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0);
+			nVolumeEA = (int) SendMessage (GetDlgItem (hCurPage, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);
+
+			for (c = EAGetLastCipher (nVolumeEA); c != 0; c = EAGetPreviousCipher (nVolumeEA, c))
+			{
+				DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_CIPHER_TEST_DLG),
+					GetParent (hwndDlg), (DLGPROC) CipherTestDialogProc, (LPARAM) c);
+			}
+
+			return 1;
+		}
+	
+		if (lw == IDC_BENCHMARK)
+		{
+			// Reduce CPU load
+			bFastPollEnabled = FALSE;
+			bRandmixEnabled = FALSE;
+
+			DialogBoxParamW (hInst,
+				MAKEINTRESOURCEW (IDD_BENCHMARK_DLG), hwndDlg,
+				(DLGPROC) BenchmarkDlgProc, (LPARAM) bSystemIsGPT);
+
+			bFastPollEnabled = TRUE;
+			bRandmixEnabled = TRUE;
+			return 1;
+		}
+
+		if (lw == IDC_WIPE_MODE && hw == CBN_SELCHANGE)
+		{	
+			Warning ("WIPE_WARNING", hwndDlg);
+			return 1;
+		}
+		
+		if (hw == CBN_SELCHANGE && lw == IDC_COMBO_BOX)
+		{
+			ComboSelChangeEA (hwndDlg);
+			SetWindowTextW (GetDlgItem (hCurPage, IDC_BENCHMARK), GetString ("IDC_BENCHMARK"));
+			return 1;
+		}
+		
+		if (hw == CBN_SELCHANGE && lw == IDC_COMBO_BOX_HASH_ALGO)
+		{
+			ShowWindow (GetDlgItem (hwndDlg, IDT_HASH_ALGO), SW_SHOW);
+			if (SysEncInEffect())
+			{
+				HWND hHashAlgoItem = GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO);
+				int selectedAlgo = (int)SendMessage (hHashAlgoItem, CB_GETITEMDATA, SendMessage (hHashAlgoItem, CB_GETCURSEL, 0, 0), 0);
+				
+				if (!bSystemIsGPT && !HashForSystemEncryption (selectedAlgo))
+				{
+					hash_algo = DEFAULT_HASH_ALGORITHM_BOOT;
+					RandSetHashFunction (DEFAULT_HASH_ALGORITHM_BOOT);
+					Info ("ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION", MainDlg);
+					SelectAlgo (GetDlgItem (hCurPage, IDC_COMBO_BOX_HASH_ALGO), &hash_algo);
+				}
+			}		
+			return 1;
+		}
+
+		if (lw == IDC_PIM_ENABLE)
+		{
+			PimEnable = GetCheckBox (hwndDlg, IDC_PIM_ENABLE);
+			if (!PimEnable)
+				volumePim = 0;
+			return 1;
+		}
+	}
+	return 0;
+}
+
+void
+AddComboPairW (HWND hComboBox, const wchar_t *lpszItem, int value)
+{
+	LPARAM nIndex;
+	nIndex = SendMessageW(hComboBox, CB_ADDSTRING, 0, (LPARAM)lpszItem);
+	nIndex = SendMessage(hComboBox, CB_SETITEMDATA, nIndex, (LPARAM)value);
+}
+
+/* Acording to NIST, only a blacklist check and at least 8 character should be compulsary, no special character check... */
+int PrintStrongness (char input[], unsigned int length)
+{
+	unsigned int n = length;
+	int iReturnValue = 0;
+	if (n < 10)
+	{
+		burn (input, sizeof(input));
+		return iReturnValue = weak;
+	}
+	else if (CheckWord(input))
+	{
+		burn (input, sizeof(input));
+		return iReturnValue = weak;
+	}
+	//Tetermine the strength of the passsord	
+	if ((n >= 13))
+	{
+		iReturnValue = very_strong;
+	}
+	//if 3 out of 4 paramters are true	
+	else if (n >= 10)
+	{	
+		iReturnValue = strong;
+	}
+	//if 2 out of 4 values are true	
+	else if (n >= 8)
+	{
+		iReturnValue = medium;
+	}
+	else
+	{
+		iReturnValue = weak;
+	}
+	burn (input, sizeof(input));
+	return iReturnValue;
+}
+
+/* Check if password is in list
+Credits go Martin York from https://codereview.stackexchange.com/questions/52702/how-to-search-for-a-word-in-a-sorted-text-file-efficiently */
+BOOL CheckWord (char* search)
+{
+	
+	bool isWordInDict(std::string const& word);
+	{
+		struct MyDict : std::set<std::string>
+		{
+			typedef std::set<std::string>::const_iterator const_iterator;
+			MyDict()
+			{
+				wchar_t path[TC_MAX_PATH];
+				wchar_t tmp[TC_MAX_PATH];
+				wchar_t destFileName[TC_MAX_PATH] = L"password1000000.txt";
+				
+				if (GetModuleFileName (NULL, path, ARRAYSIZE (path)) == 0)
+				{
+					Error ("ERROR_GETTING_PATH", MainDlg);
+				}
+
+				StringCbCopyW(tmp, ARRAYSIZE(tmp), path);
+				
+				//detects the last '\' in order to remove the name of the exe file. Afterwards add .txt file in the path	
+				for (int i = wcslen(path); i > 1; i--)
+				{
+					if (tmp[i] == '\\')
+					{
+						for(unsigned int j = i + 1; j < wcslen(path); j++)
+						{
+							tmp[j] = '\0';
+						}
+						break;
+					}
+				}
+				StringCbCatW(tmp, sizeof(tmp), destFileName);
+				
+				std::ifstream fin(tmp);
+				std::copy(std::istream_iterator<std::string>(fin), std::istream_iterator<std::string>(),
+					std::inserter(*this, end()));
+			}
+		};
+		static const MyDict dict;
+		MyDict::const_iterator find = dict.find(search);
+		
+		return find != dict.end();
+	}
+}
+
+/* Credits go to Barmak Shemirani from https://stackoverflow.com/questions/31407492/c-tooltip-function-for-checkbox */
+void CreateToolTip(HWND hWndParent, HWND hControlItem, PTSTR pszText)
+{
+    if (!hControlItem || !hWndParent || !pszText)
+        return;
+
+    HWND hwndTip = CreateWindowEx(NULL, TOOLTIPS_CLASS, NULL,
+        WS_POPUP | TTS_NOFADE | TTS_ALWAYSTIP /*| TTS_BALLOON*/,
+        CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT,
+        hWndParent, NULL, GetModuleHandle(NULL), NULL);
+
+    if (!hwndTip)
+        return;
+
+    TOOLINFO toolInfo = { 0 };
+    toolInfo.cbSize = sizeof(toolInfo);
+    toolInfo.hwnd = hWndParent;
+    toolInfo.uFlags = TTF_IDISHWND | TTF_SUBCLASS;
+    toolInfo.uId = (UINT_PTR)hControlItem;
+    toolInfo.lpszText = pszText;
+	GetClientRect(hWndParent, &toolInfo.rect);
+    if (!SendMessage(hwndTip, TTM_ADDTOOL, 0, (LPARAM)&toolInfo))
+    {
+        MessageBox(0, TEXT("TTM_ADDTOOL failed\nWrong project manifest!"), 0, 0);
+    }
+}
-- 
cgit v1.2.3