From 8ebf5ac605d57eab80b600a7827d2ba48668d887 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Tue, 26 May 2015 01:36:20 +0200 Subject: Windows: first implementation of dynamic mode --- src/Mount/MainCom.cpp | 27 ++++++-- src/Mount/MainCom.h | 2 +- src/Mount/MainCom.idl | 2 + src/Mount/Mount.c | 187 +++++++++++++++++++++++++++++++++++++++++--------- src/Mount/Mount.h | 1 + src/Mount/Mount.rc | 69 +++++++++++-------- src/Mount/Resource.h | 8 ++- 7 files changed, 227 insertions(+), 69 deletions(-) (limited to 'src/Mount') diff --git a/src/Mount/MainCom.cpp b/src/Mount/MainCom.cpp index 69f8bd4e..b527d428 100644 --- a/src/Mount/MainCom.cpp +++ b/src/Mount/MainCom.cpp @@ -67,6 +67,12 @@ public: return S_OK; } + virtual void STDMETHODCALLTYPE AnalyzeKernelMiniDump (LONG_PTR hwndDlg) + { + // Do nothing + MainDlg = (HWND) hwndDlg; + } + virtual int STDMETHODCALLTYPE BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume) { USES_CONVERSION; @@ -100,7 +106,7 @@ public: CW2A volumePathA(volumePath); MainDlg = (HWND) hWnd; if (volumePathA.m_psz) - return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, FALSE, newPassword, pkcs5, wipePassCount, (HWND) hWnd); + return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); else return ERR_OUTOFMEMORY; } @@ -151,7 +157,7 @@ public: CW2A volumePathA(volumePath); MainDlg = (HWND) hWnd; if (volumePathA.m_psz) - return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, FALSE, newPassword, pkcs5, wipePassCount, (HWND) hWnd); + return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); else return ERR_OUTOFMEMORY; } @@ -162,7 +168,18 @@ public: CW2A volumePathA(volumePath); MainDlg = (HWND) hWnd; if (volumePathA.m_psz) - return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, truecryptMode, newPassword, pkcs5, wipePassCount, (HWND) hWnd); + return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, 0, truecryptMode, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd); + else + return ERR_OUTOFMEMORY; + } + + virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, LONG_PTR hWnd) + { + USES_CONVERSION; + CW2A volumePathA(volumePath); + MainDlg = (HWND) hWnd; + if (volumePathA.m_psz) + return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, old_pin, truecryptMode, newPassword, pkcs5, pin, wipePassCount, (HWND) hWnd); else return ERR_OUTOFMEMORY; } @@ -280,7 +297,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume) } -extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg) +extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, HWND hwndDlg) { CComPtr tc; int r; @@ -294,7 +311,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pk { volumeBstr.Attach (bstr); - r = tc->ChangePasswordEx2 (volumeBstr, oldPassword, old_pkcs5, truecryptMode, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg); + r = tc->ChangePasswordEx3 (volumeBstr, oldPassword, old_pkcs5, old_pin, truecryptMode, newPassword, pkcs5, pin, wipePassCount, (LONG_PTR) hwndDlg); } else r = ERR_OUTOFMEMORY; diff --git a/src/Mount/MainCom.h b/src/Mount/MainCom.h index c42094da..0a2afe60 100644 --- a/src/Mount/MainCom.h +++ b/src/Mount/MainCom.h @@ -22,7 +22,7 @@ extern "C" { BOOL ComServerMain (); int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume); int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume); -int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg); +int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, HWND hwndDlg); #ifdef __cplusplus } diff --git a/src/Mount/MainCom.idl b/src/Mount/MainCom.idl index 6f04bef3..91eacb6e 100644 --- a/src/Mount/MainCom.idl +++ b/src/Mount/MainCom.idl @@ -24,6 +24,7 @@ library TrueCryptMainCom ] interface ITrueCryptMainCom : IUnknown { + void AnalyzeKernelMiniDump (LONG_PTR hwndDlg); int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume); DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output); int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); @@ -38,6 +39,7 @@ library TrueCryptMainCom DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); + int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, LONG_PTR hWnd); }; [ diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 87f4acd0..7f8cbca2 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -123,6 +123,8 @@ Password VolumePassword; /* Password used for mounting volumes */ Password CmdVolumePassword; /* Password passed from command line */ int VolumePkcs5 = 0; int CmdVolumePkcs5 = 0; +int VolumePin = 0; +int CmdVolumePin = 0; int DefaultVolumePkcs5 = 0; BOOL VolumeTrueCryptMode = FALSE; BOOL CmdVolumeTrueCryptMode = FALSE; @@ -220,6 +222,8 @@ static void localcleanup (void) burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5)); + burn (&VolumePin, sizeof (VolumePin)); + burn (&CmdVolumePin, sizeof (CmdVolumePin)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode)); burn (&mountOptions, sizeof (mountOptions)); @@ -682,6 +686,7 @@ void LoadSettings (HWND hwndDlg) defaultMountOptions.ReadOnly = ConfigReadInt ("MountVolumesReadOnly", FALSE); defaultMountOptions.ProtectHiddenVolume = FALSE; defaultMountOptions.ProtectedHidVolPkcs5Prf = 0; + defaultMountOptions.ProtectedHidVolPin = 0; defaultMountOptions.PartitionInInactiveSysEncScope = FALSE; defaultMountOptions.RecoveryMode = FALSE; defaultMountOptions.UseBackupHeader = FALSE; @@ -1683,8 +1688,10 @@ typedef struct { Password *oldPassword; int old_pkcs5; + int old_pin; Password *newPassword; int pkcs5; + int pin; int wipePassCount; BOOL truecryptMode; int* pnStatus; @@ -1711,7 +1718,7 @@ void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg) try { - *pThreadParam->pnStatus = BootEncObj->ChangePassword (pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg); + *pThreadParam->pnStatus = BootEncObj->ChangePassword (pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pin, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pin, pThreadParam->wipePassCount, hwndDlg); } catch (Exception &e) { @@ -1723,14 +1730,14 @@ void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg) { // Non-system - *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg); + *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pin, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pin, pThreadParam->wipePassCount, hwndDlg); if (*pThreadParam->pnStatus == ERR_OS_ERROR && GetLastError () == ERROR_ACCESS_DENIED && IsUacSupported () && IsVolumeDeviceHosted (szFileName)) { - *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg); + *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pin, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pin, pThreadParam->wipePassCount, hwndDlg); } } } @@ -1847,6 +1854,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR LocalizeDialog (hwndDlg, "IDD_PCDM_CHANGE_PKCS5_PRF"); EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE); @@ -1860,6 +1868,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR newKeyFilesParam.EnableKeyFiles = TRUE; EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE); @@ -1877,6 +1886,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), TRUE); EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE); @@ -2186,11 +2196,19 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + int old_pin = GetPin (hwndDlg, IDC_OLD_PIN); + int pin = GetPin (hwndDlg, IDC_PIN); + if (truecryptMode && (old_pkcs5 == SHA256)) { Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); return 1; } + else if (truecryptMode && (old_pin != 0)) + { + Error ("PIN_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } if (!CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL)) { @@ -2198,6 +2216,13 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR return 1; } + if (bSysEncPwdChangeDlgMode && (pin > MAX_BOOT_PIN_VALUE)) + { + SetFocus (GetDlgItem(hwndDlg, IDC_PIN)); + Error ("PIN_SYSENC_TOO_BIG", hwndDlg); + return 1; + } + if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF) { newKeyFilesParam.EnableKeyFiles = KeyFilesEnable; @@ -2205,7 +2230,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL) && pwdChangeDlgMode == PCDM_CHANGE_PASSWORD) { - if (!CheckPasswordLength (hwndDlg, GetDlgItem (hwndDlg, IDC_PASSWORD))) + if (!CheckPasswordLength (hwndDlg, GetDlgItem (hwndDlg, IDC_PASSWORD), pin, bSysEncPwdChangeDlgMode)) return 1; } @@ -2221,6 +2246,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR case PCDM_CHANGE_PKCS5_PRF: memcpy (newPassword.Text, oldPassword.Text, sizeof (newPassword.Text)); newPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text); + pin = old_pin; break; default: @@ -2245,8 +2271,10 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR ChangePwdThreadParam changePwdParam; changePwdParam.oldPassword = &oldPassword; changePwdParam.old_pkcs5 = old_pkcs5; + changePwdParam.old_pin = old_pin; changePwdParam.newPassword = &newPassword; changePwdParam.pkcs5 = pkcs5; + changePwdParam.pin = pin; changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode); changePwdParam.pnStatus = &nStatus; changePwdParam.truecryptMode = truecryptMode; @@ -2256,6 +2284,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR err: burn (&oldPassword, sizeof (oldPassword)); burn (&newPassword, sizeof (newPassword)); + burn (&old_pin, sizeof(old_pin)); + burn (&pin, sizeof(pin)); NormalCursor (); @@ -2299,6 +2329,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa WORD lw = LOWORD (wParam); static Password *szXPwd; static int *pkcs5; + static int *pin; static BOOL* truecryptMode; switch (msg) @@ -2308,6 +2339,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa int i, nIndex, defaultPrfIndex = 0; szXPwd = ((PasswordDlgParam *) lParam) -> password; pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5; + pin = ((PasswordDlgParam *) lParam) -> pin; truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode; LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG"); DragAcceptFiles (hwndDlg, TRUE); @@ -2356,6 +2388,16 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0); SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_PIN), EM_LIMITTEXT, MAX_PIN, 0); + + if (*pin > 0) + { + /* display the given PIN */ + char szTmp[MAX_PIN + 1]; + StringCbPrintfA(szTmp, sizeof(szTmp), "%d", *pin); + + SetDlgItemText (hwndDlg, IDC_PIN, szTmp); + } SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable); @@ -2453,6 +2495,19 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_SETPASSWORDCHAR, '*', 0); InvalidateRect (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL, TRUE); + SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), FALSE); + EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), FALSE); + + if (*pin >= 0) + { + /* display the given PIN */ + char szTmp[MAX_PIN + 1]; + StringCbPrintfA(szTmp, sizeof(szTmp), "%d", *pin); + + SetDlgItemText (hwndDlg, IDC_PIN, szTmp); + } + bPrebootPasswordDlgMode = TRUE; } return 1; @@ -2504,6 +2559,8 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa /* Use default PRF specified by the user if any */ if (mountOptions.ProtectedHidVolPkcs5Prf == 0) mountOptions.ProtectedHidVolPkcs5Prf = *pkcs5; + if (mountOptions.ProtectedHidVolPin == 0) + mountOptions.ProtectedHidVolPin = *pin; DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions); @@ -2565,6 +2622,13 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + + GetWindowText (GetDlgItem (hwndDlg, IDC_PIN), tmp, MAX_PIN + 1); + if (strlen(tmp)) + *pin = (int) strtol(tmp, NULL, 10); /* IDC_PIN is configured to accept only numbers */ + else + *pin = 0; + /* SHA-256 is not supported by TrueCrypt */ if ( (*truecryptMode) && ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256)) @@ -2573,6 +2637,14 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); return 1; } + + if ( (*truecryptMode) + && (*pin != 0) + ) + { + Error ("PIN_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + return 1; + } } // Attempt to wipe password stored in the input field buffer @@ -3290,7 +3362,7 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP ListSubItemSetW (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE")); else { - bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, TRUE, prop.partitionInInactiveSysEncScope); + bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope); s = prop.hiddenVolume ? GetString ("HIDDEN") : (prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL")); @@ -3865,7 +3937,7 @@ LPARAM GetItemLong (HWND hTree, int itemNo) return item.lParam; } -static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions) +static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pin, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions) { INT_PTR result; PasswordDlgParam dlgParam; @@ -3875,6 +3947,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL dlgParam.password = password; dlgParam.pkcs5 = pkcs5; + dlgParam.pin = pin; dlgParam.truecryptMode = truecryptMode; result = DialogBoxParamW (hInst, @@ -3885,6 +3958,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL { password->Length = 0; *pkcs5 = 0; + *pin = 0; *truecryptMode = FALSE; burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); @@ -3920,6 +3994,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) VolumePassword.Length = 0; VolumePkcs5 = 0; VolumeTrueCryptMode = FALSE; + VolumePin = 0; } if (szFileName == NULL) @@ -3956,9 +4031,9 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) WaitCursor (); // try TrueCrypt mode first since it is quick - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); // If keyfiles are enabled, test empty password first if (!mounted && KeyFilesEnable && FirstKeyFile) @@ -3968,9 +4043,9 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile); // try TrueCrypt mode first since it is quick - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); burn (&emptyPassword, sizeof (emptyPassword)); } @@ -3979,9 +4054,9 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) if (!mounted && bCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0) { // try TrueCrypt mode first as it is quick - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); } NormalCursor (); @@ -4001,21 +4076,25 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) VolumePassword = CmdVolumePassword; VolumePkcs5 = EffectiveVolumePkcs5; VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode; + VolumePin = CmdVolumePin; } else if (!Silent) { int GuiPkcs5 = EffectiveVolumePkcs5; BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; + int GuiPin = CmdVolumePin; StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName); - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE)) + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE)) goto ret; else { VolumePkcs5 = GuiPkcs5; VolumeTrueCryptMode = GuiTrueCryptMode; + VolumePin = GuiPin; burn (&GuiPkcs5, sizeof(GuiPkcs5)); burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); + burn (&GuiPin, sizeof(GuiPin)); } } @@ -4024,7 +4103,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) if (KeyFilesEnable) KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile); - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent); + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent); NormalCursor (); // Check for legacy non-ASCII passwords @@ -4040,6 +4119,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePin, sizeof (VolumePin)); } burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); @@ -4075,6 +4155,7 @@ ret: burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePin, sizeof (VolumePin)); } burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); @@ -4304,15 +4385,18 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt) { int GuiPkcs5 = EffectiveVolumePkcs5; BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; + int GuiPin = CmdVolumePin; PasswordDlgVolume[0] = '\0'; - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE)) + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE)) goto ret; else { VolumePkcs5 = GuiPkcs5; VolumeTrueCryptMode = GuiTrueCryptMode; + VolumePin = GuiPin; burn (&GuiPkcs5, sizeof(GuiPkcs5)); burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); + burn (&GuiPin, sizeof(GuiPin)); } } else if (CmdVolumePasswordValid) @@ -4321,6 +4405,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt) VolumePassword = CmdVolumePassword; VolumePkcs5 = EffectiveVolumePkcs5; VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode; + VolumePin = CmdVolumePin; } WaitCursor(); @@ -4374,8 +4459,8 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt) goto ret; // First try user password then cached passwords - if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0 - || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0) + if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0 + || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0) { // A volume has been successfully mounted @@ -4455,6 +4540,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt) burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePin, sizeof (VolumePin)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); } @@ -4492,6 +4578,7 @@ ret: burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); + burn (&VolumePin, sizeof (VolumePin)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); @@ -5485,7 +5572,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; // Cached password - mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, EffectiveVolumePkcs5, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); + mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePin, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); // Command line password or keyfiles if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile)) @@ -5496,7 +5583,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile); mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', - szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, + szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePin, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, reportBadPasswd); burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); @@ -5512,17 +5599,20 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa while (!mounted && !Silent) { int GuiPkcs5 = EffectiveVolumePkcs5; + int GuiPin = CmdVolumePin; BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode; VolumePassword.Length = 0; StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName); - if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE)) + if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE)) break; else { VolumePkcs5 = GuiPkcs5; + VolumePin = GuiPin; VolumeTrueCryptMode = GuiTrueCryptMode; burn (&GuiPkcs5, sizeof(GuiPkcs5)); + burn (&GuiPin, sizeof(GuiPin)); burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode)); } @@ -5531,10 +5621,11 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa if (KeyFilesEnable && FirstKeyFile) KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile); - mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE); + mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE); burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePin, sizeof (VolumePin)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); @@ -6254,6 +6345,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; else mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; + mountOptions.ProtectedHidVolPin = CmdVolumePin; if (IDCANCEL == DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, @@ -7387,6 +7479,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine) CommandWipeCache, OptionPkcs5, OptionTrueCryptMode, + OptionPin, }; argument args[]= @@ -7410,6 +7503,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine) { CommandWipeCache, "/wipecache", "/w", FALSE }, { OptionPkcs5, "/hash", NULL , FALSE }, { OptionTrueCryptMode, "/truecrypt", "/tc", FALSE }, + { OptionPin, "/pin", NULL, FALSE }, }; argumentspec as; @@ -7683,6 +7777,27 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine) AbortProcess ("COMMAND_LINE_ERROR"); } break; + + case OptionPin: + { + char szTmp[32] = {0}; + if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, + &i, nNoCommandLineArgs, szTmp, sizeof (szTmp))) + { + char* endPtr = NULL; + CmdVolumePin = (int) strtol(szTmp, &endPtr, 0); + if (CmdVolumePin < 0 || endPtr == szTmp || *endPtr != '\0') + { + CmdVolumePin = 0; + AbortProcess ("COMMAND_LINE_ERROR"); + } + + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + break; + case OptionTrueCryptMode: CmdVolumeTrueCryptMode = TRUE; break; @@ -8115,6 +8230,7 @@ BOOL MountFavoriteVolumes (BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMou mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; else mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; + mountOptions.ProtectedHidVolPin = CmdVolumePin; if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), MainDlg, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions) == IDCANCEL) { status = FALSE; @@ -8167,6 +8283,7 @@ skipMount: MultipleMountOperationInProgress = FALSE; burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePin, sizeof (VolumePin)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); if (status && CloseSecurityTokenSessionsAfterMount) @@ -8373,6 +8490,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps OpenVolumeContext volume; OpenVolumeContext hiddenVolume; Password hiddenVolPassword; + int hiddenVolPkcs5 = 0, hiddenVolPin = 0; byte temporaryKey[MASTER_KEYDATA_SIZE]; byte originalK2[MASTER_KEYDATA_SIZE]; @@ -8418,10 +8536,12 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps { OpenVolumeContext *askVol = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolume : &volume); Password *askPassword = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPassword : &VolumePassword); + int* askPkcs5 = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPkcs5 : &VolumePkcs5); + int* askPin = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPin : &VolumePin); while (TRUE) { - if (!AskVolumePassword (hwndDlg, askPassword, &VolumePkcs5, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE)) + if (!AskVolumePassword (hwndDlg, askPassword, askPkcs5, askPin, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE)) { nStatus = ERR_SUCCESS; goto ret; @@ -8432,7 +8552,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps if (KeyFilesEnable && FirstKeyFile) KeyFilesApply (hwndDlg, askPassword, FirstKeyFile); - nStatus = OpenVolume (askVol, lpszVolume, askPassword, VolumePkcs5, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE); + nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPin, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE); NormalCursor(); @@ -8549,14 +8669,14 @@ noHidden: } // Store header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, FALSE); + nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, VolumePin, FALSE); if (nStatus != ERR_SUCCESS) goto error; if (hiddenVolume.VolumeIsOpen) { nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE), - FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, FALSE); + FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, hiddenVolPin, FALSE); if (nStatus != ERR_SUCCESS) goto error; @@ -8589,6 +8709,7 @@ error: burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePin, sizeof (VolumePin)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); burn (&hiddenVolPassword, sizeof (hiddenVolPassword)); burn (temporaryKey, sizeof (temporaryKey)); @@ -8691,7 +8812,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) while (TRUE) { StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume); - if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumeTrueCryptMode, NULL, FALSE)) + if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumePin, &VolumeTrueCryptMode, NULL, FALSE)) { nStatus = ERR_SUCCESS; goto ret; @@ -8702,7 +8823,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) if (KeyFilesEnable && FirstKeyFile) KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile); - nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE); + nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE); NormalCursor(); @@ -8725,7 +8846,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) // Create a new header with a new salt char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; - nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, FALSE); + nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, VolumePin, FALSE); if (nStatus != 0) goto error; @@ -8893,7 +9014,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) // Open the header while (TRUE) { - if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE)) + if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumePin, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE)) { nStatus = ERR_SUCCESS; goto ret; @@ -8909,7 +9030,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) if (type == TC_VOLUME_TYPE_HIDDEN) headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE); - nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, &restoredCryptoInfo, NULL); + nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, &restoredCryptoInfo, NULL); if (nStatus == ERR_SUCCESS) break; } @@ -8938,7 +9059,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) WaitCursor(); // Restore header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, FALSE); + nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePin, FALSE); if (nStatus != ERR_SUCCESS) goto error; @@ -8957,7 +9078,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume) if (!restoredCryptoInfo->LegacyVolume) { // Restore backup header encrypted with a new key - nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, FALSE); + nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePin, FALSE); if (nStatus != ERR_SUCCESS) goto error; @@ -9014,6 +9135,7 @@ error: burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePkcs5, sizeof (VolumePkcs5)); + burn (&VolumePin, sizeof (VolumePin)); burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode)); RestoreDefaultKeyFilesParam(); RandStop (FALSE); @@ -9574,6 +9696,7 @@ void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions) mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5; else mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5; + mountOptions.ProtectedHidVolPin = CmdVolumePin; if (IDCANCEL == DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions)) diff --git a/src/Mount/Mount.h b/src/Mount/Mount.h index d6e18bb8..5a8e9fe4 100644 --- a/src/Mount/Mount.h +++ b/src/Mount/Mount.h @@ -52,6 +52,7 @@ typedef struct { Password *password; int* pkcs5; + int* pin; BOOL* truecryptMode; } PasswordDlgParam; diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index e2aa43a3..d40eb805 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -105,35 +105,41 @@ BEGIN CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,192 END -IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 330, 207 +IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 330, 245 STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU CAPTION "Change Password or Keyfiles" CLASS "VeraCryptCustomDlg" FONT 8, "MS Shell Dlg", 0, 0, 0x0 BEGIN EDITTEXT IDC_OLD_PASSWORD,89,14,162,13,ES_PASSWORD | ES_AUTOHSCROLL - CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,53,98,10 - PUSHBUTTON "Keyfiles...",IDC_KEYFILES,192,50,59,14 - CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,65,138,10,WS_EX_TRANSPARENT - EDITTEXT IDC_PASSWORD,89,99,162,13,ES_PASSWORD | ES_AUTOHSCROLL - EDITTEXT IDC_VERIFY,89,115,162,13,ES_PASSWORD | ES_AUTOHSCROLL - CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,134,99,11 - PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,192,132,59,14 - CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,146,160,11,WS_EX_TRANSPARENT - COMBOBOX IDC_PKCS5_PRF_ID,89,161,85,90,CBS_DROPDOWNLIST | WS_TABSTOP + COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,85,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,179,35,78,10 + EDITTEXT IDC_OLD_PIN,89,51,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER + CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,72,98,10 + PUSHBUTTON "Keyfiles...",IDC_KEYFILES,192,70,59,14 + CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,85,138,10,WS_EX_TRANSPARENT + EDITTEXT IDC_PASSWORD,89,121,162,13,ES_PASSWORD | ES_AUTOHSCROLL + EDITTEXT IDC_VERIFY,89,137,162,13,ES_PASSWORD | ES_AUTOHSCROLL + EDITTEXT IDC_PIN,89,154,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER + CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,172,99,11 + PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,192,170,59,14 + CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,184,160,11,WS_EX_TRANSPARENT + COMBOBOX IDC_PKCS5_PRF_ID,89,199,85,90,CBS_DROPDOWNLIST | WS_TABSTOP + COMBOBOX IDC_WIPE_MODE,89,218,106,90,CBS_DROPDOWNLIST | WS_TABSTOP DEFPUSHBUTTON "OK",IDOK,264,7,59,14 PUSHBUTTON "Cancel",IDCANCEL,264,24,59,14 RTEXT "Password:",IDT_PASSWORD,12,16,72,8 - RTEXT "Password:",IDT_NEW_PASSWORD,8,102,76,8 - RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,118,75,16 - RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,162,74,10,SS_CENTERIMAGE - GROUPBOX "Current",IDT_CURRENT,6,3,252,77 - GROUPBOX "New",IDT_NEW,6,87,252,113 - COMBOBOX IDC_WIPE_MODE,89,180,106,90,CBS_DROPDOWNLIST | WS_TABSTOP - RTEXT "Wipe mode:",IDT_WIPE_MODE,9,182,74,8,0,WS_EX_RIGHT - COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,85,90,CBS_DROPDOWNLIST | WS_TABSTOP + RTEXT "Password:",IDT_NEW_PASSWORD,8,124,76,8 + RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,140,75,16 + RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,200,74,10,SS_CENTERIMAGE + GROUPBOX "Current",IDT_CURRENT,6,3,252,97 + GROUPBOX "New",IDT_NEW,6,108,252,130 + RTEXT "Wipe mode:",IDT_WIPE_MODE,9,220,74,8,0,WS_EX_RIGHT RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE - CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,179,35,78,10 + RTEXT "Volume PIN:",IDT_OLD_PIN,12,54,74,10 + LTEXT "(Empty or 0 for default iterations)",IDC_OLD_PIN_HELP,135,54,119,8 + RTEXT "Volume PIN:",IDT_PIN,9,157,75,16 + LTEXT "(Empty or 0 for default iterations)",IDC_PIN_HELP,135,157,119,8 END IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271 @@ -166,24 +172,27 @@ BEGIN CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119 END -IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 91 +IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 103 STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION CAPTION "Enter VeraCrypt Volume Password" FONT 8, "MS Shell Dlg", 0, 0, 0x0 BEGIN EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL + COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10 + EDITTEXT IDC_PIN,69,43,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,50,153,10 - CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,63,83,10 - CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,11 - PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,72,64,14 - PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,72,64,14 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,153,10 + CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,83,10 + CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,87,83,11 + PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,84,64,14 + PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,84,64,14 DEFPUSHBUTTON "OK",IDOK,243,8,64,14 PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14 RTEXT "Password:",IDT_PASSWORD,0,10,65,13 - COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP - RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13 - CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10 + RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,11 + RTEXT "Volume PIN:",IDT_PIN,0,46,65,8 + LTEXT "(Empty or 0 for default iterations)",IDC_PIN_HELP,115,46,189,8 END IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269 @@ -375,7 +384,7 @@ BEGIN LEFTMARGIN, 7 RIGHTMARGIN, 323 TOPMARGIN, 7 - BOTTOMMARGIN, 200 + BOTTOMMARGIN, 238 END IDD_MOUNT_DLG, DIALOG @@ -387,7 +396,7 @@ BEGIN IDD_PASSWORD_DLG, DIALOG BEGIN RIGHTMARGIN, 313 - BOTTOMMARGIN, 86 + BOTTOMMARGIN, 98 END IDD_TRAVELER_DLG, DIALOG diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h index fe57e0d1..857ef197 100644 --- a/src/Mount/Resource.h +++ b/src/Mount/Resource.h @@ -163,6 +163,12 @@ #define IDC_PKCS5_OLD_PRF_ID 1139 #define IDC_TRUECRYPT_MODE 1140 #define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141 +#define IDT_PIN 1142 +#define IDC_PIN 1143 +#define IDC_PIN_HELP 1144 +#define IDT_OLD_PIN 1145 +#define IDC_OLD_PIN 1146 +#define IDC_OLD_PIN_HELP 1147 #define IDM_HELP 40001 #define IDM_ABOUT 40002 #define IDM_UNMOUNT_VOLUME 40003 @@ -238,7 +244,7 @@ #define _APS_NO_MFC 1 #define _APS_NEXT_RESOURCE_VALUE 119 #define _APS_NEXT_COMMAND_VALUE 40068 -#define _APS_NEXT_CONTROL_VALUE 1142 +#define _APS_NEXT_CONTROL_VALUE 1148 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif -- cgit v1.2.3