Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt volumes to VeraCrypt using the change password functionality.

This commit is contained in:
Mounir IDRASSI 2014-12-28 19:04:05 +01:00
parent ec9ff0fc1d
commit 25c3d15ed7
29 changed files with 246 additions and 104 deletions

View File

@ -102,6 +102,7 @@ typedef struct
BOOL RecoveryMode; BOOL RecoveryMode;
int pkcs5_prf; int pkcs5_prf;
int ProtectedHidVolPkcs5Prf; int ProtectedHidVolPkcs5Prf;
BOOL bTrueCryptMode;
} MOUNT_STRUCT; } MOUNT_STRUCT;
typedef struct typedef struct

View File

@ -1638,7 +1638,7 @@ namespace VeraCrypt
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize) // Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader)); memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, NULL, cryptoInfo); ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, FALSE, NULL, cryptoInfo);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@ -2159,7 +2159,7 @@ namespace VeraCrypt
PCRYPTO_INFO cryptoInfo = NULL; PCRYPTO_INFO cryptoInfo = NULL;
int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, &cryptoInfo, NULL); int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, FALSE, &cryptoInfo, NULL);
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); }); finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
if (status != 0) if (status != 0)

View File

@ -21,7 +21,7 @@ Password CachedPasswords[CACHE_SIZE];
int cacheEmpty = 1; int cacheEmpty = 1;
static int nPasswordIdx = 0; static int nPasswordIdx = 0;
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo) int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, BOOL truecryptMode, PCRYPTO_INFO *retInfo)
{ {
int nReturnCode = ERR_PASSWORD_WRONG; int nReturnCode = ERR_PASSWORD_WRONG;
int i; int i;
@ -29,7 +29,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
/* Attempt to recognize volume using mount password */ /* Attempt to recognize volume using mount password */
if (password->Length > 0) if (password->Length > 0)
{ {
nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, retInfo, NULL); nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, truecryptMode, retInfo, NULL);
/* Save mount passwords back into cache if asked to do so */ /* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY)) if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
@ -59,7 +59,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *pas
{ {
if (CachedPasswords[i].Length > 0) if (CachedPasswords[i].Length > 0)
{ {
nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, retInfo, NULL); nReturnCode = ReadVolumeHeader (bBoot, header, &CachedPasswords[i], pkcs5_prf, truecryptMode, retInfo, NULL);
if (nReturnCode != ERR_PASSWORD_WRONG) if (nReturnCode != ERR_PASSWORD_WRONG)
break; break;

View File

@ -19,5 +19,5 @@
extern int cacheEmpty; extern int cacheEmpty;
void AddPasswordToCache (Password *password); void AddPasswordToCache (Password *password);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo); int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, char *header, Password *password, int pkcs5_prf, BOOL truecryptMode, PCRYPTO_INFO *retInfo);
void WipeCache (void); void WipeCache (void);

View File

@ -211,6 +211,7 @@ typedef struct CRYPTO_INFO_t
unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */ unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */
unsigned __int8 salt[PKCS5_SALT_SIZE]; unsigned __int8 salt[PKCS5_SALT_SIZE];
int noIterations; int noIterations;
BOOL bTrueCryptMode;
uint64 volume_creation_time; // Legacy uint64 volume_creation_time; // Legacy
uint64 header_creation_time; // Legacy uint64 header_creation_time; // Legacy

View File

@ -4028,6 +4028,10 @@ void handleError (HWND hwndDlg, int code)
// A non-error // A non-error
break; break;
case ERR_UNSUPPORTED_TRUECRYPT_FORMAT:
MessageBoxW (hwndDlg, GetString ("UNSUPPORTED_TRUECRYPT_FORMAT"), lpszTitle, ICON_HAND);
break;
default: default:
StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("ERR_UNKNOWN"), code); StringCbPrintfW (szTmp, sizeof(szTmp), GetString ("ERR_UNKNOWN"), code);
MessageBoxW (hwndDlg, szTmp, lpszTitle, ICON_HAND); MessageBoxW (hwndDlg, szTmp, lpszTitle, ICON_HAND);
@ -4504,22 +4508,22 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
case SHA512: case SHA512:
/* PKCS-5 test with HMAC-SHA-512 used as the PRF */ /* PKCS-5 test with HMAC-SHA-512 used as the PRF */
derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE); derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE);
break; break;
case SHA256: case SHA256:
/* PKCS-5 test with HMAC-SHA-256 used as the PRF */ /* PKCS-5 test with HMAC-SHA-256 used as the PRF */
derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE); derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE);
break; break;
case RIPEMD160: case RIPEMD160:
/* PKCS-5 test with HMAC-RIPEMD-160 used as the PRF */ /* PKCS-5 test with HMAC-RIPEMD-160 used as the PRF */
derive_key_ripemd160 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE); derive_key_ripemd160 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE);
break; break;
case WHIRLPOOL: case WHIRLPOOL:
/* PKCS-5 test with HMAC-Whirlpool used as the PRF */ /* PKCS-5 test with HMAC-Whirlpool used as the PRF */
derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE), dk, MASTER_KEYDATA_SIZE); derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, FALSE, FALSE), dk, MASTER_KEYDATA_SIZE);
break; break;
} }
} }
@ -6289,6 +6293,7 @@ int MountVolume (HWND hwndDlg,
char *volumePath, char *volumePath,
Password *password, Password *password,
int pkcs5, int pkcs5,
BOOL truecryptMode,
BOOL cachePassword, BOOL cachePassword,
BOOL sharedAccess, BOOL sharedAccess,
const MountOptions* const mountOptions, const MountOptions* const mountOptions,
@ -6360,6 +6365,7 @@ int MountVolume (HWND hwndDlg,
mount.bMountManager = TRUE; mount.bMountManager = TRUE;
mount.pkcs5_prf = pkcs5; mount.pkcs5_prf = pkcs5;
mount.bTrueCryptMode = truecryptMode;
// Windows 2000 mount manager causes problems with remounted volumes // Windows 2000 mount manager causes problems with remounted volumes
if (CurrentOSMajor == 5 && CurrentOSMinor == 0) if (CurrentOSMajor == 5 && CurrentOSMinor == 0)
@ -6412,6 +6418,8 @@ int MountVolume (HWND hwndDlg,
&mount.nPartitionInInactiveSysEncScopeDriveNo, &mount.nPartitionInInactiveSysEncScopeDriveNo,
sizeof(mount.nPartitionInInactiveSysEncScopeDriveNo)) != 1) sizeof(mount.nPartitionInInactiveSysEncScopeDriveNo)) != 1)
{ {
if (!quiet)
Warning ("NO_SYSENC_PARTITION_SELECTED", hwndDlg);
return -1; return -1;
} }
@ -6436,6 +6444,7 @@ int MountVolume (HWND hwndDlg,
burn (&mount.VolumePassword, sizeof (mount.VolumePassword)); burn (&mount.VolumePassword, sizeof (mount.VolumePassword));
burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword)); burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword));
burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf)); burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf));
burn (&mount.bTrueCryptMode, sizeof (mount.bTrueCryptMode));
burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf)); burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf));
if (bResult == FALSE) if (bResult == FALSE)
@ -8954,7 +8963,7 @@ void ReportUnexpectedState (char *techInfo)
#ifndef SETUP #ifndef SETUP
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader) int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
{ {
int status = ERR_PARAMETER_INCORRECT; int status = ERR_PARAMETER_INCORRECT;
int volumeType; int volumeType;
@ -9104,7 +9113,7 @@ int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *pa
} }
// Decrypt volume header // Decrypt volume header
status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, &context->CryptoInfo, NULL); status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, truecryptMode, &context->CryptoInfo, NULL);
if (status == ERR_PASSWORD_WRONG) if (status == ERR_PASSWORD_WRONG)
continue; // Try next volume type continue; // Try next volume type

View File

@ -325,7 +325,7 @@ BOOL IsDriveAvailable (int driveNo);
BOOL IsDeviceMounted (char *deviceName); BOOL IsDeviceMounted (char *deviceName);
int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced); int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);
void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap); void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);
int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, int pkcs5, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword); int MountVolume (HWND hwndDlg, int driveNo, char *volumePath, Password *password, int pkcs5, BOOL truecryptMode, BOOL cachePassword, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount); BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);
BOOL IsPasswordCacheEmpty (void); BOOL IsPasswordCacheEmpty (void);
BOOL IsMountedVolume (const char *volname); BOOL IsMountedVolume (const char *volname);
@ -447,7 +447,7 @@ void ToBootPwdField (HWND hwndDlg, UINT ctrlId);
void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont); void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont);
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize); BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
BOOL DoDriverInstall (HWND hwndDlg); BOOL DoDriverInstall (HWND hwndDlg);
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader); int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, int pkcs5_prf, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context); void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, BOOL wipeMode); int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly); BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);

View File

@ -624,7 +624,7 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
mountOptions.PartitionInInactiveSysEncScope = FALSE; mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE; mountOptions.UseBackupHeader = FALSE;
if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{ {
MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND); MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);
MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND); MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);

View File

@ -167,6 +167,7 @@
<control lang="en" key="IDC_SHOW_PASSWORD_CHPWD_ORI">Display password</control> <control lang="en" key="IDC_SHOW_PASSWORD_CHPWD_ORI">Display password</control>
<control lang="en" key="IDC_TRAVEL_OPEN_EXPLORER">Open &amp;Explorer window for mounted volume</control> <control lang="en" key="IDC_TRAVEL_OPEN_EXPLORER">Open &amp;Explorer window for mounted volume</control>
<control lang="en" key="IDC_TRAV_CACHE_PASSWORDS">&amp;Cache password in driver memory</control> <control lang="en" key="IDC_TRAV_CACHE_PASSWORDS">&amp;Cache password in driver memory</control>
<control lang="en" key="IDC_TRUECRYPT_MODE">TrueCrypt Mode</control>
<control lang="en" key="IDC_UNMOUNTALL">Di&amp;smount All</control> <control lang="en" key="IDC_UNMOUNTALL">Di&amp;smount All</control>
<control lang="en" key="IDC_VOLUME_PROPERTIES">&amp;Volume Properties...</control> <control lang="en" key="IDC_VOLUME_PROPERTIES">&amp;Volume Properties...</control>
<control lang="en" key="IDC_VOLUME_TOOLS">Volume &amp;Tools...</control> <control lang="en" key="IDC_VOLUME_TOOLS">Volume &amp;Tools...</control>
@ -1033,6 +1034,7 @@
<string lang="en" key="EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS">\nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).</string> <string lang="en" key="EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS">\nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).</string>
<string lang="en" key="GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION">Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions).</string> <string lang="en" key="GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION">Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions).</string>
<string lang="en" key="ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">This algorithm is currently not supported for system encryption.</string> <string lang="en" key="ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">This algorithm is currently not supported for system encryption.</string>
<string lang="en" key="ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">This algorithm is not supported for TrueCrypt mode.</string>
<string lang="en" key="KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">Keyfiles are currently not supported for system encryption.</string> <string lang="en" key="KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">Keyfiles are currently not supported for system encryption.</string>
<string lang="en" key="CANNOT_RESTORE_KEYBOARD_LAYOUT">Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly.</string> <string lang="en" key="CANNOT_RESTORE_KEYBOARD_LAYOUT">Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly.</string>
<string lang="en" key="CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION">Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout.</string> <string lang="en" key="CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION">Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout.</string>
@ -1232,7 +1234,8 @@
<string lang="en" key="CONFIRM_SETTING_DEGRADES_PERFORMANCE">WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting?</string> <string lang="en" key="CONFIRM_SETTING_DEGRADES_PERFORMANCE">WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting?</string>
<string lang="en" key="HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE">Warning: VeraCrypt volume auto-dismounted</string> <string lang="en" key="HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE">Warning: VeraCrypt volume auto-dismounted</string>
<string lang="en" key="HOST_DEVICE_REMOVAL_DISMOUNT_WARN">Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc.</string> <string lang="en" key="HOST_DEVICE_REMOVAL_DISMOUNT_WARN">Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc.</string>
<string lang="en" key="TEST">Test</string> <string lang="en" key="UNSUPPORTED_TRUECRYPT_FORMAT">VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 7.x series</string>
<string lang="en" key="TEST">Test</string>
<string lang="en" key="KEYFILE">Keyfile</string> <string lang="en" key="KEYFILE">Keyfile</string>
<string lang="en" key="VKEY_08">Backspace</string> <string lang="en" key="VKEY_08">Backspace</string>
<string lang="en" key="VKEY_09">Tab</string> <string lang="en" key="VKEY_09">Tab</string>

View File

@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem)
return TRUE; return TRUE;
} }
int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg) int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{ {
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR; int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@ -143,7 +143,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Pas
if (oldPassword->Length == 0 || newPassword->Length == 0) return -1; if (oldPassword->Length == 0 || newPassword->Length == 0) return -1;
if (wipePassCount <= 0) if ((wipePassCount <= 0) || (truecryptMode && (old_pkcs5 == SHA256)))
{ {
nStatus = ERR_PARAMETER_INCORRECT; nStatus = ERR_PARAMETER_INCORRECT;
handleError (hwndDlg, nStatus); handleError (hwndDlg, nStatus);
@ -281,7 +281,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Pas
/* Try to decrypt the header */ /* Try to decrypt the header */
nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, &cryptoInfo, NULL); nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, truecryptMode, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY) if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here nStatus = 0; // We can ignore this error here
@ -353,7 +353,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Pas
(volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0, (volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0,
cryptoInfo->EncryptedAreaStart.Value, cryptoInfo->EncryptedAreaStart.Value,
cryptoInfo->EncryptedAreaLength.Value, cryptoInfo->EncryptedAreaLength.Value,
cryptoInfo->RequiredProgramVersion, truecryptMode? 0 : cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags, cryptoInfo->HeaderFlags,
cryptoInfo->SectorSize, cryptoInfo->SectorSize,
wipePass < wipePassCount - 1); wipePass < wipePassCount - 1);

View File

@ -35,7 +35,7 @@ typedef struct
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled ); void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem); BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw); BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg); int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) #endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)

View File

@ -665,19 +665,22 @@ char *get_pkcs5_prf_name (int pkcs5_prf_id)
int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot) int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL truecryptMode, BOOL bBoot)
{ {
switch (pkcs5_prf_id) switch (pkcs5_prf_id)
{ {
case RIPEMD160: case RIPEMD160:
return bBoot? 327661 : 655331; if (truecryptMode)
return bBoot ? 1000 : 2000;
else
return bBoot? 327661 : 655331;
case SHA512: case SHA512:
return 500000; return truecryptMode? 1000 : 500000;
case WHIRLPOOL: case WHIRLPOOL:
return 500000; return truecryptMode? 1000 : 500000;
case SHA256: case SHA256:
return bBoot? 200000 : 500000; return bBoot? 200000 : 500000;

View File

@ -31,7 +31,7 @@ void derive_key_ripemd160 (char *pwd, int pwd_len, char *salt, int salt_len, int
void hmac_whirlpool (char *k, int lk, char *d, int ld, char *out, int t); void hmac_whirlpool (char *k, int lk, char *d, int ld, char *out, int t);
void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b); void derive_u_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *u, int b);
void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen); void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, int iterations, char *dk, int dklen);
int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL bBoot); int get_pkcs5_iteration_count (int pkcs5_prf_id, BOOL truecryptMode, BOOL bBoot);
char *get_pkcs5_prf_name (int pkcs5_prf_id); char *get_pkcs5_prf_name (int pkcs5_prf_id);
#if defined(__cplusplus) #if defined(__cplusplus)

View File

@ -295,7 +295,8 @@ enum
ERR_PARAMETER_INCORRECT = 30, ERR_PARAMETER_INCORRECT = 30,
ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG = 31, ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG = 31,
ERR_NONSYS_INPLACE_ENC_INCOMPLETE = 32, ERR_NONSYS_INPLACE_ENC_INCOMPLETE = 32,
ERR_USER_ABORT = 33 ERR_USER_ABORT = 33,
ERR_UNSUPPORTED_TRUECRYPT_FORMAT = 34
}; };
#endif // #ifndef TCDEFS_H #endif // #ifndef TCDEFS_H

View File

@ -163,7 +163,7 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE; BOOL ReadVolumeHeaderRecoveryMode = FALSE;
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo) int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{ {
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
KEY_INFO keyInfo; KEY_INFO keyInfo;
@ -184,6 +184,14 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
LONG outstandingWorkItemCount = 0; LONG outstandingWorkItemCount = 0;
int i; int i;
if (truecryptMode)
{
// SHA-256 not supported in TrueCrypt mode
if (selected_pkcs5_prf == SHA256)
return ERR_PARAMETER_INCORRECT;
pkcs5PrfCount--; // don't count SHA-256 in case of TrueCrypt mode
}
if (retHeaderCryptoInfo != NULL) if (retHeaderCryptoInfo != NULL)
{ {
cryptoInfo = retHeaderCryptoInfo; cryptoInfo = retHeaderCryptoInfo;
@ -246,6 +254,10 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf) if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf)
continue; continue;
// skip SHA-256 in case of TrueCrypt mode
if (truecryptMode && (enqPkcs5Prf == SHA256))
continue;
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1)) if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{ {
// Enqueue key derivation on thread pool // Enqueue key derivation on thread pool
@ -262,7 +274,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent, EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent,
&item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey, &item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey,
keyInfo.keyLength, keyInfo.salt, get_pkcs5_iteration_count (enqPkcs5Prf, bBoot), item->DerivedKey); keyInfo.keyLength, keyInfo.salt, get_pkcs5_iteration_count (enqPkcs5Prf, truecryptMode, bBoot), item->DerivedKey);
++queuedWorkItems; ++queuedWorkItems;
break; break;
@ -284,7 +296,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE) if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)
{ {
pkcs5_prf = item->Pkcs5Prf; pkcs5_prf = item->Pkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, bBoot); keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, truecryptMode, bBoot);
memcpy (dk, item->DerivedKey, sizeof (dk)); memcpy (dk, item->DerivedKey, sizeof (dk));
item->Free = TRUE; item->Free = TRUE;
@ -302,7 +314,7 @@ KeyReady: ;
else else
{ {
pkcs5_prf = enqPkcs5Prf; pkcs5_prf = enqPkcs5Prf;
keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, bBoot); keyInfo.noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, truecryptMode, bBoot);
switch (pkcs5_prf) switch (pkcs5_prf)
{ {
@ -386,8 +398,10 @@ KeyReady: ;
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo); DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
// Magic 'VERA' // Magic 'VERA' or 'TRUE' depending if we are in TrueCrypt mode or not
if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241) if ((truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545)
|| (!truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241)
)
continue; continue;
// Header version // Header version
@ -407,7 +421,17 @@ KeyReady: ;
// Required program version // Required program version
cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION); cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION);
cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b; if (truecryptMode)
{
if (cryptoInfo->RequiredProgramVersion < 0x700 || cryptoInfo->RequiredProgramVersion > 0x71a)
{
status = ERR_UNSUPPORTED_TRUECRYPT_FORMAT;
goto err;
}
cryptoInfo->LegacyVolume = FALSE;
}
else
cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b;
// Check CRC of the key set // Check CRC of the key set
if (!ReadVolumeHeaderRecoveryMode if (!ReadVolumeHeaderRecoveryMode
@ -417,7 +441,7 @@ KeyReady: ;
// Now we have the correct password, cipher, hash algorithm, and volume type // Now we have the correct password, cipher, hash algorithm, and volume type
// Check the version required to handle this volume // Check the version required to handle this volume
if (cryptoInfo->RequiredProgramVersion > VERSION_NUM) if (!truecryptMode && (cryptoInfo->RequiredProgramVersion > VERSION_NUM))
{ {
status = ERR_NEW_VERSION_REQUIRED; status = ERR_NEW_VERSION_REQUIRED;
goto err; goto err;
@ -469,6 +493,7 @@ KeyReady: ;
{ {
cryptoInfo->pkcs5 = pkcs5_prf; cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations; cryptoInfo->noIterations = keyInfo.noIterations;
cryptoInfo->bTrueCryptMode = truecryptMode;
goto ret; goto ret;
} }
@ -490,6 +515,7 @@ KeyReady: ;
memcpy (cryptoInfo->salt, keyInfo.salt, PKCS5_SALT_SIZE); memcpy (cryptoInfo->salt, keyInfo.salt, PKCS5_SALT_SIZE);
cryptoInfo->pkcs5 = pkcs5_prf; cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations; cryptoInfo->noIterations = keyInfo.noIterations;
cryptoInfo->bTrueCryptMode = truecryptMode;
// Init the cipher with the decrypted master key // Init the cipher with the decrypted master key
status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks); status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks);
@ -768,13 +794,14 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
// User key // User key
memcpy (keyInfo.userKey, password->Text, nUserKeyLen); memcpy (keyInfo.userKey, password->Text, nUserKeyLen);
keyInfo.keyLength = nUserKeyLen; keyInfo.keyLength = nUserKeyLen;
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, bBoot); keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, FALSE, bBoot);
// User selected encryption algorithm // User selected encryption algorithm
cryptoInfo->ea = ea; cryptoInfo->ea = ea;
// User selected PRF // User selected PRF
cryptoInfo->pkcs5 = pkcs5_prf; cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->bTrueCryptMode = FALSE;
// Mode of operation // Mode of operation
cryptoInfo->mode = mode; cryptoInfo->mode = mode;

View File

@ -129,7 +129,7 @@ UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
#ifdef TC_WINDOWS_BOOT #ifdef TC_WINDOWS_BOOT
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#else #else
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo); int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#endif #endif
#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT) #if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)

View File

@ -294,7 +294,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
} }
} }
if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0) if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, FALSE, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
{ {
// Header decrypted // Header decrypted
status = STATUS_SUCCESS; status = STATUS_SUCCESS;
@ -803,7 +803,7 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
goto ret; goto ret;
} }
if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0) if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{ {
Dump ("Header reopened\n"); Dump ("Header reopened\n");

View File

@ -1366,7 +1366,9 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD
|| mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID || mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID
|| mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID ) || mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID
|| (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE)
)
{ {
Irp->IoStatus.Status = STATUS_INVALID_PARAMETER; Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
Irp->IoStatus.Information = 0; Irp->IoStatus.Information = 0;
@ -1381,6 +1383,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
burn (&mount->VolumePassword, sizeof (mount->VolumePassword)); burn (&mount->VolumePassword, sizeof (mount->VolumePassword));
burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword)); burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword));
burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf)); burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf));
burn (&mount->bTrueCryptMode, sizeof (mount->bTrueCryptMode));
burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf)); burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf));
} }
break; break;

View File

@ -449,6 +449,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
readBuffer, readBuffer,
&mount->ProtectedHidVolPassword, &mount->ProtectedHidVolPassword,
mount->ProtectedHidVolPkcs5Prf, mount->ProtectedHidVolPkcs5Prf,
mount->bTrueCryptMode,
&tmpCryptoInfo); &tmpCryptoInfo);
} }
else else
@ -459,6 +460,7 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
readBuffer, readBuffer,
&mount->VolumePassword, &mount->VolumePassword,
mount->pkcs5_prf, mount->pkcs5_prf,
mount->bTrueCryptMode,
&Extension->cryptoInfo); &Extension->cryptoInfo);
} }

View File

@ -1533,7 +1533,7 @@ static int OpenBackupHeader (HANDLE dev, const char *devicePath, Password *passw
} }
nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, retMasterCryptoInfo, headerCryptoInfo); nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, FALSE, retMasterCryptoInfo, headerCryptoInfo);
if (nStatus != ERR_SUCCESS) if (nStatus != ERR_SUCCESS)
goto closing_seq; goto closing_seq;

View File

@ -6900,7 +6900,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{ {
OpenVolumeContext volume; OpenVolumeContext volume;
if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, FALSE, FALSE, TRUE) == ERR_SUCCESS) if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, FALSE, FALSE, FALSE, TRUE) == ERR_SUCCESS)
{ {
if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0 if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0
&& volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value) && volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value)
@ -8274,7 +8274,7 @@ int MountHiddenVolHost (HWND hwndDlg, char *volumePath, int *driveNo, Password *
mountOptions.PartitionInInactiveSysEncScope = FALSE; mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE; mountOptions.UseBackupHeader = FALSE;
if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1) if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{ {
*driveNo = -3; *driveNo = -3;
return ERR_VOL_MOUNT_FAILED; return ERR_VOL_MOUNT_FAILED;

View File

@ -106,7 +106,7 @@ class TrueCryptMainCom : public ITrueCryptMainCom
CW2A volumePathA(volumePath); CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd; MainDlg = (HWND) hWnd;
if (volumePathA.m_psz) if (volumePathA.m_psz)
return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, newPassword, pkcs5, wipePassCount,(HWND) hWnd); return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, FALSE, newPassword, pkcs5, wipePassCount, (HWND) hWnd);
else else
return ERR_OUTOFMEMORY; return ERR_OUTOFMEMORY;
} }
@ -157,7 +157,18 @@ class TrueCryptMainCom : public ITrueCryptMainCom
CW2A volumePathA(volumePath); CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd; MainDlg = (HWND) hWnd;
if (volumePathA.m_psz) if (volumePathA.m_psz)
return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, newPassword, pkcs5, wipePassCount,(HWND) hWnd); return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, FALSE, newPassword, pkcs5, wipePassCount, (HWND) hWnd);
else
return ERR_OUTOFMEMORY;
}
virtual int STDMETHODCALLTYPE ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)
{
USES_CONVERSION;
CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd;
if (volumePathA.m_psz)
return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, truecryptMode, newPassword, pkcs5, wipePassCount, (HWND) hWnd);
else else
return ERR_OUTOFMEMORY; return ERR_OUTOFMEMORY;
} }
@ -272,7 +283,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
} }
extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg) extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{ {
CComPtr<ITrueCryptMainCom> tc; CComPtr<ITrueCryptMainCom> tc;
int r; int r;
@ -280,7 +291,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pk
if (ComGetInstance (hwndDlg, &tc)) if (ComGetInstance (hwndDlg, &tc))
{ {
WaitCursor (); WaitCursor ();
r = tc->ChangePasswordEx (CComBSTR (lpszVolume), oldPassword, old_pkcs5, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg); r = tc->ChangePasswordEx2 (CComBSTR (lpszVolume), oldPassword, old_pkcs5, truecryptMode, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
NormalCursor (); NormalCursor ();
} }
else else

View File

@ -23,7 +23,7 @@ BOOL ComServerMain ();
void UacAnalyzeKernelMiniDump (HWND hwndDlg); void UacAnalyzeKernelMiniDump (HWND hwndDlg);
int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume); int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);
int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume); int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);
int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg); int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
#ifdef __cplusplus #ifdef __cplusplus
} }

View File

@ -12,7 +12,7 @@ import "..\Common\Password.h";
[ [
uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A), uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A),
helpstring("VeraCrypt Main UAC Support Library"), helpstring("VeraCrypt Main UAC Support Library"),
version(2.5) // Update ComSetup.cpp when changing version number version(2.6) // Update ComSetup.cpp when changing version number
] ]
library TrueCryptMainCom library TrueCryptMainCom
{ {
@ -38,6 +38,7 @@ library TrueCryptMainCom
DWORD SetDriverServiceStartType (DWORD startType); DWORD SetDriverServiceStartType (DWORD startType);
DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value); DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value);
int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd); int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
}; };
[ [

View File

@ -124,6 +124,8 @@ Password VolumePassword; /* Password used for mounting volumes */
Password CmdVolumePassword; /* Password passed from command line */ Password CmdVolumePassword; /* Password passed from command line */
int VolumePkcs5 = 0; int VolumePkcs5 = 0;
int CmdVolumePkcs5 = 0; int CmdVolumePkcs5 = 0;
BOOL VolumeTrueCryptMode = FALSE;
BOOL CmdVolumeTrueCryptMode = FALSE;
BOOL CmdVolumePasswordValid = FALSE; BOOL CmdVolumePasswordValid = FALSE;
MountOptions CmdMountOptions; MountOptions CmdMountOptions;
BOOL CmdMountOptionsValid = FALSE; BOOL CmdMountOptionsValid = FALSE;
@ -217,6 +219,8 @@ static void localcleanup (void)
burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5)); burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode));
burn (&mountOptions, sizeof (mountOptions)); burn (&mountOptions, sizeof (mountOptions));
burn (&defaultMountOptions, sizeof (defaultMountOptions)); burn (&defaultMountOptions, sizeof (defaultMountOptions));
burn (szFileName, sizeof(szFileName)); burn (szFileName, sizeof(szFileName));
@ -1446,6 +1450,7 @@ typedef struct
Password *newPassword; Password *newPassword;
int pkcs5; int pkcs5;
int wipePassCount; int wipePassCount;
BOOL truecryptMode;
int* pnStatus; int* pnStatus;
} ChangePwdThreadParam; } ChangePwdThreadParam;
@ -1482,14 +1487,14 @@ void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg)
{ {
// Non-system // Non-system
*pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg); *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg);
if (*pThreadParam->pnStatus == ERR_OS_ERROR if (*pThreadParam->pnStatus == ERR_OS_ERROR
&& GetLastError () == ERROR_ACCESS_DENIED && GetLastError () == ERROR_ACCESS_DENIED
&& IsUacSupported () && IsUacSupported ()
&& IsVolumeDeviceHosted (szFileName)) && IsVolumeDeviceHosted (szFileName))
{ {
*pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg); *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg);
} }
} }
} }
@ -1653,6 +1658,10 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
if (bSysEncPwdChangeDlgMode) if (bSysEncPwdChangeDlgMode)
{ {
/* No support for changing the password of TrueCrypt system partition */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
ToBootPwdField (hwndDlg, IDC_PASSWORD); ToBootPwdField (hwndDlg, IDC_PASSWORD);
ToBootPwdField (hwndDlg, IDC_VERIFY); ToBootPwdField (hwndDlg, IDC_VERIFY);
ToBootPwdField (hwndDlg, IDC_OLD_PASSWORD); ToBootPwdField (hwndDlg, IDC_OLD_PASSWORD);
@ -1941,6 +1950,13 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0); SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0);
int pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, int pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
if (truecryptMode && (old_pkcs5 == SHA256))
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
if (!CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL)) if (!CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL))
{ {
@ -1999,6 +2015,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
changePwdParam.pkcs5 = pkcs5; changePwdParam.pkcs5 = pkcs5;
changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode); changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode);
changePwdParam.pnStatus = &nStatus; changePwdParam.pnStatus = &nStatus;
changePwdParam.truecryptMode = truecryptMode;
ShowWaitDialog(hwndDlg, TRUE, ChangePwdWaitThreadProc, &changePwdParam); ShowWaitDialog(hwndDlg, TRUE, ChangePwdWaitThreadProc, &changePwdParam);
@ -2048,6 +2065,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
WORD lw = LOWORD (wParam); WORD lw = LOWORD (wParam);
static Password *szXPwd; static Password *szXPwd;
static int *pkcs5; static int *pkcs5;
static BOOL* truecryptMode;
switch (msg) switch (msg)
{ {
@ -2056,6 +2074,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
int i, nIndex; int i, nIndex;
szXPwd = ((PasswordDlgParam *) lParam) -> password; szXPwd = ((PasswordDlgParam *) lParam) -> password;
pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5; pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;
truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;
LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG"); LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");
DragAcceptFiles (hwndDlg, TRUE); DragAcceptFiles (hwndDlg, TRUE);
@ -2115,6 +2134,9 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
{ {
EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE); EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE);
/* Disable TrueCrypt mode option in case of backup/restore header operation */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
} }
if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress || LogOn)) if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress || LogOn))
@ -2137,6 +2159,10 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
case TC_APPMSG_PREBOOT_PASSWORD_MODE: case TC_APPMSG_PREBOOT_PASSWORD_MODE:
{ {
/* No support for mounting TrueCrypt system partition */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
ToBootPwdField (hwndDlg, IDC_PASSWORD); ToBootPwdField (hwndDlg, IDC_PASSWORD);
// Attempt to wipe the password stored in the input field buffer // Attempt to wipe the password stored in the input field buffer
@ -2278,6 +2304,15 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
*truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
/* SHA-256 is not supported by TrueCrypt */
if ( (*truecryptMode)
&& ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256))
)
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
} }
// Attempt to wipe password stored in the input field buffer // Attempt to wipe password stored in the input field buffer
@ -2629,16 +2664,19 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
int i, nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); int i, nSelectedIndex = 0, nIndex = SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION"));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0);
for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
{ {
nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); nIndex = SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
/* if a PRF was selected previously, select it */
if (i == mountOptions->ProtectedHidVolPkcs5Prf)
nSelectedIndex = nIndex;
} }
SendMessage (hComboBox, CB_SETCURSEL, 0, 0); SendMessage (hComboBox, CB_SETCURSEL, nSelectedIndex, 0);
protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL)); protect = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PROTECT_HIDDEN_VOL));
@ -2976,9 +3014,17 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
ListSubItemSetW (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE")); ListSubItemSetW (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE"));
else else
{ {
ListSubItemSetW (list, i++, 1, bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, TRUE, prop.partitionInInactiveSysEncScope);
prop.hiddenVolume ? GetString ("HIDDEN") : s = prop.hiddenVolume ? GetString ("HIDDEN") :
(prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL"))); (prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL"));
if (truecryptMode)
{
StringCbPrintfW (sw, sizeof(sw), L"TrueCrypt - %s", s);
ListSubItemSetW (list, i++, 1, sw);
}
else
ListSubItemSetW (list, i++, 1, s);
} }
if (!bSysEnc) if (!bSysEnc)
@ -3541,7 +3587,7 @@ LPARAM GetItemLong (HWND hTree, int itemNo)
return item.lParam; return item.lParam;
} }
static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, char *titleStringId, BOOL enableMountOptions) static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions)
{ {
int result; int result;
PasswordDlgParam dlgParam; PasswordDlgParam dlgParam;
@ -3551,6 +3597,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, char
dlgParam.password = password; dlgParam.password = password;
dlgParam.pkcs5 = pkcs5; dlgParam.pkcs5 = pkcs5;
dlgParam.truecryptMode = truecryptMode;
result = DialogBoxParamW (hInst, result = DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg, MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg,
@ -3560,6 +3607,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, char
{ {
password->Length = 0; password->Length = 0;
*pkcs5 = 0; *pkcs5 = 0;
*truecryptMode = FALSE;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
} }
@ -3584,6 +3632,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
{ {
VolumePassword.Length = 0; VolumePassword.Length = 0;
VolumePkcs5 = 0; VolumePkcs5 = 0;
VolumeTrueCryptMode = FALSE;
} }
if (szFileName == NULL) if (szFileName == NULL)
@ -3619,7 +3668,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
// First try cached passwords and if they fail ask user for a new one // First try cached passwords and if they fail ask user for a new one
WaitCursor (); WaitCursor ();
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, CmdVolumePkcs5, CmdVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first // If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile) if (!mounted && KeyFilesEnable && FirstKeyFile)
@ -3628,16 +3677,19 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
emptyPassword.Length = 0; emptyPassword.Length = 0;
KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile); KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile);
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, CmdVolumePkcs5, CmdVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (mounted) if (mounted)
{
VolumePkcs5 = CmdVolumePkcs5; VolumePkcs5 = CmdVolumePkcs5;
VolumeTrueCryptMode = CmdVolumeTrueCryptMode;
}
burn (&emptyPassword, sizeof (emptyPassword)); burn (&emptyPassword, sizeof (emptyPassword));
} }
// Test password and/or keyfiles used for the previous volume // Test password and/or keyfiles used for the previous volume
if (!mounted && MultipleMountOperationInProgress && VolumePassword.Length != 0) if (!mounted && MultipleMountOperationInProgress && VolumePassword.Length != 0)
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
NormalCursor (); NormalCursor ();
@ -3655,18 +3707,22 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
{ {
VolumePassword = CmdVolumePassword; VolumePassword = CmdVolumePassword;
VolumePkcs5 = CmdVolumePkcs5; VolumePkcs5 = CmdVolumePkcs5;
VolumeTrueCryptMode = CmdVolumeTrueCryptMode;
} }
else if (!Silent) else if (!Silent)
{ {
int GuiPkcs5 = CmdVolumePkcs5; int GuiPkcs5 = CmdVolumePkcs5;
BOOL GuiTrueCryptMode = CmdVolumeTrueCryptMode;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName); StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE)) if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE))
goto ret; goto ret;
else else
{ {
VolumePkcs5 = GuiPkcs5; VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
burn (&GuiPkcs5, sizeof(GuiPkcs5)); burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
} }
} }
@ -3675,7 +3731,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
if (KeyFilesEnable) if (KeyFilesEnable)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile); KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent); mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
NormalCursor (); NormalCursor ();
// Check for legacy non-ASCII passwords // Check for legacy non-ASCII passwords
@ -3690,6 +3746,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
{ {
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
} }
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
@ -3724,6 +3781,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
{ {
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
} }
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
@ -3931,13 +3989,16 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
if (!CmdVolumePasswordValid && bPasswordPrompt) if (!CmdVolumePasswordValid && bPasswordPrompt)
{ {
int GuiPkcs5 = CmdVolumePkcs5; int GuiPkcs5 = CmdVolumePkcs5;
BOOL GuiTrueCryptMode = CmdVolumeTrueCryptMode;
PasswordDlgVolume[0] = '\0'; PasswordDlgVolume[0] = '\0';
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE)) if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE))
goto ret; goto ret;
else else
{ {
VolumePkcs5 = GuiPkcs5; VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
burn (&GuiPkcs5, sizeof(GuiPkcs5)); burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
} }
} }
else if (CmdVolumePasswordValid) else if (CmdVolumePasswordValid)
@ -3945,6 +4006,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
bPasswordPrompt = FALSE; bPasswordPrompt = FALSE;
VolumePassword = CmdVolumePassword; VolumePassword = CmdVolumePassword;
VolumePkcs5 = CmdVolumePkcs5; VolumePkcs5 = CmdVolumePkcs5;
VolumeTrueCryptMode = CmdVolumeTrueCryptMode;
} }
WaitCursor(); WaitCursor();
@ -3998,8 +4060,8 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
goto ret; goto ret;
// First try user password then cached passwords // First try user password then cached passwords
if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0 if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
|| (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0) || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
{ {
// A volume has been successfully mounted // A volume has been successfully mounted
@ -4078,6 +4140,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
{ {
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
} }
@ -4114,6 +4177,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@ -4978,7 +5042,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
BOOL mounted; BOOL mounted;
// Cached password // Cached password
mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, CmdVolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE); mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, CmdVolumePkcs5, CmdVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// Command line password or keyfiles // Command line password or keyfiles
if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile)) if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile))
@ -4989,7 +5053,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile); KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A',
szFileName, &CmdVolumePassword, CmdVolumePkcs5, bCacheInDriver, bForceMount, szFileName, &CmdVolumePassword, CmdVolumePkcs5, CmdVolumeTrueCryptMode, bCacheInDriver, bForceMount,
&mountOptions, Silent, reportBadPasswd); &mountOptions, Silent, reportBadPasswd);
burn (&CmdVolumePassword, sizeof (CmdVolumePassword)); burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
@ -5005,15 +5069,18 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
while (!mounted && !Silent) while (!mounted && !Silent)
{ {
int GuiPkcs5 = CmdVolumePkcs5; int GuiPkcs5 = CmdVolumePkcs5;
BOOL GuiTrueCryptMode = CmdVolumeTrueCryptMode;
VolumePassword.Length = 0; VolumePassword.Length = 0;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName); StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, NULL, TRUE)) if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE))
break; break;
else else
{ {
VolumePkcs5 = GuiPkcs5; VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
burn (&GuiPkcs5, sizeof(GuiPkcs5)); burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
} }
WaitCursor (); WaitCursor ();
@ -5021,10 +5088,11 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (KeyFilesEnable && FirstKeyFile) if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile); KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE); mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword)); burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf)); burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@ -6880,6 +6948,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
OptionVolume, OptionVolume,
CommandWipeCache, CommandWipeCache,
OptionPkcs5, OptionPkcs5,
OptionTrueCryptMode,
}; };
argument args[]= argument args[]=
@ -6901,7 +6970,8 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
{ OptionTokenLib, "/tokenlib", NULL, FALSE }, { OptionTokenLib, "/tokenlib", NULL, FALSE },
{ OptionVolume, "/volume", "/v", FALSE }, { OptionVolume, "/volume", "/v", FALSE },
{ CommandWipeCache, "/wipecache", "/w", FALSE }, { CommandWipeCache, "/wipecache", "/w", FALSE },
{ OptionPkcs5, "/hash", NULL , FALSE } { OptionPkcs5, "/hash", NULL , FALSE },
{ OptionTrueCryptMode, "/truecrypt", "/tc", FALSE },
}; };
argumentspec as; argumentspec as;
@ -7125,6 +7195,9 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
Error ("COMMAND_LINE_ERROR", hwndDlg); Error ("COMMAND_LINE_ERROR", hwndDlg);
} }
break; break;
case OptionTrueCryptMode:
CmdVolumeTrueCryptMode = TRUE;
break;
// no option = file name // no option = file name
default: default:
@ -7585,6 +7658,7 @@ BOOL MountFavoriteVolumes (BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMou
MultipleMountOperationInProgress = FALSE; MultipleMountOperationInProgress = FALSE;
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
if (status && CloseSecurityTokenSessionsAfterMount) if (status && CloseSecurityTokenSessionsAfterMount)
SecurityToken::CloseAllSessions(); SecurityToken::CloseAllSessions();
@ -7838,7 +7912,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
while (TRUE) while (TRUE)
{ {
if (!AskVolumePassword (hwndDlg, askPassword, &VolumePkcs5, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE)) if (!AskVolumePassword (hwndDlg, askPassword, &VolumePkcs5, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
{ {
nStatus = ERR_SUCCESS; nStatus = ERR_SUCCESS;
goto ret; goto ret;
@ -7849,7 +7923,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
if (KeyFilesEnable && FirstKeyFile) if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, askPassword, FirstKeyFile); KeyFilesApply (hwndDlg, askPassword, FirstKeyFile);
nStatus = OpenVolume (askVol, lpszVolume, askPassword, VolumePkcs5, FALSE, bPreserveTimestamp, FALSE); nStatus = OpenVolume (askVol, lpszVolume, askPassword, VolumePkcs5, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE);
NormalCursor(); NormalCursor();
@ -8003,6 +8077,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&hiddenVolPassword, sizeof (hiddenVolPassword)); burn (&hiddenVolPassword, sizeof (hiddenVolPassword));
burn (temporaryKey, sizeof (temporaryKey)); burn (temporaryKey, sizeof (temporaryKey));
burn (originalK2, sizeof (originalK2)); burn (originalK2, sizeof (originalK2));
@ -8104,7 +8179,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
while (TRUE) while (TRUE)
{ {
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume); StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, NULL, FALSE)) if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumeTrueCryptMode, NULL, FALSE))
{ {
nStatus = ERR_SUCCESS; nStatus = ERR_SUCCESS;
goto ret; goto ret;
@ -8115,7 +8190,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (KeyFilesEnable && FirstKeyFile) if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile); KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);
nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, TRUE, bPreserveTimestamp, TRUE); nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE);
NormalCursor(); NormalCursor();
@ -8306,7 +8381,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
// Open the header // Open the header
while (TRUE) while (TRUE)
{ {
if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, "ENTER_HEADER_BACKUP_PASSWORD", FALSE)) if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
{ {
nStatus = ERR_SUCCESS; nStatus = ERR_SUCCESS;
goto ret; goto ret;
@ -8322,7 +8397,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (type == TC_VOLUME_TYPE_HIDDEN) if (type == TC_VOLUME_TYPE_HIDDEN)
headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE); headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE);
nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, &restoredCryptoInfo, NULL); nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, &restoredCryptoInfo, NULL);
if (nStatus == ERR_SUCCESS) if (nStatus == ERR_SUCCESS)
break; break;
} }
@ -8427,6 +8502,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
burn (&VolumePassword, sizeof (VolumePassword)); burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5)); burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
RestoreDefaultKeyFilesParam(); RestoreDefaultKeyFilesParam();
RandStop (FALSE); RandStop (FALSE);
NormalCursor(); NormalCursor();

View File

@ -52,6 +52,7 @@ typedef struct
{ {
Password *password; Password *password;
int* pkcs5; int* pkcs5;
BOOL* truecryptMode;
} PasswordDlgParam; } PasswordDlgParam;
extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList; extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList;

View File

@ -103,34 +103,35 @@ BEGIN
CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,154 CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,154
END END
IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 207 IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 330, 207
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Change Password or Keyfiles" CAPTION "Change Password or Keyfiles"
CLASS "CustomDlg" CLASS "CustomDlg"
FONT 8, "MS Shell Dlg", 0, 0, 0x0 FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN BEGIN
EDITTEXT IDC_OLD_PASSWORD,89,14,147,13,ES_PASSWORD | ES_AUTOHSCROLL EDITTEXT IDC_OLD_PASSWORD,89,14,162,13,ES_PASSWORD | ES_AUTOHSCROLL
CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,53,86,10 CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,53,98,10
PUSHBUTTON "Keyfiles...",IDC_KEYFILES,177,51,59,14 PUSHBUTTON "Keyfiles...",IDC_KEYFILES,192,50,59,14
CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,65,138,10,WS_EX_TRANSPARENT CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,65,138,10,WS_EX_TRANSPARENT
EDITTEXT IDC_PASSWORD,89,99,147,13,ES_PASSWORD | ES_AUTOHSCROLL EDITTEXT IDC_PASSWORD,89,99,162,13,ES_PASSWORD | ES_AUTOHSCROLL
EDITTEXT IDC_VERIFY,89,115,147,13,ES_PASSWORD | ES_AUTOHSCROLL EDITTEXT IDC_VERIFY,89,115,162,13,ES_PASSWORD | ES_AUTOHSCROLL
CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,134,86,11 CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,134,99,11
PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,177,132,59,14 PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,192,132,59,14
CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,146,139,11,WS_EX_TRANSPARENT CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,146,160,11,WS_EX_TRANSPARENT
COMBOBOX IDC_PKCS5_PRF_ID,89,161,91,90,CBS_DROPDOWNLIST | WS_TABSTOP COMBOBOX IDC_PKCS5_PRF_ID,89,161,85,90,CBS_DROPDOWNLIST | WS_TABSTOP
DEFPUSHBUTTON "OK",IDOK,251,7,59,14 DEFPUSHBUTTON "OK",IDOK,264,7,59,14
PUSHBUTTON "Cancel",IDCANCEL,251,24,59,14 PUSHBUTTON "Cancel",IDCANCEL,264,24,59,14
RTEXT "Password:",IDT_PASSWORD,12,16,72,8 RTEXT "Password:",IDT_PASSWORD,12,16,72,8
RTEXT "Password:",IDT_NEW_PASSWORD,8,102,76,8 RTEXT "Password:",IDT_NEW_PASSWORD,8,102,76,8
RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,118,75,16 RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,118,75,16
RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,162,74,10,SS_CENTERIMAGE RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,162,74,10,SS_CENTERIMAGE
GROUPBOX "Current",IDT_CURRENT,6,3,238,77 GROUPBOX "Current",IDT_CURRENT,6,3,252,77
GROUPBOX "New",IDT_NEW,6,87,238,113 GROUPBOX "New",IDT_NEW,6,87,252,113
COMBOBOX IDC_WIPE_MODE,89,180,125,90,CBS_DROPDOWNLIST | WS_TABSTOP COMBOBOX IDC_WIPE_MODE,89,180,106,90,CBS_DROPDOWNLIST | WS_TABSTOP
RTEXT "Wipe mode:",IDT_WIPE_MODE,9,182,74,8,0,WS_EX_RIGHT RTEXT "Wipe mode:",IDT_WIPE_MODE,9,182,74,8,0,WS_EX_RIGHT
COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,91,90,CBS_DROPDOWNLIST | WS_TABSTOP COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,85,90,CBS_DROPDOWNLIST | WS_TABSTOP
RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,179,35,78,10
END END
IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271 IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271
@ -163,23 +164,24 @@ BEGIN
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119 CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119
END END
IDD_PASSWORD_DLG DIALOGEX 0, 0, 305, 91 IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 91
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION
CAPTION "Enter VeraCrypt Volume Password" CAPTION "Enter VeraCrypt Volume Password"
FONT 8, "MS Shell Dlg", 0, 0, 0x0 FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN BEGIN
EDITTEXT IDC_PASSWORD,69,8,153,14,ES_PASSWORD | ES_AUTOHSCROLL EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE, CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,50,153,10 "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,50,153,10
CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,63,83,10 CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,63,83,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,11 CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,11
PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,158,72,64,14 PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,72,64,14
PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,229,72,64,14 PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,72,64,14
DEFPUSHBUTTON "OK",IDOK,229,8,64,14 DEFPUSHBUTTON "OK",IDOK,243,8,64,14
PUSHBUTTON "Cancel",IDCANCEL,229,25,64,14 PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14
RTEXT "Password:",IDT_PASSWORD,0,10,65,13 RTEXT "Password:",IDT_PASSWORD,0,10,65,13
COMBOBOX IDC_PKCS5_PRF_ID,69,26,91,90,CBS_DROPDOWNLIST | WS_TABSTOP COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP
RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13 RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10
END END
IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269 IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269
@ -357,7 +359,7 @@ BEGIN
IDD_PASSWORDCHANGE_DLG, DIALOG IDD_PASSWORDCHANGE_DLG, DIALOG
BEGIN BEGIN
LEFTMARGIN, 7 LEFTMARGIN, 7
RIGHTMARGIN, 309 RIGHTMARGIN, 323
TOPMARGIN, 7 TOPMARGIN, 7
BOTTOMMARGIN, 200 BOTTOMMARGIN, 200
END END
@ -370,7 +372,7 @@ BEGIN
IDD_PASSWORD_DLG, DIALOG IDD_PASSWORD_DLG, DIALOG
BEGIN BEGIN
RIGHTMARGIN, 296 RIGHTMARGIN, 313
BOTTOMMARGIN, 86 BOTTOMMARGIN, 86
END END

View File

@ -160,6 +160,7 @@
#define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137 #define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137
#define IDT_NEW_PKCS5_PRF 1138 #define IDT_NEW_PKCS5_PRF 1138
#define IDC_PKCS5_OLD_PRF_ID 1139 #define IDC_PKCS5_OLD_PRF_ID 1139
#define IDC_TRUECRYPT_MODE 1140
#define IDM_HELP 40001 #define IDM_HELP 40001
#define IDM_ABOUT 40002 #define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003 #define IDM_UNMOUNT_VOLUME 40003
@ -232,7 +233,7 @@
#define _APS_NO_MFC 1 #define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 118 #define _APS_NEXT_RESOURCE_VALUE 118
#define _APS_NEXT_COMMAND_VALUE 40065 #define _APS_NEXT_COMMAND_VALUE 40065
#define _APS_NEXT_CONTROL_VALUE 1140 #define _APS_NEXT_CONTROL_VALUE 1141
#define _APS_NEXT_SYMED_VALUE 101 #define _APS_NEXT_SYMED_VALUE 101
#endif #endif
#endif #endif

View File

@ -7,7 +7,7 @@
*/ */
#define TC_MAIN_COM_VERSION_MAJOR 2 #define TC_MAIN_COM_VERSION_MAJOR 2
#define TC_MAIN_COM_VERSION_MINOR 5 #define TC_MAIN_COM_VERSION_MINOR 6
#define TC_FORMAT_COM_VERSION_MAJOR 2 #define TC_FORMAT_COM_VERSION_MAJOR 2
#define TC_FORMAT_COM_VERSION_MINOR 4 #define TC_FORMAT_COM_VERSION_MINOR 4