Windows: Add a dedicate page for volume PIM in the volume creation wizard

2024-11-10 13:13:34 +01:00 · 2015-06-21 19:46:21 +02:00 · 2015-06-21 19:46:21 +02:00 · f927ce9b58
commit f927ce9b58
parent 5d9d49e989
7 changed files with 125 additions and 35 deletions
--- a/src/Common/Language.xml
+++ b/src/Common/Language.xml
@ -584,6 +584,7 @@
    <string lang="en" key="OVERWRITEPROMPT_DEVICE_SECOND_WARNING_LOTS_OF_DATA">WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)!</string>
    <string lang="en" key="ERASE_FILES_BY_CREATING_VOLUME">Erase any files stored on the partition by creating a VeraCrypt volume within it</string>
    <string lang="en" key="PASSWORD">Password</string>
    <string lang="en" key="PIM">PIM</string>
    <string lang="en" key="IDD_PCDM_CHANGE_PKCS5_PRF">Set Header Key Derivation Algorithm</string>
    <string lang="en" key="IDD_PCDM_ADD_REMOVE_VOL_KEYFILES">Add/Remove Keyfiles to/from Volume</string>
    <string lang="en" key="IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL">Remove All Keyfiles from Volume</string>
@ -618,9 +619,15 @@
    <string lang="en" key="PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT">Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found.</string>
    <string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
    <string lang="en" key="PIM_CHANGE_WARNING">Remember Number to Mount Volume</string>
    <string lang="en" key="PIM_HIDVOL_HOST_TITLE">Outer Volume PIM</string>
    <string lang="en" key="PIM_HIDVOL_TITLE">Hidden Volume PIM</string>
    <string lang="en" key="PIM_HIDDEN_OS_TITLE">PIM for Hidden Operating System</string>
    <string lang="en" key="PIM_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n      Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\nA small PIM value will lead to a quicker mount but it can reduce security if the password is not strong enough.</string>
    <string lang="en" key="PIM_SYSENC_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n      Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\nA small PIM value will lead to a quicker boot but it can reduce security if the password is not strong enough.</string>
    <string lang="en" key="PIM_SYSENC_CHANGE_WARNING">Remember Number to Boot System</string>
    <string lang="en" key="PIM_SMALL_WARNING">You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password?</string>
    <string lang="en" key="PIM_SYSENC_TOO_BIG">Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535.</string>
    <string lang="en" key="PIM_TITLE">Volume PIM</string>
    <string lang="en" key="HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH">\n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View).</string>
    <string lang="en" key="HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT">If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available.</string>
    <string lang="en" key="FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC">VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software).</string>
--- a/src/Common/Password.c
+++ b/src/Common/Password.c
@ -107,10 +107,10 @@ BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw)
 }
-BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem, int pin, BOOL bForBoot)
+BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pin, BOOL bForBoot, BOOL bSkipPasswordWarning)
 {
 	BOOL bCustomPinSmall = ((pin != 0) && (pin < (bForBoot? 98 : 485)))? TRUE : FALSE;
-	if (GetWindowTextLength (hwndItem) < PASSWORD_LEN_WARNING)
+	if (passwordLength < PASSWORD_LEN_WARNING)
 	{
 		if (bCustomPinSmall)
 		{
@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem, int pin, BOOL bForBoot)
 		}
 #ifndef _DEBUG
-		if (MessageBoxW (hwndDlg, GetString ("PASSWORD_LENGTH_WARNING"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2) != IDYES)
+		if (!bSkipPasswordWarning && (MessageBoxW (hwndDlg, GetString ("PASSWORD_LENGTH_WARNING"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2) != IDYES))
 			return FALSE;
 #endif
 	}
--- a/src/Common/Password.h
+++ b/src/Common/Password.h
@ -36,7 +36,7 @@ typedef struct
 #if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)
 void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
-BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem, int pin, BOOL bForBoot);		
+BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pin, BOOL bForBoot, BOOL bSkipPasswordWarning);		
 BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);			
 int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, HWND hwndDlg);
--- a/src/Format/Format.rc
+++ b/src/Format/Format.rc
@ -116,15 +116,12 @@ FONT 8, "MS Shell Dlg", 0, 0, 0x0
 BEGIN
    EDITTEXT        IDC_PASSWORD,53,3,163,14,ES_PASSWORD | ES_AUTOHSCROLL
    EDITTEXT        IDC_VERIFY,53,19,163,14,ES_PASSWORD | ES_AUTOHSCROLL
-    EDITTEXT        IDC_PIM,53,35,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
+    CONTROL         "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,45,95,11,WS_EX_TRANSPARENT
-    CONTROL         "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,65,95,11,WS_EX_TRANSPARENT
+    CONTROL         "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,35,95,10
-    CONTROL         "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,53,55,95,10
+    PUSHBUTTON      "&Keyfiles...",IDC_KEY_FILES,152,36,64,14,WS_DISABLED
    PUSHBUTTON      "&Keyfiles...",IDC_KEY_FILES,152,56,64,14,WS_DISABLED
    RTEXT           "Password:",IDT_PASSWORD,1,6,50,8
    RTEXT           "&Confirm:",IDT_CONFIRM,1,23,50,8
    LTEXT           "",IDC_BOX_HELP,0,79,225,89
    RTEXT           "Volume PIM:",IDT_PIM,1,38,50,8
    LTEXT           "(Empty or 0 for default iterations)",IDC_PIM_HELP,97,38,126,8
 END
 IDD_SIZE_PAGE_DLG DIALOGEX 0, 0, 226, 172
@ -434,6 +431,16 @@ BEGIN
    RTEXT           "Drive letter:",IDT_DRIVE_LETTER,5,17,86,8
 END
 IDD_PIM_PAGE_DLG DIALOGEX 0, 0, 226, 172
 STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD
 FONT 8, "MS Shell Dlg", 0, 0, 0x0
 BEGIN
    EDITTEXT        IDC_PIM,53,8,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
    LTEXT           "",IDC_BOX_HELP,0,33,225,110
    RTEXT           "Volume PIM:",IDT_PIM,1,11,50,8
    LTEXT           "(Empty or 0 for default iterations)",IDC_PIM_HELP,97,11,126,8
 END
 #ifdef APSTUDIO_INVOKED
 /////////////////////////////////////////////////////////////////////////////
@ -685,6 +692,12 @@ BEGIN
        TOPMARGIN, 7
        BOTTOMMARGIN, 165
    END
    IDD_PIM_PAGE_DLG, DIALOG
    BEGIN
        RIGHTMARGIN, 223
        BOTTOMMARGIN, 143
    END
 END
 #endif    // APSTUDIO_INVOKED
--- a/src/Format/Resource.h
+++ b/src/Format/Resource.h
@ -35,6 +35,7 @@
 #define IDD_DEVICE_TRANSFORM_MODE_DLG   130
 #define IDD_EXPANDED_LIST_SELECT_PAGE_DLG 131
 #define IDD_DRIVE_LETTER_SELECTION_PAGE 132
 #define IDD_PIM_PAGE_DLG                133
 #define IDC_BOX_TITLE                   1000
 #define IDC_RESCUE_DISK_ISO_PATH        1001
 #define IDC_COMBO_BOX                   1002
@ -146,7 +147,7 @@
 #ifdef APSTUDIO_INVOKED
 #ifndef APSTUDIO_READONLY_SYMBOLS
 #define _APS_NO_MFC                     1
-#define _APS_NEXT_RESOURCE_VALUE        133
+#define _APS_NEXT_RESOURCE_VALUE        134
 #define _APS_NEXT_COMMAND_VALUE         40001
 #define _APS_NEXT_CONTROL_VALUE         1105
 #define _APS_NEXT_SYMED_VALUE           101
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@ -80,6 +80,7 @@ enum wizard_pages
 	SIZE_PAGE,
 				HIDDEN_VOL_HOST_PASSWORD_PAGE,
 	PASSWORD_PAGE,
 	PIM_PAGE,
 		FILESYS_PAGE,
 			SYSENC_COLLECTING_RANDOM_DATA_PAGE,
 			SYSENC_KEYS_GEN_PAGE,
@ -2899,6 +2900,10 @@ static void LoadPage (HWND hwndDlg, int nPageNo)
 		hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PASSWORD_PAGE_DLG), hwndDlg,
 					 (DLGPROC) PageDialogProc);
 		break;
 	case PIM_PAGE:
 		hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_PIM_PAGE_DLG), hwndDlg,
 					 (DLGPROC) PageDialogProc);
 		break;
 	case FILESYS_PAGE:
 		hCurPage = CreateDialogW (hInst, MAKEINTRESOURCEW (IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG), hwndDlg,
 					 (DLGPROC) PageDialogProc);
@ -4152,17 +4157,6 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD));
 				SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, SysEncInEffect()? MAX_BOOT_PIM: MAX_PIM, 0);
 				if (volumePin > 0)
 				{
 					char szTmp[MAX_PIM + 1];
 					StringCbPrintfA(szTmp, sizeof(szTmp), "%d", volumePin);
 					SetWindowText (GetDlgItem (hwndDlg, IDC_PIM), szTmp);
 					PinValueChangedWarning = TRUE;
 					SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING"));
 				}
 				SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect());
 				EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable);
@ -4193,6 +4187,40 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			}
 			break;
 		case PIM_PAGE:
 			{
 				SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, SysEncInEffect()? MAX_BOOT_PIM: MAX_PIM, 0);
 				if (volumePin > 0)
 				{
 					char szTmp[MAX_PIM + 1];
 					StringCbPrintfA(szTmp, sizeof(szTmp), "%d", volumePin);
 					SetWindowText (GetDlgItem (hwndDlg, IDC_PIM), szTmp);
 					PinValueChangedWarning = TRUE;
 					SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING"));
 				}
 				SetFocus (GetDlgItem (hwndDlg, IDC_PIM));
 				SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect ()? "PIM_SYSENC_HELP" : "PIM_HELP"));
 				if (CreatingHiddenSysVol())
 					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM_HIDDEN_OS_TITLE"));
 				else if (bHiddenVol)
 					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PIM_HIDVOL_HOST_TITLE" : "PIM_HIDVOL_TITLE"));
 				else if (WizardMode == WIZARD_MODE_SYS_DEVICE)
 					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM"));
 				else
 					SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PIM_TITLE"));
 				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));
 				SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));
 				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);
 				EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);
 			}
 			break;
 		case FILESYS_PAGE:
 			{
 				wchar_t szTmp[8192];
@ -5331,6 +5359,25 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 			return 1;
 		}
 		if (hw == EN_CHANGE && nCurPageNo == PIM_PAGE)
 		{
 			if (lw == IDC_PIM)
 			{
 				if(GetPin (hwndDlg, IDC_PIM) != 0)
 				{
 					PinValueChangedWarning = TRUE;
 					SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, GetString (SysEncInEffect ()? "PIM_SYSENC_CHANGE_WARNING" : "PIM_CHANGE_WARNING"));
 				}
 				else
 				{
 					PinValueChangedWarning = FALSE;
 					SetDlgItemTextW (hwndDlg, IDC_PIM_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIM_HELP));
 				}
 			}
 			return 1;
 		}
 		if (lw == IDC_SHOW_PASSWORD && nCurPageNo == PASSWORD_PAGE)
 		{
 			SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD),
@ -6995,8 +7042,6 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
 				volumePin = GetPin (hCurPage, IDC_PIM);
 				if (volumePassword.Length > 0)
 				{	
 					// Password character encoding
@ -7005,14 +7050,8 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg);
 						return 1;
 					}
 					else if (SysEncInEffect() && (volumePin > MAX_BOOT_PIM_VALUE))
 					{
 						SetFocus (GetDlgItem(hCurPage, IDC_PIM));
 						Error ("PIM_SYSENC_TOO_BIG", hwndDlg);
 						return 1;
 					}
 					// Check password length (check also done for outer volume which is not the case in TrueCrypt).
-					else if (!CheckPasswordLength (hwndDlg, GetDlgItem (hCurPage, IDC_PASSWORD), volumePin, SysEncInEffect()))
+					else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), FALSE))
 					{
 						return 1;
 					}
@ -7050,6 +7089,32 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 							bKeyboardLayoutChanged = FALSE;
 					}
 				}
 			}
 			else if (nCurPageNo == PIM_PAGE)
 			{
 				volumePin = GetPin (hCurPage, IDC_PIM);
 				if (volumePassword.Length > 0)
 				{	
 					// Password character encoding
 					if (SysEncInEffect() && (volumePin > MAX_BOOT_PIM_VALUE))
 					{
 						SetFocus (GetDlgItem(hCurPage, IDC_PIM));
 						Error ("PIM_SYSENC_TOO_BIG", hwndDlg);
 						return 1;
 					}
 					// Check password length (check also done for outer volume which is not the case in TrueCrypt).
 					else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePin, SysEncInEffect(), TRUE))
 					{
 						return 1;
 					}
 				}
 				if (SysEncInEffect ()) 
 				{
 					nNewPageNo = SYSENC_COLLECTING_RANDOM_DATA_PAGE - 1;	// Skip irrelevant pages
 				}
@ -8160,7 +8225,6 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
 				volumePin = GetPin (hCurPage, IDC_PIM);
 				nNewPageNo = SIZE_PAGE + 1;		// Skip the hidden volume host password page
@ -8183,6 +8247,11 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 					nNewPageNo = CIPHER_PAGE + 1;
 			}
 			else if (nCurPageNo == PIM_PAGE)
 			{
 				volumePin = GetPin (hCurPage, IDC_PIM);
 			}
 			else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE
 				|| nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE)
 			{
@ -8208,7 +8277,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 				tmp [sizeof(tmp)-1] = 0;
 				SetWindowText (hRandPoolSys, tmp);
-				nNewPageNo = PASSWORD_PAGE + 1;		// Skip irrelevant pages
+				nNewPageNo = PIM_PAGE + 1;		// Skip irrelevant pages
 			}
 			else if (nCurPageNo == SYSENC_KEYS_GEN_PAGE)
@ -8252,7 +8321,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						nNewPageNo = FILESYS_PAGE + 1;
 					}
 					else
-						nNewPageNo = PASSWORD_PAGE + 1;		
+						nNewPageNo = PIM_PAGE + 1;		
 				}
 			}
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@ -2288,7 +2288,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
 			else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL)
 				&& pwdChangeDlgMode == PCDM_CHANGE_PASSWORD)
 			{
-				if (!CheckPasswordLength (hwndDlg, GetDlgItem (hwndDlg, IDC_PASSWORD), pin, bSysEncPwdChangeDlgMode))
+				if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pin, bSysEncPwdChangeDlgMode, FALSE))
 					return 1;
 			}