nihilist/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt synced 2024-09-20 04:46:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Windows: Remove TrueCrypt support. Increment version to 1.26.4.

Browse Source
This commit is contained in:
Mounir IDRASSI 2023-07-22 10:25:22 +02:00
parent 34b00fa825
commit fa6359d424
No known key found for this signature in database
GPG Key ID: 02C30AE90FAE4A6F
46 changed files with 167 additions and 533 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/COMReg/COMReg.rc
View File

@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -45,11 +45,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt COMReg"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCrypt COMReg.exe"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

7
src/Common/Apidrvr.h
View File

@ -129,10 +129,6 @@
#define VC_IOCTL_ENCRYPTION_QUEUE_PARAMS TC_IOCTL (43)
// Legacy IOCTLs used before version 5.0
#define TC_IOCTL_LEGACY_GET_DRIVER_VERSION 466968
#define TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES 466948
// Undocumented IOCTL sent by Windows 10 when handling EFS data on volumes
#define IOCTL_UNKNOWN_WINDOWS10_EFS_ACCESS 0x455610D8
@ -170,7 +166,6 @@ typedef struct
BOOL RecoveryMode;
int pkcs5_prf;
int ProtectedHidVolPkcs5Prf;
BOOL bTrueCryptMode;
uint32 BytesPerPhysicalSector;
int VolumePim;
int ProtectedHidVolPim;
@ -200,7 +195,7 @@ typedef struct
unsigned __int64 diskLength[26];
int ea[26];
int volumeType[26]; /* Volume type (e.g. PROP_VOL_TYPE_OUTER, PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED, etc.) */
BOOL truecryptMode[26];
BOOL reserved[26]; /* needed to keep the same size for the structure so that installer of new version can communicate with installed old version */
} MOUNT_LIST_STRUCT;
typedef struct

4
src/Common/BootEncryption.cpp
View File

@ -4372,7 +4372,7 @@ namespace VeraCrypt
// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)
memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));
if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, FALSE, NULL, cryptoInfo))
if (0 != ReadVolumeHeader (TRUE, (char *) RescueVolumeHeader, password, pkcs5, pim, NULL, cryptoInfo))
throw ParameterIncorrect (SRC_POS);
DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
@ -5411,7 +5411,7 @@ namespace VeraCrypt
PCRYPTO_INFO cryptoInfo = NULL;
int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, FALSE, &cryptoInfo, NULL);
int status = ReadVolumeHeader (!encStatus.HiddenSystem, header, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);
finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });
if (status != 0)

10
src/Common/Cache.c
View File

@ -43,7 +43,7 @@ void VcUnprotectPassword (Password* pPassword, uint64 encID)
#endif
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo)
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo)
{
int nReturnCode = ERR_PASSWORD_WRONG;
int i, effectivePim;
@ -51,7 +51,7 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *heade
/* Attempt to recognize volume using mount password */
if (password->Length > 0)
{
nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, pim, truecryptMode, retInfo, NULL);
nReturnCode = ReadVolumeHeader (bBoot, header, password, pkcs5_prf, pim, retInfo, NULL);
/* Save mount passwords back into cache if asked to do so */
if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))
@ -124,13 +124,11 @@ int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim, char *heade
#endif
if ((pCurrentPassword->Length > 0) && (pCurrentPassword->Length <= (unsigned int) ((bBoot? MAX_LEGACY_PASSWORD: MAX_PASSWORD))))
{
if (truecryptMode)
effectivePim = 0;
else if (pim == -1)
if (pim == -1)
effectivePim = CachedPim[i];
else
effectivePim = pim;
nReturnCode = ReadVolumeHeader (bBoot, header, pCurrentPassword, pkcs5_prf, effectivePim, truecryptMode, retInfo, NULL);
nReturnCode = ReadVolumeHeader (bBoot, header, pCurrentPassword, pkcs5_prf, effectivePim, retInfo, NULL);
if (nReturnCode != ERR_PASSWORD_WRONG)
break;

2
src/Common/Cache.h
View File

@ -22,5 +22,5 @@ extern int cacheEmpty;
void AddPasswordToCache (Password *password, int pim, BOOL bCachePim);
void AddLegacyPasswordToCache (PasswordLegacy *password, int pim);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo);
int ReadVolumeHeaderWCache (BOOL bBoot, BOOL bCache, BOOL bCachePim,char *header, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo);
void WipeCache (void);

1
src/Common/Crypto.h
View File

@ -257,7 +257,6 @@ typedef struct CRYPTO_INFO_t
#endif
int noIterations;
BOOL bTrueCryptMode;
int volumePim;
BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting

39
src/Common/Dlgcode.c
View File

@ -5209,7 +5209,6 @@ static int DriverLoad ()
BOOL DriverUnload ()
{
MOUNT_LIST_STRUCT driver;
int refCount;
int volumesMounted;
DWORD dwResult;
@ -5234,13 +5233,6 @@ BOOL DriverUnload ()
// Test for mounted volumes
bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL);
if (!bResult)
{
bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL);
if (bResult)
volumesMounted = driver.ulMountedDrives;
}
if (bResult)
{
if (volumesMounted != 0)
@ -5407,9 +5399,6 @@ int DriverAttach (void)
BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL);
if (!bResult)
bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &DriverVersion, sizeof (DriverVersion), &dwResult, NULL);
#ifndef SETUP // Don't check version during setup to allow removal of another version
if (bResult == FALSE)
{
@ -6506,27 +6495,27 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
case SHA512:
/* PKCS-5 test with HMAC-SHA-512 used as the PRF */
derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case SHA256:
/* PKCS-5 test with HMAC-SHA-256 used as the PRF */
derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case BLAKE2S:
/* PKCS-5 test with HMAC-BLAKE2s used as the PRF */
derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case WHIRLPOOL:
/* PKCS-5 test with HMAC-Whirlpool used as the PRF */
derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
case STREEBOG:
/* PKCS-5 test with HMAC-STREEBOG used as the PRF */
derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE);
break;
}
}
@ -6536,7 +6525,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg)
benchmarkTable[benchmarkTotalItems].encSpeed = performanceCountEnd.QuadPart - performanceCountStart.QuadPart;
benchmarkTable[benchmarkTotalItems].id = thid;
benchmarkTable[benchmarkTotalItems].decSpeed = get_pkcs5_iteration_count(thid, benchmarkPim, FALSE, benchmarkPreBoot);
benchmarkTable[benchmarkTotalItems].decSpeed = get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot);
benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (unsigned __int64) (1000 * ((float) benchmarkTable[benchmarkTotalItems].encSpeed / benchmarkPerformanceFrequency.QuadPart / 2));
if (benchmarkPreBoot)
{
@ -8234,15 +8223,6 @@ BOOL CheckFileExtension (wchar_t *fileName)
return FALSE;
}
BOOL IsTrueCryptFileExtension (wchar_t *fileName)
{
wchar_t *ext = wcsrchr (fileName, L'.');
if (ext && !_wcsicmp (ext, L".tc"))
return TRUE;
else
return FALSE;
}
void CorrectFileName (wchar_t* fileName)
{
/* replace '/' by '\' */
@ -8886,7 +8866,6 @@ int MountVolume (HWND hwndDlg,
Password *password,
int pkcs5,
int pim,
BOOL truecryptMode,
BOOL cachePassword,
BOOL cachePim,
BOOL sharedAccess,
@ -8967,7 +8946,6 @@ int MountVolume (HWND hwndDlg,
else
mount.bMountManager = TRUE;
mount.pkcs5_prf = pkcs5;
mount.bTrueCryptMode = truecryptMode;
mount.VolumePim = pim;
wstring path = volumePath;
@ -9122,7 +9100,6 @@ int MountVolume (HWND hwndDlg,
burn (&mount.VolumePassword, sizeof (mount.VolumePassword));
burn (&mount.ProtectedHidVolPassword, sizeof (mount.ProtectedHidVolPassword));
burn (&mount.pkcs5_prf, sizeof (mount.pkcs5_prf));
burn (&mount.bTrueCryptMode, sizeof (mount.bTrueCryptMode));
burn (&mount.ProtectedHidVolPkcs5Prf, sizeof (mount.ProtectedHidVolPkcs5Prf));
SetLastError (dwLastError);
@ -11701,7 +11678,7 @@ void ReportUnexpectedState (const char *techInfo)
#ifndef SETUP
int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader)
{
int status = ERR_PARAMETER_INCORRECT;
int volumeType;
@ -11876,7 +11853,7 @@ int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password
}
// Decrypt volume header
status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, truecryptMode, &context->CryptoInfo, NULL);
status = ReadVolumeHeader (FALSE, buffer, password, pkcs5_prf, pim, &context->CryptoInfo, NULL);
if (status == ERR_PASSWORD_WRONG)
continue; // Try next volume type

5
src/Common/Dlgcode.h
View File

@ -385,7 +385,6 @@ BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo);
BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue);
BOOL CheckCapsLock (HWND hwnd, BOOL quiet);
BOOL CheckFileExtension (wchar_t *fileName);
BOOL IsTrueCryptFileExtension (wchar_t *fileName);
void CorrectFileName (wchar_t* fileName);
void CorrectURL (wchar_t* fileName);
void IncreaseWrongPwdRetryCount (int count);
@ -398,7 +397,7 @@ BOOL IsDriveAvailable (int driveNo);
BOOL IsDeviceMounted (wchar_t *deviceName);
int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);
void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);
int MountVolume (HWND hwndDlg, int driveNo, wchar_t *volumePath, Password *password, int pkcs5, int pim, BOOL truecryptMode, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
int MountVolume (HWND hwndDlg, int driveNo, wchar_t *volumePath, Password *password, int pkcs5, int pim, BOOL cachePassword, BOOL cachePim, BOOL sharedAccess, const MountOptions* const mountOptions, BOOL quiet, BOOL bReportWrongPassword);
BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);
BOOL UnmountVolumeAfterFormatExCall (HWND hwndDlg, int nDosDriveNo);
BOOL IsPasswordCacheEmpty (void);
@ -534,7 +533,7 @@ void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT h
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
BOOL GetSysDevicePaths (HWND hwndDlg);
BOOL DoDriverInstall (HWND hwndDlg);
int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password *password, int pkcs5_prf, int pim, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode);
BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);

2
src/Common/Format.c
View File

@ -787,7 +787,7 @@ int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, Silent, TRUE) < 1)
if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, volParams->pkcs5, volParams->pim, FALSE, FALSE, TRUE, &mountOptions, Silent, TRUE) < 1)
{
if (!Silent)
{

10
src/Common/Password.c
View File

@ -168,7 +168,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim
return TRUE;
}
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
{
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@ -191,7 +191,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
if (oldPassword->Length == 0 || newPassword->Length == 0) return -1;
if ((wipePassCount <= 0) || (truecryptMode && (old_pkcs5 == SHA256)))
if (wipePassCount <= 0)
{
nStatus = ERR_PARAMETER_INCORRECT;
handleError (hwndDlg, nStatus, SRC_POS);
@ -367,7 +367,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
/* Try to decrypt the header */
nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, truecryptMode, &cryptoInfo, NULL);
nStatus = ReadVolumeHeader (FALSE, buffer, oldPassword, old_pkcs5, old_pim, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here
@ -440,7 +440,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
(volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0,
cryptoInfo->EncryptedAreaStart.Value,
cryptoInfo->EncryptedAreaLength.Value,
truecryptMode? 0 : cryptoInfo->RequiredProgramVersion,
cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags,
cryptoInfo->SectorSize,
wipePass < wipePassCount - 1);
@ -494,7 +494,7 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5,
cryptoInfo->VolumeSize.Value,
cryptoInfo->EncryptedAreaStart.Value,
cryptoInfo->EncryptedAreaLength.Value,
truecryptMode? 0 : cryptoInfo->RequiredProgramVersion,
cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags,
cryptoInfo->SectorSize,
wipePass < wipePassCount - 1);

2
src/Common/Password.h
View File

@ -58,7 +58,7 @@ typedef struct
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)

40
src/Common/Pkcs5.c
View File

@ -1278,10 +1278,9 @@ wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id)
int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot)
int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot)
{
if ( (pim < 0)
|| (truecryptMode && pim > 0) /* No PIM for TrueCrypt mode */
)
{
return 0;
@ -1291,9 +1290,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
{
case BLAKE2S:
if (truecryptMode)
return 0; // BLAKE2s not supported by TrueCrypt
else if (pim == 0)
if (pim == 0)
return bBoot? 200000 : 500000;
else
{
@ -1301,15 +1298,13 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
}
case SHA512:
return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000);
return ((pim == 0)? 500000 : 15000 + pim * 1000);
case WHIRLPOOL:
return truecryptMode? 1000 : ((pim == 0)? 500000 : 15000 + pim * 1000);
return ((pim == 0)? 500000 : 15000 + pim * 1000);
case SHA256:
if (truecryptMode)
return 0; // SHA-256 not supported by TrueCrypt
else if (pim == 0)
if (pim == 0)
return bBoot? 200000 : 500000;
else
{
@ -1317,9 +1312,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
}
case STREEBOG:
if (truecryptMode)
return 1000;
else if (pim == 0)
if (pim == 0)
return bBoot? 200000 : 500000;
else
{
@ -1334,26 +1327,15 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BO
#endif
}
int is_pkcs5_prf_supported (int pkcs5_prf_id, BOOL truecryptMode, PRF_BOOT_TYPE bootType)
int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType)
{
if (pkcs5_prf_id == 0) // auto-detection always supported
return 1;
if (truecryptMode)
{
if ( (bootType == PRF_BOOT_GPT)
|| (bootType == PRF_BOOT_MBR)
|| (bootType == PRF_BOOT_NO && pkcs5_prf_id != SHA512 && pkcs5_prf_id != WHIRLPOOL)
)
return 0;
}
else
{
if ( (bootType == PRF_BOOT_MBR && pkcs5_prf_id != BLAKE2S && pkcs5_prf_id != SHA256)
|| (bootType != PRF_BOOT_MBR && (pkcs5_prf_id < FIRST_PRF_ID || pkcs5_prf_id > LAST_PRF_ID))
)
return 0;
}
if ( (bootType == PRF_BOOT_MBR && pkcs5_prf_id != BLAKE2S && pkcs5_prf_id != SHA256)
|| (bootType != PRF_BOOT_MBR && (pkcs5_prf_id < FIRST_PRF_ID || pkcs5_prf_id > LAST_PRF_ID))
)
return 0;
return 1;

4
src/Common/Pkcs5.h
View File

@ -40,7 +40,7 @@ void derive_key_whirlpool (char *pwd, int pwd_len, char *salt, int salt_len, uin
void hmac_streebog (char *k, int32 lk, char *d, int32 ld);
void derive_key_streebog (char *pwd, int pwd_len, char *salt, int salt_len, uint32 iterations, char *dk, int dklen);
int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL truecryptMode, BOOL bBoot);
int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot);
wchar_t *get_pkcs5_prf_name (int pkcs5_prf_id);
/* check if given PRF supported.*/
@ -51,7 +51,7 @@ typedef enum
PRF_BOOT_GPT
} PRF_BOOT_TYPE;
int is_pkcs5_prf_supported (int pkcs5_prf_id, BOOL truecryptMode, PRF_BOOT_TYPE bootType);
int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType);
#endif
#if defined(__cplusplus)

4
src/Common/Tcdefs.h
View File

@ -59,7 +59,7 @@ extern unsigned short _rotl16(unsigned short value, unsigned char shift);
#define TC_APP_NAME "VeraCrypt"
// Version displayed to user
#define VERSION_STRING "1.26.3"
#define VERSION_STRING "1.26.4"
#ifdef VC_EFI_CUSTOM_MODE
#define VERSION_STRING_SUFFIX "-CustomEFI"
@ -73,7 +73,7 @@ extern unsigned short _rotl16(unsigned short value, unsigned char shift);
#define VERSION_NUM 0x0126
// Release date
#define TC_STR_RELEASE_DATE L"July 2, 2023"
#define TC_STR_RELEASE_DATE L"July 23, 2023"
#define TC_RELEASE_DATE_YEAR 2023
#define TC_RELEASE_DATE_MONTH 07

44
src/Common/Volumes.c
View File

@ -169,7 +169,7 @@ typedef struct
BOOL ReadVolumeHeaderRecoveryMode = FALSE;
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int selected_pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo)
{
char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
unsigned char* keyInfoBuffer = NULL;
@ -210,14 +210,6 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (pim < 0)
pim = 0;
if (truecryptMode)
{
// SHA-256 not supported in TrueCrypt mode
if (selected_pkcs5_prf == SHA256)
return ERR_PARAMETER_INCORRECT;
pkcs5PrfCount--; // don't count SHA-256 in case of TrueCrypt mode
}
if (retHeaderCryptoInfo != NULL)
{
cryptoInfo = retHeaderCryptoInfo;
@ -315,9 +307,6 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (selected_pkcs5_prf != 0 && enqPkcs5Prf != selected_pkcs5_prf)
continue;
// skip SHA-256 in case of TrueCrypt mode
if (truecryptMode && (enqPkcs5Prf == SHA256))
continue;
#if !defined(_UEFI)
if ((selected_pkcs5_prf == 0) && (encryptionThreadCount > 1))
{
@ -335,7 +324,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
EncryptionThreadPoolBeginKeyDerivation (keyDerivationCompletedEvent, noOutstandingWorkItemEvent,
&item->KeyReady, outstandingWorkItemCount, enqPkcs5Prf, keyInfo->userKey,
keyInfo->keyLength, keyInfo->salt, get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot), item->DerivedKey);
keyInfo->keyLength, keyInfo->salt, get_pkcs5_iteration_count (enqPkcs5Prf, pim, bBoot), item->DerivedKey);
++queuedWorkItems;
break;
@ -357,7 +346,7 @@ int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int
if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)
{
pkcs5_prf = item->Pkcs5Prf;
keyInfo->noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, truecryptMode, bBoot);
keyInfo->noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, bBoot);
memcpy (dk, item->DerivedKey, sizeof (dk));
item->Free = TRUE;
@ -376,7 +365,7 @@ KeyReady: ;
#endif // !defined(_UEFI)
{
pkcs5_prf = enqPkcs5Prf;
keyInfo->noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, truecryptMode, bBoot);
keyInfo->noIterations = get_pkcs5_iteration_count (enqPkcs5Prf, pim, bBoot);
switch (pkcs5_prf)
{
@ -465,10 +454,8 @@ KeyReady: ;
DecryptBuffer (header + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);
// Magic 'VERA' or 'TRUE' depending if we are in TrueCrypt mode or not
if ((truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x54525545)
|| (!truecryptMode && GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241)
)
// Magic 'VERA'
if (GetHeaderField32 (header, TC_HEADER_OFFSET_MAGIC) != 0x56455241)
continue;
// Header version
@ -488,17 +475,7 @@ KeyReady: ;
// Required program version
cryptoInfo->RequiredProgramVersion = GetHeaderField16 (header, TC_HEADER_OFFSET_REQUIRED_VERSION);
if (truecryptMode)
{
if (cryptoInfo->RequiredProgramVersion < 0x600 || cryptoInfo->RequiredProgramVersion > 0x71a)
{
status = ERR_UNSUPPORTED_TRUECRYPT_FORMAT | (((int)cryptoInfo->RequiredProgramVersion) << 16);
goto err;
}
cryptoInfo->LegacyVolume = FALSE;
}
else
cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b;
cryptoInfo->LegacyVolume = cryptoInfo->RequiredProgramVersion < 0x10b;
// Check CRC of the key set
if (!ReadVolumeHeaderRecoveryMode
@ -508,7 +485,7 @@ KeyReady: ;
// Now we have the correct password, cipher, hash algorithm, and volume type
// Check the version required to handle this volume
if (!truecryptMode && (cryptoInfo->RequiredProgramVersion > VERSION_NUM))
if (cryptoInfo->RequiredProgramVersion > VERSION_NUM)
{
status = ERR_NEW_VERSION_REQUIRED;
goto err;
@ -560,7 +537,6 @@ KeyReady: ;
{
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo->noIterations;
cryptoInfo->bTrueCryptMode = truecryptMode;
cryptoInfo->volumePim = pim;
goto ret;
}
@ -602,7 +578,6 @@ KeyReady: ;
// PKCS #5
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo->noIterations;
cryptoInfo->bTrueCryptMode = truecryptMode;
cryptoInfo->volumePim = pim;
// Init the cipher with the decrypted master key
@ -946,7 +921,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
{
memcpy (keyInfo.userKey, password->Text, nUserKeyLen);
keyInfo.keyLength = nUserKeyLen;
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, FALSE, bBoot);
keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pim, bBoot);
}
else
{
@ -959,7 +934,6 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
// User selected PRF
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->bTrueCryptMode = FALSE;
cryptoInfo->noIterations = keyInfo.noIterations;
cryptoInfo->volumePim = pim;

4
src/Common/Volumes.h
View File

@ -135,11 +135,11 @@ UINT64_STRUCT GetHeaderField64 (byte *header, int offset);
#if defined(TC_WINDOWS_BOOT)
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#elif defined(_UEFI)
int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int ReadVolumeHeader(BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int CreateVolumeHeaderInMemory(BOOL bBoot, char *encryptedHeader, int ea, int mode, Password *password, int pkcs5_prf, int pim, char *masterKeydata, PCRYPTO_INFO *retInfo, unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize, unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode);
BOOL RandgetBytes(unsigned char *buf, int len, BOOL forceSlowPoll);
#else
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, BOOL truecryptMode, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
int ReadVolumeHeader (BOOL bBoot, char *encryptedHeader, Password *password, int pkcs5_prf, int pim, PCRYPTO_INFO *retInfo, CRYPTO_INFO *retHeaderCryptoInfo);
#if defined(_WIN32) && !defined(_UEFI)
void ComputeBootloaderFingerprint (byte *bootLoaderBuf, unsigned int bootLoaderSize, byte* fingerprint);
#endif

4
src/Driver/DriveFilter.c
View File

@ -520,7 +520,7 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
pim = (int) (BootArgs.Flags >> 16);
if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, FALSE, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
if (ReadVolumeHeader (!hiddenVolume, header, password, pkcs5_prf, pim, &Extension->Queue.CryptoInfo, Extension->HeaderCryptoInfo) == 0)
{
// Header decrypted
status = STATUS_SUCCESS;
@ -1193,7 +1193,7 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp)
}
#endif
if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pim, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{
Dump ("Header reopened\n");
#ifdef _WIN64

4
src/Driver/Driver.rc
View File

@ -27,8 +27,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,0,0
PRODUCTVERSION 1,26,0,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L

20
src/Driver/Ntdriver.c
View File

@ -1941,7 +1941,7 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
switch (irpSp->Parameters.DeviceIoControl.IoControlCode)
{
case TC_IOCTL_GET_DRIVER_VERSION:
case TC_IOCTL_LEGACY_GET_DRIVER_VERSION:
if (ValidateIOBufferSize (Irp, sizeof (LONG), ValidateOutput))
{
LONG tmp = VERSION_NUM;
@ -2375,7 +2375,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_OUTER; // Normal/outer volume (hidden volume protected)
else
list->volumeType[ListExtension->nDosDriveNo] = PROP_VOL_TYPE_NORMAL; // Normal volume
list->truecryptMode[ListExtension->nDosDriveNo] = ListExtension->cryptoInfo->bTrueCryptMode;
}
}
@ -2384,21 +2383,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
}
break;
case TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES:
if (ValidateIOBufferSize (Irp, sizeof (uint32), ValidateOutput))
{
// Prevent the user from downgrading to versions lower than 5.0 by faking mounted volumes.
// The user could render the system unbootable by downgrading when boot encryption
// is active or being set up.
memset (Irp->AssociatedIrp.SystemBuffer, 0, irpSp->Parameters.DeviceIoControl.OutputBufferLength);
*(uint32 *) Irp->AssociatedIrp.SystemBuffer = 0xffffFFFF;
Irp->IoStatus.Status = STATUS_SUCCESS;
Irp->IoStatus.Information = irpSp->Parameters.DeviceIoControl.OutputBufferLength;
}
break;
case TC_IOCTL_GET_VOLUME_PROPERTIES:
if (ValidateIOBufferSize (Irp, sizeof (VOLUME_PROPERTIES_STRUCT), ValidateInputOutput))
{
@ -2674,7 +2658,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
|| mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID
|| mount->VolumePim < -1 || mount->VolumePim == INT_MAX
|| mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID
|| (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE)
)
{
Irp->IoStatus.Status = STATUS_INVALID_PARAMETER;
@ -2692,7 +2675,6 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex
burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword));
burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf));
burn (&mount->VolumePim, sizeof (mount->VolumePim));
burn (&mount->bTrueCryptMode, sizeof (mount->bTrueCryptMode));
burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf));
burn (&mount->ProtectedHidVolPim, sizeof (mount->ProtectedHidVolPim));
}

2
src/Driver/Ntvol.c
View File

@ -610,7 +610,6 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
&mount->ProtectedHidVolPassword,
mount->ProtectedHidVolPkcs5Prf,
mount->ProtectedHidVolPim,
mount->bTrueCryptMode,
&tmpCryptoInfo);
}
else
@ -623,7 +622,6 @@ NTSTATUS TCOpenVolume (PDEVICE_OBJECT DeviceObject,
&mount->VolumePassword,
mount->pkcs5_prf,
mount->VolumePim,
mount->bTrueCryptMode,
&Extension->cryptoInfo);
}

9
src/ExpandVolume/DlgExpandVolume.cpp
View File

@ -61,7 +61,7 @@ BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, L
namespace VeraCryptExpander
{
/* defined in WinMain.c, referenced by ExpandVolumeWizard() */
int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions);
int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, char *titleStringId, BOOL enableMountOptions);
}
@ -490,7 +490,6 @@ typedef struct
Password *password;
int pkcs5_prf;
int pim;
BOOL truecryptMode;
BOOL write;
BOOL preserveTimestamps;
BOOL useBackupHeader;
@ -502,7 +501,7 @@ void CALLBACK OpenVolumeWaitThreadProc(void* pArg, HWND hwndDlg)
OpenVolumeThreadParam* pThreadParam = (OpenVolumeThreadParam*) pArg;
*(pThreadParam)->nStatus = OpenVolume(pThreadParam->context, pThreadParam->volumePath, pThreadParam->password, pThreadParam->pkcs5_prf,
pThreadParam->pim, pThreadParam->truecryptMode, pThreadParam->write, pThreadParam->preserveTimestamps, pThreadParam->useBackupHeader);
pThreadParam->pim, pThreadParam->write, pThreadParam->preserveTimestamps, pThreadParam->useBackupHeader);
}
/*
@ -594,9 +593,8 @@ void ExpandVolumeWizard (HWND hwndDlg, wchar_t *lpszVolume)
while (TRUE)
{
OpenVolumeContext expandVol;
BOOL truecryptMode = FALSE;
if (!VeraCryptExpander::ExtcvAskVolumePassword (hwndDlg, lpszVolume, &VolumePassword, &VolumePkcs5, &VolumePim, &truecryptMode, "ENTER_NORMAL_VOL_PASSWORD", FALSE))
if (!VeraCryptExpander::ExtcvAskVolumePassword (hwndDlg, lpszVolume, &VolumePassword, &VolumePkcs5, &VolumePim, "ENTER_NORMAL_VOL_PASSWORD", FALSE))
{
goto ret;
}
@ -614,7 +612,6 @@ void ExpandVolumeWizard (HWND hwndDlg, wchar_t *lpszVolume)
threadParam.password = &VolumePassword;
threadParam.pkcs5_prf = VolumePkcs5;
threadParam.pim = VolumePim;
threadParam.truecryptMode = FALSE;
threadParam.write = FALSE;
threadParam.preserveTimestamps = bPreserveTimestamp;
threadParam.useBackupHeader = FALSE;

4
src/ExpandVolume/ExpandVolume.c
View File

@ -105,7 +105,7 @@ int MountVolTemp (HWND hwndDlg, wchar_t *volumePath, int *driveNo, Password *pas
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5, pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, FALSE) < 1)
if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5, pim, FALSE, FALSE, TRUE, &mountOptions, FALSE, FALSE) < 1)
{
*driveNo = -3;
return ERR_VOL_MOUNT_FAILED;
@ -681,7 +681,7 @@ static int ExpandVolume (HWND hwndDlg, wchar_t *lpszVolume, Password *pVolumePas
/* Try to decrypt the header */
nStatus = ReadVolumeHeader (FALSE, buffer, pVolumePassword, VolumePkcs5, VolumePim, FALSE, &cryptoInfo, NULL);
nStatus = ReadVolumeHeader (FALSE, buffer, pVolumePassword, VolumePkcs5, VolumePim, &cryptoInfo, NULL);
if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)
nStatus = 0; // We can ignore this error here

9
src/ExpandVolume/ExpandVolume.rc
View File

@ -84,7 +84,6 @@ FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL
COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP
CONTROL "&TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10
EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE
CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,49,97,10
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
@ -193,8 +192,8 @@ IDR_MOUNT_RSRC_HEADER HEADER "resource.h"
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -211,11 +210,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt Expander"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCryptExpander.exe"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

37
src/ExpandVolume/WinMain.cpp
View File

@ -418,7 +418,6 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA
static Password *szXPwd;
static int *pkcs5;
static int *pim;
static BOOL* truecryptMode;
switch (msg)
{
@ -428,7 +427,6 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA
szXPwd = ((PasswordDlgParam *) lParam) -> password;
pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;
pim = ((PasswordDlgParam *) lParam) -> pim;
truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;
LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");
DragAcceptFiles (hwndDlg, TRUE);
@ -498,10 +496,6 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA
EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE);
}
/* No support for mounting TrueCrypt volumes */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress))
{
SetWindowPos (hwndDlg, HWND_TOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE);
@ -522,10 +516,6 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA
case TC_APPMSG_PREBOOT_PASSWORD_MODE:
{
/* No support for mounting TrueCrypt system partition */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
/* Repopulate the PRF algorithms list with algorithms that support system encryption */
HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
@ -701,38 +691,19 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA
if (lw == IDOK)
{
BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
int iMaxPasswordLength = (bUseLegacyMaxPasswordLength || bTrueCryptMode)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;
int iMaxPasswordLength = (bUseLegacyMaxPasswordLength)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;
if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles)
KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, PasswordDlgVolume);
if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, iMaxPasswordLength + 1, bTrueCryptMode, TRUE))
if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, iMaxPasswordLength + 1, FALSE, TRUE))
szXPwd->Length = (unsigned __int32) (strlen ((char *) szXPwd->Text));
else
return 1;
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
*truecryptMode = bTrueCryptMode;
*pim = GetPim (hwndDlg, IDC_PIM, 0);
/* check that PRF is supported in TrueCrypt Mode */
if ( (*truecryptMode)
&& ((!is_pkcs5_prf_supported(*pkcs5, TRUE, PRF_BOOT_NO)) || (mountOptions.ProtectHiddenVolume && !is_pkcs5_prf_supported(mountOptions.ProtectedHidVolPkcs5Prf, TRUE, PRF_BOOT_NO)))
)
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
if ( (*truecryptMode)
&& (*pim != 0)
)
{
Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
}
// Attempt to wipe password stored in the input field buffer
@ -831,7 +802,7 @@ int RestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
return 0;
}
int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions)
int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *password, int *pkcs5, int *pim, char *titleStringId, BOOL enableMountOptions)
{
INT_PTR result;
PasswordDlgParam dlgParam;
@ -842,7 +813,6 @@ int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *pas
dlgParam.password = password;
dlgParam.pkcs5 = pkcs5;
dlgParam.pim = pim;
dlgParam.truecryptMode = truecryptMode;
StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), fileName);
@ -855,7 +825,6 @@ int ExtcvAskVolumePassword (HWND hwndDlg, const wchar_t* fileName, Password *pas
password->Length = 0;
*pkcs5 = 0;
*pim = 0;
*truecryptMode = FALSE;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}

8
src/Format/Format.rc
View File

@ -28,8 +28,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -46,11 +46,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt Format"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCrypt Format.exe"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

2
src/Format/InPlace.c
View File

@ -2319,7 +2319,7 @@ static int OpenBackupHeader (HANDLE dev, const wchar_t *devicePath, Password *pa
}
nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, pim, FALSE, retMasterCryptoInfo, headerCryptoInfo);
nStatus = ReadVolumeHeader (FALSE, header, password, pkcs5, pim, retMasterCryptoInfo, headerCryptoInfo);
if (nStatus != ERR_SUCCESS)
goto closing_seq;

10
src/Format/Tcformat.c
View File

@ -325,7 +325,7 @@ void CALLBACK ResumeInPlaceEncWaitThreadProc(void* pArg, HWND hwndDlg)
if (device.Path == szDevicePath)
{
OpenVolumeContext volume;
int status = OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE);
int status = OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, TRUE);
if ( status == ERR_SUCCESS)
{
@ -371,7 +371,7 @@ void CALLBACK ResumeInPlaceEncWaitThreadProc(void* pArg, HWND hwndDlg)
OpenVolumeContext volume;
if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE) == ERR_SUCCESS)
if (OpenVolume (&volume, device.Path.c_str(), &volumePassword, hash_algo, volumePim, FALSE, FALSE, TRUE) == ERR_SUCCESS)
{
if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0
&& volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value)
@ -8087,7 +8087,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
// Check that it is not a hidden or legacy volume
if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
NormalCursor();
return 1;
@ -8129,7 +8129,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
mountOptions.UseBackupHeader = TRUE; // This must be TRUE at this point (we won't be using the regular header, which will be lost soon after the decryption process starts)
if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
if (MountVolume (hwndDlg, driveNo, szFileName, &volumePassword, hash_algo, volumePim, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
NormalCursor();
return 1;
@ -9922,7 +9922,7 @@ int MountHiddenVolHost (HWND hwndDlg, wchar_t *volumePath, int *driveNo, Passwor
mountOptions.PartitionInInactiveSysEncScope = FALSE;
mountOptions.UseBackupHeader = FALSE;
if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, pim, FALSE, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
if (MountVolume (hwndDlg, *driveNo, volumePath, password, pkcs5_prf, pim, FALSE, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
{
*driveNo = -3;
return ERR_VOL_MOUNT_FAILED;

49
src/Mount/Favorites.cpp
View File

@ -100,7 +100,6 @@ namespace VeraCrypt
favorite.OpenExplorerWindow = (bExplore == TRUE);
favorite.Pim = prop.volumePim;
favorite.Pkcs5 = prop.pkcs5;
favorite.TrueCryptMode = (prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope))? 1 : 0;
memcpy (favorite.VolumeID, prop.volumeID, VOLUME_ID_SIZE);
if (favorite.VolumePathId.empty()
@ -693,15 +692,6 @@ namespace VeraCrypt
favorite.DisconnectedDevice = true;
}
XmlGetAttributeText (xml, "TrueCryptMode", boolVal, sizeof (boolVal));
if (boolVal[0])
favorite.TrueCryptMode = (boolVal[0] == '1')? 1 : 0;
else
favorite.TrueCryptMode = -1;
if (favorite.TrueCryptMode > 0)
favorite.Pim = 0;
XmlGetAttributeText (xml, "pkcs5", label, sizeof (label));
if (label[0])
favorite.Pkcs5 = strtol (label, NULL, 10);
@ -710,7 +700,6 @@ namespace VeraCrypt
if ( (favorite.Pkcs5 != -1)
&& ( (favorite.Pkcs5 < FIRST_PRF_ID)
|| (favorite.Pkcs5 > LAST_PRF_ID)
|| (favorite.TrueCryptMode == 1 && (0 == get_pkcs5_iteration_count (favorite.Pkcs5, 0, TRUE, favorite.SystemEncryption? TRUE : FALSE)))
)
)
{
@ -819,17 +808,12 @@ namespace VeraCrypt
if (!favorite.Label.empty())
s += L" label=\"" + favorite.Label + L"\"";
if ((favorite.Pim >= 0) && (favorite.TrueCryptMode <= 0))
if (favorite.Pim >= 0)
s += L" pim=\"" + IntToWideString(favorite.Pim) + L"\"";
if (favorite.Pkcs5 > 0)
s += L" pkcs5=\"" + IntToWideString(favorite.Pkcs5) + L"\"";
if (favorite.TrueCryptMode > 0)
s += L" TrueCryptMode=\"1\"";
else if (favorite.TrueCryptMode == 0)
s += L" TrueCryptMode=\"0\"";
if (favorite.ReadOnly)
s += L" readonly=\"1\"";
@ -951,7 +935,6 @@ namespace VeraCrypt
SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_READONLY, favorite.ReadOnly);
SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE, favorite.Removable);
SetCheckBox (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID, favorite.UseVolumeID && bIsDevice);
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, (favorite.TrueCryptMode > 0)? TRUE : FALSE);
/* Populate the PRF algorithms list */
int nIndex, i, nSelected = 0;
@ -963,13 +946,10 @@ namespace VeraCrypt
for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++)
{
if (!favorite.SystemEncryption || (favorite.TrueCryptMode != 1))
{
nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
if (favorite.Pkcs5 == i)
nSelected = nIndex;
}
nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i));
SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i);
if (favorite.Pkcs5 == i)
nSelected = nIndex;
}
if (favorite.Pkcs5 >= 0)
@ -1003,7 +983,6 @@ namespace VeraCrypt
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_REMOVE), enable);
EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), enable && !favorite.SystemEncryption);
EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), enable && !favorite.SystemEncryption);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), enable && !favorite.SystemEncryption);
EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PIM), enable);
@ -1082,24 +1061,6 @@ namespace VeraCrypt
favorite.Pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, nSelected, 0);
else
favorite.Pkcs5 = -1;
BOOL selectedTrueCryptMode = (IsDlgButtonChecked (hwndDlg, IDC_TRUECRYPT_MODE) != 0)? 1 : 0;
if ((favorite.TrueCryptMode >= 0) || selectedTrueCryptMode)
favorite.TrueCryptMode = selectedTrueCryptMode;
if (favorite.TrueCryptMode == 1)
{
if ((favorite.Pkcs5 > 0) && !is_pkcs5_prf_supported (favorite.Pkcs5, TRUE, favorite.SystemEncryption? PRF_BOOT_MBR : PRF_BOOT_NO))
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
favorite.Pkcs5 = 0;
}
if (favorite.Pim > 0)
{
Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
favorite.Pim = 0;
}
}
favorite.ReadOnly = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_READONLY) != 0);
favorite.Removable = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE) != 0);

2
src/Mount/Favorites.h
View File

@ -23,7 +23,6 @@ namespace VeraCrypt
:
Pim (0),
Pkcs5 (-1),
TrueCryptMode (-1),
DisableHotkeyMount (false),
DisconnectedDevice (false),
MountOnLogOn (false),
@ -44,7 +43,6 @@ namespace VeraCrypt
wstring Label;
int Pim;
int Pkcs5;
int TrueCryptMode;
BYTE VolumeID[VOLUME_ID_SIZE];
bool DisableHotkeyMount;

16
src/Mount/MainCom.cpp
View File

@ -97,7 +97,7 @@ class TrueCryptMainCom : public ITrueCryptMainCom
virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd)
{
MainDlg = (HWND) hWnd;
return ::ChangePwd (volumePath, oldPassword, 0, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
return ::ChangePwd (volumePath, oldPassword, 0, 0, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
}
virtual DWORD STDMETHODCALLTYPE CopyFile (BSTR sourceFile, BSTR destinationFile)
@ -143,19 +143,19 @@ class TrueCryptMainCom : public ITrueCryptMainCom
virtual int STDMETHODCALLTYPE ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd)
{
MainDlg = (HWND) hWnd;
return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
}
virtual int STDMETHODCALLTYPE ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd)
virtual int STDMETHODCALLTYPE ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd)
{
MainDlg = (HWND) hWnd;
return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, truecryptMode, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
return ::ChangePwd (volumePath, oldPassword, old_pkcs5, 0, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
}
virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, __int64 hWnd)
virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, __int64 hWnd)
{
MainDlg = (HWND) hWnd;
return ::ChangePwd (volumePath, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (HWND) hWnd);
return ::ChangePwd (volumePath, oldPassword, old_pkcs5, old_pim, newPassword, pkcs5, pim, wipePassCount, (HWND) hWnd);
}
virtual DWORD STDMETHODCALLTYPE GetFileSize (BSTR filePath, unsigned __int64 *pSize)
@ -316,7 +316,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, wchar_t *lpszVolume)
}
extern "C" int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
extern "C" int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
{
CComPtr<ITrueCryptMainCom> tc;
int r;
@ -327,7 +327,7 @@ extern "C" int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old
{
CComBSTR bstrVolume (lpszVolume);
WaitCursor ();
r = tc->ChangePasswordEx3 (bstrVolume, oldPassword, old_pkcs5, old_pim, truecryptMode, newPassword, pkcs5, pim, wipePassCount, (__int64) hwndDlg);
r = tc->ChangePasswordEx3 (bstrVolume, oldPassword, old_pkcs5, old_pim, newPassword, pkcs5, pim, wipePassCount, (__int64) hwndDlg);
NormalCursor ();
}
else

2
src/Mount/MainCom.h
View File

@ -26,7 +26,7 @@ extern "C" {
BOOL ComServerMain ();
int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, wchar_t *lpszVolume);
int UacRestoreVolumeHeader (HWND hwndDlg, wchar_t *lpszVolume);
int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
int UacChangePwd (wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);
#ifdef __cplusplus
}

6
src/Mount/MainCom.idl
View File

@ -16,7 +16,7 @@ import "..\Common\Password.h";
[
uuid(9ACF6176-5FC4-4690-A025-B3306A50EB6A),
helpstring("VeraCrypt Main UAC Support Library"),
version(2.11) // Update ComSetup.cpp when changing version number
version(2.12) // Update ComSetup.cpp when changing version number
]
library TrueCryptMainCom
{
@ -42,8 +42,8 @@ library TrueCryptMainCom
DWORD SetDriverServiceStartType (DWORD startType);
DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value);
int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd);
int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd);
int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, __int64 hWnd);
int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, __int64 hWnd);
int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pim, Password *newPassword, int pkcs5, int pim, int wipePassCount, __int64 hWnd);
DWORD GetFileSize (BSTR filePath, unsigned __int64* pSize);
DWORD DeviceIoControl (BOOL readOnly, BOOL device, BSTR filePath, DWORD dwIoControlCode, BSTR input, BSTR *output);
DWORD InstallEfiBootLoader (BOOL preserveUserConfig, BOOL hiddenOSCreation, int pim, int hashAlg);

244
src/Mount/Mount.c
View File

@ -162,9 +162,6 @@ int CmdVolumePkcs5 = 0;
int VolumePim = -1;
int CmdVolumePim = -1;
int DefaultVolumePkcs5 = 0;
BOOL VolumeTrueCryptMode = FALSE;
BOOL CmdVolumeTrueCryptMode = FALSE;
BOOL DefaultVolumeTrueCryptMode = FALSE;
BOOL CmdVolumePasswordValid = FALSE;
MountOptions CmdMountOptions;
BOOL CmdMountOptionsValid = FALSE;
@ -407,8 +404,6 @@ static void localcleanup (void)
burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5));
burn (&VolumePim, sizeof (VolumePim));
burn (&CmdVolumePim, sizeof (CmdVolumePim));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode));
burn (&mountOptions, sizeof (mountOptions));
burn (&defaultMountOptions, sizeof (defaultMountOptions));
burn (szFileName, sizeof(szFileName));
@ -1083,7 +1078,6 @@ void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL*
// Mount Options
ConfigReadCompareInt ("DefaultPRF", 0, &DefaultVolumePkcs5, bOnlyCheckModified, pbSettingsModified);
ConfigReadCompareInt ("DefaultTrueCryptMode", FALSE, &DefaultVolumeTrueCryptMode, bOnlyCheckModified, pbSettingsModified);
if (bOnlyCheckModified)
{
@ -1107,8 +1101,6 @@ void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL*
if (DefaultVolumePkcs5 < 0 || DefaultVolumePkcs5 > LAST_PRF_ID)
DefaultVolumePkcs5 = 0;
if (DefaultVolumeTrueCryptMode != TRUE && DefaultVolumeTrueCryptMode != FALSE)
DefaultVolumeTrueCryptMode = FALSE;
}
@ -1221,7 +1213,6 @@ void SaveSettings (HWND hwndDlg)
// Mount Options
ConfigWriteInt ("DefaultPRF", DefaultVolumePkcs5);
ConfigWriteInt ("DefaultTrueCryptMode", DefaultVolumeTrueCryptMode);
ConfigWriteEnd (hwndDlg);
}
@ -2027,13 +2018,7 @@ void LoadDriveLetters (HWND hwndDlg, HWND hTree, int drive)
ws = L"?";
}
if (driver.truecryptMode[i])
{
StringCbPrintfW (szTmpW, sizeof(szTmpW), L"TrueCrypt-%s", ws);
ListSubItemSet (hTree, listItem.iItem, 4, szTmpW);
}
else
ListSubItemSet (hTree, listItem.iItem, 4, ws);
ListSubItemSet (hTree, listItem.iItem, 4, ws);
if (driver.volumeType[i] == PROP_VOL_TYPE_OUTER_VOL_WRITE_PREVENTED) // Normal/outer volume (hidden volume protected AND write denied)
{
@ -2160,7 +2145,6 @@ typedef struct
int pkcs5;
int pim;
int wipePassCount;
BOOL truecryptMode;
int* pnStatus;
} ChangePwdThreadParam;
@ -2197,14 +2181,14 @@ void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg)
{
// Non-system
*pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg);
*pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg);
if (*pThreadParam->pnStatus == ERR_OS_ERROR
&& GetLastError () == ERROR_ACCESS_DENIED
&& IsUacSupported ()
&& IsVolumeDeviceHosted (szFileName))
{
*pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg);
*pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pim, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pim, pThreadParam->wipePassCount, hwndDlg);
}
}
}
@ -2279,7 +2263,6 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
int i;
WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220;
int EffectiveVolumePkcs5 = CmdVolumePkcs5;
BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;
int EffectiveVolumePim = CmdVolumePim;
/* Priority is given to command line parameters
@ -2287,8 +2270,6 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
*/
if (EffectiveVolumePkcs5 == 0)
EffectiveVolumePkcs5 = DefaultVolumePkcs5;
if (!EffectiveVolumeTrueCryptMode)
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
NewPimValuePtr = (int*) lParam;
@ -2335,9 +2316,6 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
SendMessage (hComboBox, CB_SETCURSEL, nSelectedIndex, 0);
/* check TrueCrypt Mode if it was set as default*/
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, EffectiveVolumeTrueCryptMode);
/* set default PIM if set in the command line*/
if (EffectiveVolumePim > 0)
{
@ -2436,10 +2414,6 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
if (bSysEncPwdChangeDlgMode)
{
/* No support for changing the password of TrueCrypt system partition */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
ToBootPwdField (hwndDlg, IDC_PASSWORD);
ToBootPwdField (hwndDlg, IDC_VERIFY);
ToBootPwdField (hwndDlg, IDC_OLD_PASSWORD);
@ -2767,14 +2741,6 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
}
if (lw == IDC_TRUECRYPT_MODE)
{
BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE;
EnableWindow (GetDlgItem (hwndDlg, IDT_OLD_PIM), bEnablePim);
EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM), bEnablePim);
EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIM_HELP), bEnablePim);
}
if (lw == IDC_SHOW_PASSWORD_CHPWD_ORI)
{
HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_ORI, IDC_OLD_PASSWORD, IDC_OLD_PIM);
@ -2803,22 +2769,10 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID), CB_GETCURSEL, 0, 0), 0);
int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
int old_pim = GetPim (hwndDlg, IDC_OLD_PIM, 0);
int pim = GetPim (hwndDlg, IDC_PIM, 0);
int iMaxPasswordLength = (bUseLegacyMaxPasswordLength || truecryptMode)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;
if (truecryptMode && !is_pkcs5_prf_supported (old_pkcs5, TRUE, PRF_BOOT_NO))
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
else if (truecryptMode && (old_pim != 0))
{
Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
int iMaxPasswordLength = (bUseLegacyMaxPasswordLength)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;
if (bSysEncPwdChangeDlgMode && !CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL))
{
@ -2865,7 +2819,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
GetVolumePath (hParent, szFileName, ARRAYSIZE (szFileName));
if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, iMaxPasswordLength + 1, truecryptMode, TRUE))
if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, iMaxPasswordLength + 1, FALSE, TRUE))
oldPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text);
else
{
@ -2912,7 +2866,6 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
changePwdParam.pim = pim;
changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode);
changePwdParam.pnStatus = &nStatus;
changePwdParam.truecryptMode = truecryptMode;
ShowWaitDialog(hwndDlg, TRUE, ChangePwdWaitThreadProc, &changePwdParam);
@ -2987,7 +2940,6 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
static Password *szXPwd;
static int *pkcs5;
static int *pim;
static BOOL* truecryptMode;
switch (msg)
{
@ -2997,7 +2949,6 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
szXPwd = ((PasswordDlgParam *) lParam) -> password;
pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;
pim = ((PasswordDlgParam *) lParam) -> pim;
truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;
LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");
DragAcceptFiles (hwndDlg, TRUE);
@ -3075,14 +3026,6 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
{
EnableWindow (GetDlgItem (hwndDlg, IDC_CACHE), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_MOUNT_OPTIONS), FALSE);
/* Disable TrueCrypt mode option in case of backup/restore header operation */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), FALSE);
}
else if (*truecryptMode)
{
/* Check TrueCryptMode if it is enabled on the command line */
SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, TRUE);
}
if (!SetForegroundWindow (hwndDlg) && (FavoriteMountOnArrivalInProgress || LogOn))
@ -3279,14 +3222,6 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
return 1;
}
if (lw == IDC_TRUECRYPT_MODE)
{
BOOL bEnablePim = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE;
EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), bEnablePim);
EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), bEnablePim);
EnableWindow (GetDlgItem (hwndDlg, IDC_PIM_HELP), bEnablePim);
}
if (lw == IDC_KEY_FILES)
{
KeyFilesDlgParam param;
@ -3319,38 +3254,19 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
if (lw == IDOK)
{
BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
int iMaxPasswordLength = (bUseLegacyMaxPasswordLength || bTrueCryptMode)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;
int iMaxPasswordLength = (bUseLegacyMaxPasswordLength)? MAX_LEGACY_PASSWORD : MAX_PASSWORD;
if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles)
KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, wcslen (PasswordDlgVolume) > 0 ? PasswordDlgVolume : NULL);
if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, iMaxPasswordLength + 1, bTrueCryptMode, TRUE))
if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, iMaxPasswordLength + 1, FALSE, TRUE))
szXPwd->Length = (unsigned __int32) strlen ((char *) szXPwd->Text);
else
return 1;
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
*truecryptMode = bTrueCryptMode;
*pim = GetPim (hwndDlg, IDC_PIM, 0);
/* check that PRF is supported in TrueCrypt Mode */
if ( (*truecryptMode)
&& ((!is_pkcs5_prf_supported (*pkcs5, TRUE, PRF_BOOT_NO)) || (mountOptions.ProtectHiddenVolume && !is_pkcs5_prf_supported (mountOptions.ProtectedHidVolPkcs5Prf, TRUE, PRF_BOOT_NO)))
)
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
if ( (*truecryptMode)
&& (*pim != 0)
)
{
Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
}
// Attempt to wipe password stored in the input field buffer
@ -4250,17 +4166,10 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
ListSubItemSet (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE"));
else
{
bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope);
s = prop.hiddenVolume ? GetString ("HIDDEN") :
(prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL"));
if (truecryptMode)
{
StringCbPrintfW (sw, sizeof(sw), L"TrueCrypt - %s", s);
ListSubItemSet (list, i++, 1, sw);
}
else
ListSubItemSet (list, i++, 1, s);
ListSubItemSet (list, i++, 1, s);
}
if (!bSysEnc)
@ -5201,7 +5110,7 @@ LPARAM GetItemLong (HWND hTree, int itemNo)
return item.lParam;
}
static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pim, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions)
static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pim, char *titleStringId, BOOL enableMountOptions)
{
INT_PTR result;
PasswordDlgParam dlgParam;
@ -5212,7 +5121,6 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int
dlgParam.password = password;
dlgParam.pkcs5 = pkcs5;
dlgParam.pim = pim;
dlgParam.truecryptMode = truecryptMode;
result = SecureDesktopDialogBoxParam (hInst,
MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg,
@ -5223,7 +5131,6 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int
password->Length = 0;
*pkcs5 = 0;
*pim = -1;
*truecryptMode = FALSE;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
@ -5233,12 +5140,11 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int
// GUI actions
static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim, int pkcs5, int trueCryptMode)
static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim, int pkcs5)
{
BOOL status = FALSE;
wchar_t fileName[MAX_PATH];
int mounted = 0, EffectiveVolumePkcs5 = 0;
BOOL EffectiveVolumeTrueCryptMode = FALSE;
int EffectiveVolumePim = (pim < 0)? CmdVolumePim : pim;
BOOL bEffectiveCacheDuringMultipleMount = bCmdCacheDuringMultipleMount? TRUE: bCacheDuringMultipleMount;
BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed;
@ -5254,23 +5160,6 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
else
EffectiveVolumePkcs5 = DefaultVolumePkcs5;
if (trueCryptMode >= 0)
EffectiveVolumeTrueCryptMode = (trueCryptMode == 0)? FALSE : TRUE;
else if (CmdVolumeTrueCryptMode)
EffectiveVolumeTrueCryptMode = TRUE;
else
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
if (EffectiveVolumeTrueCryptMode)
{
/* No PIM Mode if TrueCrypt Mode specified */
EffectiveVolumePim = 0;
/* valdate the effective PRF is compatible with TrueCrypt Mode */
if (!is_pkcs5_prf_supported (EffectiveVolumePkcs5, TRUE, mountOptions.PartitionInInactiveSysEncScope? PRF_BOOT_MBR : PRF_BOOT_NO))
EffectiveVolumePkcs5 = 0;
}
bPrebootPasswordDlgMode = mountOptions.PartitionInInactiveSysEncScope;
if (nDosDriveNo == -1)
@ -5280,7 +5169,6 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
{
VolumePassword.Length = 0;
VolumePkcs5 = 0;
VolumeTrueCryptMode = FALSE;
VolumePim = -1;
}
@ -5328,10 +5216,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
if (!bUseCmdVolumePassword)
{
// First try cached passwords and if they fail ask user for a new one
if (EffectiveVolumeTrueCryptMode)
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
else
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, EffectiveVolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile && bEffectiveTryEmptyPasswordWhenKeyfileUsed)
@ -5340,10 +5225,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile, szFileName);
if (EffectiveVolumeTrueCryptMode)
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
else
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, EffectiveVolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
burn (&emptyPassword, sizeof (emptyPassword));
}
@ -5352,11 +5234,8 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
// Test password and/or keyfiles used for the previous volume
if (!mounted && bEffectiveCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0)
{
// try TrueCrypt mode first as it is quick, only if no custom pim specified
if (EffectiveVolumeTrueCryptMode)
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
else // if no PIM specified for favorite, we use also the PIM of the previous volume alongside its password.
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, (EffectiveVolumePim < 0)? VolumePim : EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
// if no PIM specified for favorite, we use also the PIM of the previous volume alongside its password.
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, (EffectiveVolumePim < 0)? VolumePim : EffectiveVolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
}
NormalCursor ();
@ -5375,25 +5254,21 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
{
VolumePassword = CmdVolumePassword;
VolumePkcs5 = EffectiveVolumePkcs5;
VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;
VolumePim = EffectiveVolumePim;
}
else if (!Silent)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode || IsTrueCryptFileExtension (szFileName)? TRUE : FALSE;
int GuiPim = EffectiveVolumePim;
StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE))
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, NULL, TRUE))
goto ret;
else
{
VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
VolumePim = GuiPim;
burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
burn (&GuiPim, sizeof(GuiPim));
}
}
@ -5403,7 +5278,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
if (KeyFilesEnable)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName);
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, !Silent);
mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, !Silent);
NormalCursor ();
// Check for problematic file extensions (exe, dll, sys)
@ -5414,7 +5289,6 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
{
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&VolumePim, sizeof (VolumePim));
}
@ -5450,7 +5324,6 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
{
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&VolumePim, sizeof (VolumePim));
}
@ -5512,7 +5385,7 @@ void __cdecl mountThreadFunction (void *hwndDlgArg)
EnableWindow(hwndDlg, FALSE);
finally_do_arg2 (HWND, hwndDlg, BOOL, bIsForeground, { EnableWindow(finally_arg, TRUE); if (finally_arg2) BringToForeground (finally_arg); bPrebootPasswordDlgMode = FALSE;});
Mount (hwndDlg, -1, 0, -1, -1, -1);
Mount (hwndDlg, -1, 0, -1, -1);
}
typedef struct
@ -5729,15 +5602,12 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
int mountedVolCount = 0;
vector <HostDevice> devices;
int EffectiveVolumePkcs5 = CmdVolumePkcs5;
BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;
/* Priority is given to command line parameters
* Default values used only when nothing specified in command line
*/
if (EffectiveVolumePkcs5 == 0)
EffectiveVolumePkcs5 = DefaultVolumePkcs5;
if (!EffectiveVolumeTrueCryptMode)
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
VolumePassword.Length = 0;
mountOptions = defaultMountOptions;
@ -5759,18 +5629,15 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
if (!CmdVolumePasswordValid && bPasswordPrompt)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
int GuiPim = CmdVolumePim;
PasswordDlgVolume[0] = '\0';
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE))
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, NULL, TRUE))
goto ret;
else
{
VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
VolumePim = GuiPim;
burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
burn (&GuiPim, sizeof(GuiPim));
}
}
@ -5779,7 +5646,6 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
bPasswordPrompt = FALSE;
VolumePassword = CmdVolumePassword;
VolumePkcs5 = EffectiveVolumePkcs5;
VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;
VolumePim = CmdVolumePim;
}
@ -5863,8 +5729,8 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
}
// First try user password then cached passwords
if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0
|| ((VolumePassword.Length > 0) && ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0)))
if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0
|| ((VolumePassword.Length > 0) && ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, TRUE, FALSE)) > 0)))
{
// A volume has been successfully mounted
@ -5943,7 +5809,6 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
{
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&VolumePim, sizeof (VolumePim));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@ -5974,7 +5839,6 @@ static BOOL MountAllDevicesThreadCode (HWND hwndDlg, BOOL bPasswordPrompt)
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&VolumePim, sizeof (VolumePim));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@ -7318,7 +7182,6 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
BOOL mounted = FALSE;
int EffectiveVolumePkcs5 = CmdVolumePkcs5;
BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;
BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed;
if (!VolumePathExists (szFileName))
@ -7332,8 +7195,6 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
*/
if (EffectiveVolumePkcs5 == 0)
EffectiveVolumePkcs5 = DefaultVolumePkcs5;
if (!EffectiveVolumeTrueCryptMode)
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
// Command line password or keyfiles
if (CmdVolumePassword.Length != 0 || (FirstCmdKeyFile && (CmdVolumePasswordValid || bEffectiveTryEmptyPasswordWhenKeyfileUsed)))
@ -7344,7 +7205,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile, szFileName);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A',
szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount,
szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, bCacheInDriver, bIncludePimInCache, bForceMount,
&mountOptions, Silent, reportBadPasswd);
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
@ -7352,7 +7213,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
else
{
// Cached password
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE);
}
if (FirstCmdKeyFile)
@ -7367,20 +7228,17 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
int GuiPkcs5 = EffectiveVolumePkcs5;
int GuiPim = CmdVolumePim;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
VolumePassword.Length = 0;
StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &GuiTrueCryptMode, NULL, TRUE))
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, NULL, TRUE))
break;
else
{
VolumePkcs5 = GuiPkcs5;
VolumePim = GuiPim;
VolumeTrueCryptMode = GuiTrueCryptMode;
burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiPim, sizeof(GuiPim));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
}
WaitCursor ();
@ -7388,12 +7246,11 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE);
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumePim, sizeof (VolumePim));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@ -9268,7 +9125,6 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
OptionVolume,
CommandWipeCache,
OptionPkcs5,
OptionTrueCryptMode,
OptionPim,
OptionTryEmptyPassword,
OptionNoWaitDlg,
@ -9298,7 +9154,6 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
{ OptionSilent, L"/silent", L"/s", FALSE },
{ OptionTokenLib, L"/tokenlib", NULL, FALSE },
{ OptionTokenPin, L"/tokenpin", NULL, FALSE },
{ OptionTrueCryptMode, L"/truecrypt", L"/tc", FALSE },
{ OptionVolume, L"/volume", L"/v", FALSE },
{ CommandWipeCache, L"/wipecache", L"/w", FALSE },
{ OptionTryEmptyPassword, L"/tryemptypass", NULL, FALSE },
@ -9727,10 +9582,6 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
}
break;
case OptionTrueCryptMode:
CmdVolumeTrueCryptMode = TRUE;
break;
// no option = file name if there is only one argument
default:
{
@ -9749,9 +9600,9 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
}
}
if (CmdVolumePasswordValid && (CmdVolumeTrueCryptMode || (CmdMountOptionsValid && bPrebootPasswordDlgMode)))
if (CmdVolumePasswordValid && CmdMountOptionsValid && bPrebootPasswordDlgMode)
{
/* truncate the password to 64 first characer in case of TrueCrypt Mode or System Encryption */
/* truncate the password to 64 first characer in case of System Encryption */
if (lstrlen (CmdRawPassword) > MAX_LEGACY_PASSWORD)
{
int iLen;
@ -10431,7 +10282,7 @@ static BOOL MountFavoriteVolumeBase (HWND hwnd, const FavoriteVolume &favorite,
if (ServiceMode)
SystemFavoritesServiceLogInfo (wstring (L"Mounting system favorite \"") + effectiveVolumePath + L"\"");
status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim, favorite.Pkcs5, favorite.TrueCryptMode);
status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim, favorite.Pkcs5);
if (ServiceMode)
{
@ -10649,7 +10500,6 @@ BOOL MountFavoriteVolumes (HWND hwnd, BOOL systemFavorites, BOOL logOnMount, BOO
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumePim, sizeof (VolumePim));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
if (bRet && CloseSecurityTokenSessionsAfterMount)
SecurityToken::CloseAllSessions(); // TODO Use Token
@ -10922,7 +10772,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *
{
int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (*askPkcs5 == 0))? EffectiveVolumePkcs5 : *askPkcs5;
int GuiPim = ((EffectiveVolumePim > 0) && (*askPim <= 0))? EffectiveVolumePim : *askPim;
if (!AskVolumePassword (hwndDlg, askPassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
if (!AskVolumePassword (hwndDlg, askPassword, &GuiPkcs5, &GuiPim, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@ -10940,7 +10790,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, askPassword, FirstKeyFile, lpszVolume);
nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPim, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE);
nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPim, FALSE, bPreserveTimestamp, FALSE);
NormalCursor();
@ -11098,7 +10948,6 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const wchar_t *
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumePim, sizeof (VolumePim));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&hiddenVolPassword, sizeof (hiddenVolPassword));
burn (temporaryKey, sizeof (temporaryKey));
burn (originalK2, sizeof (originalK2));
@ -11210,7 +11059,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (VolumePkcs5 == 0))? EffectiveVolumePkcs5 : VolumePkcs5;
int GuiPim = ((EffectiveVolumePim > 0) && (VolumePim <= 0))? EffectiveVolumePim : VolumePim;
StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, NULL, FALSE))
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, NULL, FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@ -11228,7 +11077,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, lpszVolume);
nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE);
nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePim,TRUE, bPreserveTimestamp, TRUE);
NormalCursor();
@ -11451,7 +11300,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
{
int GuiPkcs5 = ((EffectiveVolumePkcs5 > 0) && (VolumePkcs5 == 0))? EffectiveVolumePkcs5 : VolumePkcs5;
int GuiPim = ((EffectiveVolumePim > 0) && (VolumePim <= 0))? EffectiveVolumePim : VolumePim;
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPim, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@ -11474,7 +11323,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
if (type == TC_VOLUME_TYPE_HIDDEN)
headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE);
nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, &restoredCryptoInfo, NULL);
nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePim, &restoredCryptoInfo, NULL);
if (nStatus == ERR_SUCCESS)
break;
}
@ -11580,7 +11429,6 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumePim, sizeof (VolumePim));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
RestoreDefaultKeyFilesParam();
RandStop (FALSE);
NormalCursor();
@ -12046,9 +11894,6 @@ static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPAR
{
LocalizeDialog (hwndDlg, "IDD_DEFAULT_MOUNT_PARAMETERS");
SendMessage (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), BM_SETCHECK,
DefaultVolumeTrueCryptMode ? BST_CHECKED:BST_UNCHECKED, 0);
/* Populate the PRF algorithms list */
int i, nIndex, defaultPrfIndex = 0;
HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
@ -12082,25 +11927,14 @@ static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPAR
case IDOK:
{
int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
/* check that PRF is supported in TrueCrypt Mode */
if ( (truecryptMode)
&& (!is_pkcs5_prf_supported(pkcs5, TRUE, PRF_BOOT_NO))
)
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
}
else
{
WaitCursor ();
DefaultVolumeTrueCryptMode = truecryptMode;
DefaultVolumePkcs5 = pkcs5;
SaveSettings (hwndDlg);
WaitCursor ();
DefaultVolumePkcs5 = pkcs5;
NormalCursor ();
EndDialog (hwndDlg, lw);
}
SaveSettings (hwndDlg);
NormalCursor ();
EndDialog (hwndDlg, lw);
return 1;
}

1
src/Mount/Mount.h
View File

@ -55,7 +55,6 @@ typedef struct
Password *password;
int* pkcs5;
int* pim;
BOOL* truecryptMode;
} PasswordDlgParam;
extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList;

14
src/Mount/Mount.rc
View File

@ -123,7 +123,6 @@ FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_OLD_PASSWORD,89,14,181,13,ES_PASSWORD | ES_AUTOHSCROLL
COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,97,90,CBS_DROPDOWNLIST | WS_TABSTOP
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,193,35,83,10
EDITTEXT IDC_OLD_PIM,89,51,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE
CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,59,115,10
CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,72,109,10
@ -191,7 +190,6 @@ FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_PASSWORD,69,8,179,14,ES_PASSWORD | ES_AUTOHSCROLL
COMBOBOX IDC_PKCS5_PRF_ID,69,26,96,90,CBS_DROPDOWNLIST | WS_TABSTOP
CONTROL "&TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,170,28,76,10
EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE
CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,48,97,10
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
@ -280,7 +278,7 @@ BEGIN
PUSHBUTTON "Auto-&Detect Library",IDC_AUTO_DETECT_PKCS11_MODULE,16,41,112,14
CONTROL "&Close token session (log out) after a volume is successfully mounted",IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT,
"Button",BS_AUTOCHECKBOX | WS_GROUP | WS_TABSTOP,16,154,284,9
CONTROL "&Enable EMV Support",IDC_ENABLE_EMV_SUPPORT,"Button",BS_AUTOCHECKBOX | WS_GROUP | WS_TABSTOP,16,185,284,9
CONTROL "&Enable EMV Support",IDC_ENABLE_EMV_SUPPORT,"Button",BS_AUTOCHECKBOX | WS_GROUP | WS_TABSTOP,16,185,284,9
DEFPUSHBUTTON "OK",IDOK,205,208,50,14
PUSHBUTTON "Cancel",IDCANCEL,259,208,50,14
GROUPBOX "PKCS #11 Library Path",IDT_PKCS11_LIB_PATH,7,7,302,129
@ -395,7 +393,6 @@ BEGIN
CONTROL "Use Volume ID to mount favorite",IDC_FAVORITE_USE_VOLUME_ID,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,148,337,10
COMBOBOX IDC_PKCS5_PRF_ID,87,166,96,90,CBS_DROPDOWNLIST | WS_TABSTOP
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,189,168,76,10
LTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,19,168,63,10
END
@ -408,7 +405,6 @@ BEGIN
PUSHBUTTON "Cancel",IDCANCEL,111,44,50,14
COMBOBOX IDC_PKCS5_PRF_ID,57,24,103,90,CBS_DROPDOWNLIST | WS_TABSTOP
LTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,8,26,44,11
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,7,76,10
END
IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 371, 344
@ -561,8 +557,8 @@ END
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -579,11 +575,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCrypt.exe"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

1
src/Mount/Resource.h
View File

@ -160,7 +160,6 @@
#define IDC_PREF_DISMOUNT_SESSION_LOCKED 1137
#define IDT_NEW_PKCS5_PRF 1138
#define IDC_PKCS5_OLD_PRF_ID 1139
#define IDC_TRUECRYPT_MODE 1140
#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141
#define IDT_OLD_PIM 1142
#define IDC_OLD_PIM 1143

4
src/Release/Setup Files/Product64.wxs
View File

@ -4,7 +4,7 @@
<!-- FullProductVersion's first 3 parts MUST BE incremented at each release in order
for upgrades to work ; Windows Installer ignores the 4th part -->
<?define var.FullProductVersion = 1.26.3?>
<?define var.FullProductVersion = 1.26.4?>
<?define var.ProductName = VeraCrypt $(var.FullProductVersion)?>
<!-- Unique GUID identifying this family of product (32-bit and 64-bit have the same) -->
@ -12,7 +12,7 @@
<!-- Unique GUID identifying this product release (32-bit and 64-bit have different ones) -->
<!-- MUST BE regenerated for each new release -->
<?define var.ProductGuid = {DD81FEC7-A368-4244-B614-7A75E040C056}?>
<?define var.ProductGuid = {2F519B5E-B6A3-4050-8B79-0E420AF5581D}?>
<!-- Unique GUID identifying a particular Windows Installer package -->
<!-- When compiling a product, it should not be set in order to allow it to be generated for each build -->

4
src/Release/Setup Files/veracrypt.Inf
View File

@ -2,7 +2,7 @@
;;; VeraCrypt
;;;
;;;
;;; Copyright (c) 2022, IDRIX
;;; Copyright (c) 2023, IDRIX
;;;
[Version]
@ -10,7 +10,7 @@ signature = "$Windows NT$"
Class = "Encryption" ;This is determined by the work this filter driver does
ClassGuid = {a0a701c0-a511-42ff-aa6c-06dc0395576f} ;This value is determined by the Class
Provider = %ProviderString%
DriverVer = 03/09/2022,1.26.0.0
DriverVer = 07/22/2022,1.26.4.0
CatalogFile = veracrypt.cat

6
src/Setup/ComSetup.cpp
View File

@ -11,7 +11,7 @@
*/
#define TC_MAIN_COM_VERSION_MAJOR 2
#define TC_MAIN_COM_VERSION_MINOR 11
#define TC_MAIN_COM_VERSION_MINOR 12
#define TC_FORMAT_COM_VERSION_MAJOR 2
#define TC_FORMAT_COM_VERSION_MINOR 9
@ -39,7 +39,7 @@ extern "C" BOOL RegisterComServers (wchar_t *modulePath)
UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR, 0, SYS_WIN32);
UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR, 0, SYS_WIN32);
// unregister older versions that may still exist
for (WORD i = 7; i >= 1; i--)
for (WORD i = 8; i >= 1; i--)
UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-i, 0, SYS_WIN32);
for (WORD i = 5; i >= 1; i--)
UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR-i, 0, SYS_WIN32);
@ -78,7 +78,7 @@ extern "C" BOOL UnregisterComServers (wchar_t *modulePath)
return FALSE;
// unregister older versions that may still exist
for (WORD i = 7; i >= 1; i--)
for (WORD i = 8; i >= 1; i--)
UnRegisterTypeLib (LIBID_TrueCryptMainCom, TC_MAIN_COM_VERSION_MAJOR, TC_MAIN_COM_VERSION_MINOR-i, 0, SYS_WIN32);
for (WORD i = 5; i >= 1; i--)
UnRegisterTypeLib (LIBID_TrueCryptFormatCom, TC_FORMAT_COM_VERSION_MAJOR, TC_FORMAT_COM_VERSION_MINOR-i, 0, SYS_WIN32);

8
src/Setup/Portable.rc
View File

@ -26,8 +26,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -44,11 +44,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt Portable"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCrypt Portable.exe"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

11
src/Setup/Setup.c
View File

@ -720,10 +720,6 @@ void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersi
DWORD dwResult;
BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL);
if (!bResult)
bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL);
bUpgrade = (bResult && driverVersion <= VERSION_NUM);
bDowngrade = (bResult && driverVersion > VERSION_NUM);
bReinstallMode = (bResult && driverVersion == VERSION_NUM);
@ -1755,13 +1751,6 @@ BOOL DoDriverUnload (HWND hwndDlg)
// Check mounted volumes
bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL);
if (!bResult)
{
bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL);
if (bResult)
volumesMounted = driver.ulMountedDrives;
}
if (bResult)
{
if (volumesMounted != 0)

8
src/Setup/Setup.rc
View File

@ -28,8 +28,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -46,11 +46,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt Setup"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCrypt Setup.exe"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

11
src/SetupDLL/Setup.c
View File

@ -328,10 +328,6 @@ void DetermineUpgradeDowngradeStatus (BOOL bCloseDriverHandle, LONG *driverVersi
DWORD dwResult;
BOOL bResult = DeviceIoControl (hDriver, TC_IOCTL_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL);
if (!bResult)
bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_DRIVER_VERSION, NULL, 0, &driverVersion, sizeof (driverVersion), &dwResult, NULL);
bUpgrade = (bResult && driverVersion <= VERSION_NUM);
bDowngrade = (bResult && driverVersion > VERSION_NUM);
bReinstallMode = (bResult && driverVersion == VERSION_NUM);
@ -1592,13 +1588,6 @@ BOOL DoDriverUnload_Dll (MSIHANDLE hInstaller, HWND hwnd)
// Check mounted volumes
bResult = DeviceIoControl (hDriver, TC_IOCTL_IS_ANY_VOLUME_MOUNTED, NULL, 0, &volumesMounted, sizeof (volumesMounted), &dwResult, NULL);
if (!bResult)
{
bResult = DeviceIoControl (hDriver, TC_IOCTL_LEGACY_GET_MOUNTED_VOLUMES, NULL, 0, &driver, sizeof (driver), &dwResult, NULL);
if (bResult)
volumesMounted = driver.ulMountedDrives;
}
if (bResult)
{
if (volumesMounted != 0)

8
src/SetupDLL/Setup.rc
View File

@ -28,8 +28,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
FILEVERSION 1,26,3,0
PRODUCTVERSION 1,26,3,0
FILEVERSION 1,26,4,0
PRODUCTVERSION 1,26,4,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@ -46,11 +46,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCryptSetup"
VALUE "FileVersion", "1.26.3"
VALUE "FileVersion", "1.26.4"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCryptSetup.dll"
VALUE "ProductName", "VeraCrypt"
VALUE "ProductVersion", "1.26.3"
VALUE "ProductVersion", "1.26.4"
END
END
BLOCK "VarFileInfo"

6
src/Signing/sign.bat
View File

@ -1,7 +1,7 @@
PATH=%PATH%;%WSDK81%\bin\x86;C:\Program Files\7-Zip;C:\Program Files (x86)\7-Zip
set VC_VERSION=1.26.3
set VC_VERSION_NBRE=1.26.3
set VC_VERSION=1.26.4
set VC_VERSION_NBRE=1.26.4
set SIGNINGPATH=%~dp0
cd %SIGNINGPATH%
@ -10,7 +10,7 @@ call "..\..\doc\chm\create_chm.bat"
cd %SIGNINGPATH%
rem sign using SHA-256
signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCryptSetup.dll"
signtool sign /v /sha1 88c1ff4b7469ea3915bd8e7635a7567d34f43202 /ac GlobalSign_SHA256_EV_CodeSigning_CA.cer /fd sha256 /tr http://timestamp.digicert.com /td SHA256 "..\Release\Setup Files\VeraCrypt.exe" "..\Release\Setup Files\VeraCrypt Format.exe" "..\Release\Setup Files\VeraCryptExpander.exe" "..\Release\Setup Files\VeraCrypt-x64.exe" "..\Release\Setup Files\VeraCrypt Format-x64.exe" "..\Release\Setup Files\VeraCryptExpander-x64.exe" "..\Release\Setup Files\VeraCrypt-arm64.exe" "..\Release\Setup Files\VeraCrypt Format-arm64.exe" "..\Release\Setup Files\VeraCryptExpander-arm64.exe" "..\Release\Setup Files\VeraCryptSetup.dll"
rem create setup and MSI
cd "..\Release\Setup Files\"

4
src/Signing/sign_test.bat
View File

@ -1,6 +1,6 @@
PATH=%PATH%;%WSDK81%\bin\x86;C:\Program Files\7-Zip;C:\Program Files (x86)\7-Zip
set VC_VERSION=1.26.3
set VC_VERSION_NBRE=1.26.3
set VC_VERSION=1.26.4
set VC_VERSION_NBRE=1.26.4
set PFXNAME=TestCertificate\idrix_codeSign.pfx
set PFXPASSWORD=idrix
set PFXCA=TestCertificate\idrix_TestRootCA.crt