#include "Common/Password.h"

#include "BootDefs.h"

// The user will be advised to upgrade the rescue disk if upgrading from the following or any previous version

#define TC_BOOT_LOADER_AREA_SIZE (TC_BOOT_LOADER_AREA_SECTOR_COUNT * TC_SECTOR_SIZE_BIOS)

#define TC_BOOT_VOLUME_HEADER_SECTOR (TC_BOOT_LOADER_AREA_SECTOR_COUNT - 1)

{

return c >= ' ' && c <= '~';

}

int GetString (char *buffer, size_t bufferSize)

{

byte c;

int GetString (char *buffer, size_t bufferSize);

void InitVideoMode ();

bool IsKeyboardCharAvailable ();

bool IsPrintable (char c);

void Print (const char *str);

void Print (uint32 number);

void Print (const uint64 &number);

void PrintBackspace ();

}

}

{

size_t pos = 0;

byte scanCode;

byte asciiCode;

byte hidePassword = 1;

Print ("Enter password");

Print (PreventNormalSystemBoot ? " for hidden system:\r\n" : ": ");

while (true)

ClearBiosKeystrokeBuffer();

PrintEndl();

password.Length = pos;

case TC_BIOS_KEY_BACKSPACE:

if (pos > 0)

{

return scanCode;

}

}

if (!IsPrintable (asciiCode) || pos == MAX_PASSWORD)

{

Beep();

continue;

PrintChar (asciiCode);

else

PrintCharAtCursor (asciiCode);

}

}

static void ExecuteBootSector (byte drive, byte *sectorBuffer)

}

}

{

int volumeType;

bool hiddenVolume;

uint64 headerSec;

if (ReadSectors (SectorBuffer, drive, headerSec, 1) != BiosResultSuccess)

continue;

{

// Prevent opening a non-system hidden volume

if (hiddenVolume && !((*cryptoInfo)->HeaderFlags & TC_HEADER_FLAG_ENCRYPTED_SYSTEM))

{

static bool MountVolume (byte drive, byte &exitKey, bool skipNormal, bool skipHidden)

{

BootArguments *bootArguments = (BootArguments *) TC_BOOT_LOADER_ARGS_OFFSET;

EraseMemory (bootArguments, sizeof (*bootArguments));

// Open volume header

while (true)

{

if (exitKey != TC_BIOS_KEY_ENTER)

return false;

Print ("Verifying password...");

{

Print ("OK\r\n");

break;

}

// Setup boot arguments

bootArguments->BootLoaderVersion = VERSION_NUM;

bootArguments->CryptoInfoOffset = (uint16) BootCryptoInfo;

bootArguments->CryptoInfoLength = sizeof (*BootCryptoInfo);

if (BootCryptoInfo->hiddenVolume)

bootArguments->HiddenSystemPartitionStart = PartitionFollowingActive.StartSector << TC_LB_SIZE_BIT_SHIFT_DIVISOR;

CRYPTO_INFO *headerCryptoInfo = crypto_open();

while (ReadSectors (SectorBuffer, drive, headerSector, 1) != BiosResultSuccess);

{

DecryptBuffer (SectorBuffer + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, headerCryptoInfo);

uint64 encryptedAreaLength = sectorsRemaining << TC_LB_SIZE_BIT_SHIFT_DIVISOR;

bool validHeaderPresent = false;

uint32 masterKeyScheduleCrc;

Password password;

if (exitKey != TC_BIOS_KEY_ENTER)

goto abort;

CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, TC_LB_SIZE);

ReleaseSectorBuffer();

// Restore volume header only if the current one cannot be used

{

validHeaderPresent = true;

masterKeyScheduleCrc = GetCrc32 (cryptoInfo->ks, sizeof (cryptoInfo->ks));

crypto_close (cryptoInfo);

AcquireSectorBuffer();

CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, 0, SectorBuffer, TC_LB_SIZE);

{

if (validHeaderPresent)

{

if (masterKeyScheduleCrc == GetCrc32 (cryptoInfo->ks, sizeof (cryptoInfo->ks)))

#include "TCdefs.h"

#include "Platform.h"

static int AskSelection (const char *options[], size_t optionCount);

static bool AskYesNo (const char *message);

static byte BootEncryptedDrive ();

static void BootMenu ();

int pkcs5_prf;

int ProtectedHidVolPkcs5Prf;

BOOL bTrueCryptMode;

uint32 BytesPerPhysicalSector;

} MOUNT_STRUCT;

typedef struct

{

typedef struct

{

Password VolumePassword;

int pkcs5_prf;

} ReopenBootVolumeHeaderRequest;

typedef struct

#ifndef SETUP

{

PCRYPTO_INFO cryptoInfo = NULL;

if (!IsRandomNumberGeneratorStarted())

throw ParameterIncorrect (SRC_POS);

volumeSize, 0, encryptedAreaStart, 0, TC_SYSENC_KEYSCOPE_MIN_REQ_PROG_VERSION, TC_HEADER_FLAG_ENCRYPTED_SYSTEM, TC_SECTOR_SIZE_BIOS, FALSE) != 0);

finally_do_arg (PCRYPTO_INFO*, &cryptoInfo, { crypto_close (*finally_arg); });

// Initial rescue disk assumes encryption of the drive has been completed (EncryptedAreaLength == volumeSize)

memcpy (RescueVolumeHeader, VolumeHeader, sizeof (RescueVolumeHeader));

throw ParameterIncorrect (SRC_POS);

DecryptBuffer (RescueVolumeHeader + HEADER_ENCRYPTED_DATA_OFFSET, HEADER_ENCRYPTED_DATA_SIZE, cryptoInfo);

}

}

{

BootEncryptionStatus encStatus = GetStatus();

if (encStatus.SetupInProgress || (wipePassCount <= 0))

device.Read ((byte *) header, sizeof (header));

PCRYPTO_INFO cryptoInfo = NULL;

finally_do_arg (PCRYPTO_INFO, cryptoInfo, { if (finally_arg) crypto_close (finally_arg); });

if (status != 0)

{

cryptoInfo->ea,

cryptoInfo->mode,

newPassword,

cryptoInfo->pkcs5,

(char *) cryptoInfo->master_keydata,

&tmpCryptoInfo,

cryptoInfo->VolumeSize.Value,

cryptoInfo->hiddenVolumeSize,

{

ReopenBootVolumeHeaderRequest reopenRequest;

reopenRequest.VolumePassword = *newPassword;

reopenRequest.pkcs5_prf = cryptoInfo->pkcs5;

finally_do_arg (ReopenBootVolumeHeaderRequest*, &reopenRequest, { burn (finally_arg, sizeof (*finally_arg)); });

CallDriver (TC_IOCTL_REOPEN_BOOT_VOLUME_HEADER, &reopenRequest, sizeof (reopenRequest));

}

SelectedPrfAlgorithmId = pkcs5;

}

{

BootEncryptionStatus encStatus = GetStatus();

if (encStatus.DriveMounted)

throw ParameterIncorrect (SRC_POS);

}

SelectedEncryptionAlgorithmId = ea;

SelectedPrfAlgorithmId = pkcs5;

if (!rescueIsoImagePath.empty())

CreateRescueIsoImage (true, rescueIsoImagePath);

}

void AbortDecoyOSWipe ();

void AbortSetup ();

void AbortSetupWait ();

void CallDriver (DWORD ioctl, void *input = nullptr, DWORD inputSize = 0, void *output = nullptr, DWORD outputSize = 0);

void CheckDecoyOSWipeResult ();

void CheckEncryptionSetupResult ();

void CheckRequirements ();

void CheckRequirementsHiddenOS ();

bool IsCDDrivePresent ();

bool IsHiddenSystemRunning ();

bool IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);

void PrepareHiddenOSCreation (int ea, int mode, int pkcs5);

void ProbeRealSystemDriveSize ();

void ReadBootSectorConfig (byte *config, size_t bufLength, byte *userConfig = nullptr, string *customUserMessage = nullptr, uint16 *bootLoaderVersion = nullptr);

uint32 ReadDriverConfigurationFlags ();

void RegisterBootDriver (bool hiddenSystem);

static const uint32 RescueIsoImageSize = 1835008; // Size of ISO9660 image with bootable emulated 1.44MB floppy disk image

void BackupSystemLoader ();

void CreateBootLoaderInMemory (byte *buffer, size_t bufferSize, bool rescueDisk, bool hiddenOSCreation = false);

string GetSystemLoaderBackupPath ();

uint32 GetChecksum (byte *data, size_t size);

DISK_GEOMETRY GetDriveGeometry (int driveNumber);

PartitionList GetDrivePartitions (int driveNumber);

Password CachedPasswords[CACHE_SIZE];

int cacheEmpty = 1;

static int nPasswordIdx = 0;

{

int nReturnCode = ERR_PASSWORD_WRONG;

int i;

/* Attempt to recognize volume using mount password */

if (password->Length > 0)

{

/* Save mount passwords back into cache if asked to do so */

if (bCache && (nReturnCode == 0 || nReturnCode == ERR_CIPHER_INIT_WEAK_KEY))

{

for (i = 0; i < CACHE_SIZE; i++)

{

if (CachedPasswords[i].Length > 0)

{

if (nReturnCode != ERR_PASSWORD_WRONG)

break;

}

extern int cacheEmpty;

void AddPasswordToCache (Password *password);

void WipeCache (void);

Password ProtectedHidVolPassword; /* Password of hidden volume to protect against overwriting */

BOOL UseBackupHeader;

BOOL RecoveryMode;

int ProtectedHidVolPkcs5Prf;

} MountOptions;

#endif

{

int ea; /* Encryption algorithm ID */

int mode; /* Mode of operation (e.g., XTS) */

int pkcs5; /* PRF algorithm */

unsigned __int8 ks[MAX_EXPANDED_KEY]; /* Primary key schedule (if it is a cascade, it conatins multiple concatenated keys) */

unsigned __int8 ks2[MAX_EXPANDED_KEY]; /* Secondary key schedule (if cascade, multiple concatenated) for XTS mode. */

BOOL hiddenVolume; // Indicates whether the volume is mounted/mountable as hidden volume

{

case SHA512:

/* PKCS-5 test with HMAC-SHA-512 used as the PRF */

break;

case SHA256:

/* PKCS-5 test with HMAC-SHA-256 used as the PRF */

break;

case RIPEMD160:

/* PKCS-5 test with HMAC-RIPEMD-160 used as the PRF */

break;

case WHIRLPOOL:

/* PKCS-5 test with HMAC-Whirlpool used as the PRF */

break;

}

}

int driveNo,

char *volumePath,

Password *password,

int pkcs5,

BOOL truecryptMode,

BOOL cachePassword,

BOOL sharedAccess,

const MountOptions* const mountOptions,

{

mount.ProtectedHidVolPassword = mountOptions->ProtectedHidVolPassword;

mount.bProtectHiddenVolume = TRUE;

mount.ProtectedHidVolPkcs5Prf = mountOptions->ProtectedHidVolPkcs5Prf;

}

else

mount.bProtectHiddenVolume = FALSE;

mount.bMountManager = TRUE;

mount.pkcs5_prf = pkcs5;

mount.bTrueCryptMode = truecryptMode;

// Windows 2000 mount manager causes problems with remounted volumes

if (CurrentOSMajor == 5 && CurrentOSMinor == 0)

mount.bMountManager = FALSE;

}

for (int64 i = startOffset; i <= bufLen - strLen; i++)

{

return i;

}

return -1;

BOOL Is64BitOs ()

{

static BOOL isWow64 = FALSE;

static BOOL valid = FALSE;

typedef BOOL (__stdcall *LPFN_ISWOW64PROCESS ) (HANDLE hProcess,PBOOL Wow64Process);

LPFN_ISWOW64PROCESS fnIsWow64Process;

isWow64 = FALSE;

valid = TRUE;

return isWow64;

}

BOOL IsServerOS ()

#ifndef SETUP

{

int status = ERR_PARAMETER_INCORRECT;

int volumeType;

char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];

memset (buffer, 0, sizeof (buffer));

}

// Decrypt volume header

if (status == ERR_PASSWORD_WRONG)

continue; // Try next volume type

context->VolumeIsOpen = FALSE;

}

{

CRYPTO_INFO *newCryptoInfo = NULL;

RandSetHashFunction (cryptoInfo->pkcs5);

cryptoInfo->ea,

cryptoInfo->mode,

password,

cryptoInfo->pkcs5,

(char *) cryptoInfo->master_keydata,

&newCryptoInfo,

cryptoInfo->VolumeSize.Value,

cryptoInfo->hiddenVolume ? cryptoInfo->hiddenVolumeSize : 0,

return name;

return string (directory) + "\\" + name;

}

BOOL IsDriveAvailable (int driveNo);

BOOL IsDeviceMounted (char *deviceName);

int DriverUnmountVolume (HWND hwndDlg, int nDosDriveNo, BOOL forced);

void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap);

BOOL UnmountVolume (HWND hwndDlg , int nDosDriveNo, BOOL forceUnmount);

BOOL IsPasswordCacheEmpty (void);

BOOL IsMountedVolume (const char *volname);

int GetMountedVolumeDriveNo (char *volname);

void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont);

BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);

BOOL GetSysDevicePaths (HWND hwndDlg);

BOOL DoDriverInstall (HWND hwndDlg);

void CloseVolume (OpenVolumeContext *context);

BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);

BOOL IsPagingFileWildcardActive ();

BOOL DisablePagingFile ();

BOOL CALLBACK SecurityTokenPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam);

BOOL VolumePathExists (const char *volumePath);

BOOL IsWindowsIsoBurnerAvailable ();

BOOL LaunchWindowsIsoBurner (HWND hwnd, const char *isoPath);

BOOL IsApplicationInstalled (const char *appName);

#ifdef __cplusplus

}

volParams->ea,

FIRST_MODE_OF_OPERATION_ID,

volParams->password,

volParams->pkcs5,

NULL,

&cryptoInfo,

dataAreaSize,

volParams->hiddenVol ? dataAreaSize : 0,

volParams->ea,

FIRST_MODE_OF_OPERATION_ID,

volParams->password,

volParams->pkcs5,

cryptoInfo->master_keydata,

&cryptoInfo,

dataAreaSize,

volParams->hiddenVol ? dataAreaSize : 0,

mountOptions.PreserveTimestamp = bPreserveTimestamp;

mountOptions.PartitionInInactiveSysEncScope = FALSE;

mountOptions.UseBackupHeader = FALSE;

{

MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);

MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);

nStatus = ERR_VOL_MOUNT_FAILED;

BOOL quickFormat;

int sectorSize;

int *realClusterSize;

Password *password;

HWND hwndDlg;

}

FORMAT_VOL_PARAMETERS;

<string lang="en" key="PASSWORD_OR_KEYFILE_OR_MODE_WRONG">Wrong mount mode, incorrect keyfile(s) and/or password/PRF, or not a valid volume.</string>

<string lang="en" key="PASSWORD_WRONG_AUTOMOUNT">Incorrect password/PRF or no valid volume found.</string>

<string lang="en" key="PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT">Incorrect keyfile(s)/password/PRF or no valid volume found.</string>

<string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>

<string lang="en" key="HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH">\n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View).</string>

<string lang="en" key="HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT">If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available.</string>

<string lang="en" key="FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC">VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software).</string>

<string lang="en" key="SELECTED_PARTITION_ALREADY_INPLACE_ENC">The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X</string>

<string lang="en" key="EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS">\nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).</string>

<string lang="en" key="GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION">Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions).</string>

<string lang="en" key="ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">This algorithm is currently not supported for system encryption.</string>

<string lang="en" key="ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">This algorithm is not supported for TrueCrypt mode.</string>

<string lang="en" key="KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">Keyfiles are currently not supported for system encryption.</string>

<string lang="en" key="CANNOT_RESTORE_KEYBOARD_LAYOUT">Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly.</string>

<string lang="en" key="CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION">Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout.</string>

<string lang="en" key="ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION">As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down.</string>

return TRUE;

}

{

if (GetWindowTextLength (hwndItem) < PASSWORD_LEN_WARNING)

{

#ifndef _DEBUG

if (MessageBoxW (hwndDlg, GetString ("PASSWORD_LENGTH_WARNING"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2) != IDYES)

return FALSE;

#endif

}

return TRUE;

}

{

int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;

char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];

char szDosDevice[TC_MAX_PATH];

}

/* Try to decrypt the header */

if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)

nStatus = 0; // We can ignore this error here

if (nStatus == ERR_PASSWORD_WRONG)

cryptoInfo->ea,

cryptoInfo->mode,

newPassword,

cryptoInfo->pkcs5,

cryptoInfo->master_keydata,

&ci,

cryptoInfo->VolumeSize.Value,

(volumeType == TC_VOLUME_TYPE_HIDDEN) ? cryptoInfo->hiddenVolumeSize : 0,

// User text input limits

#define MIN_PASSWORD 1 // Minimum possible password length

#define MAX_PASSWORD 64 // Maximum possible password length

#define PASSWORD_LEN_WARNING 20 // Display a warning when a password is shorter than this

#ifdef __cplusplus

#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)

void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );

BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);

#endif // defined(_WIN32) && !defined(TC_WINDOWS_DRIVER)

#ifdef __cplusplus

burn(key, sizeof(key));

}

#endif

{

char* k = hmac->k;

char* u = hmac->u;

uint32 c;

int i;

#ifdef TC_WINDOWS_BOOT

* This enables us to save code space needed for implementing other features.

*/

else

#else

c = iterations;

#endif

}

}

{

hmac_sha256_ctx hmac;

int b, l, r;

#ifndef TC_WINDOWS_BOOT

burn (&hmac, sizeof(hmac));

burn (key, sizeof(key));

}

{

char* k = hmac->k;

char* u = hmac->u;

/* iteration 1 */

memcpy (k, salt, salt_len); /* salt */

/* big-endian block number */

}

}

{

hmac_sha512_ctx hmac;

int b, l, r;

char key[SHA512_DIGESTSIZE];

}

#endif

{

char* k = hmac->k;

char* u = hmac->u;

uint32 c;

int i;

#ifdef TC_WINDOWS_BOOT

* This enables us to save code space needed for implementing other features.

*/

else

#else

c = iterations;

#endif

c--;

}

}

{

int b, l, r;

hmac_ripemd160_ctx hmac;

#ifndef TC_WINDOWS_BOOT

/* Prevent leaks */

burn(&hmac, sizeof(hmac));

}

{

char* u = hmac->u;

char* k = hmac->k;

/* iteration 1 */

memcpy (k, salt, salt_len); /* salt */

/* big-endian block number */

}

}

}

{

hmac_whirlpool_ctx hmac;

char key[WHIRLPOOL_DIGESTSIZE];

int b, l, r;

}

{

switch (pkcs5_prf_id)

{

case RIPEMD160:

if (truecryptMode)

return bBoot ? 1000 : 2000;

return bBoot? 327661 : 655331;

case SHA512:

case WHIRLPOOL:

case SHA256:

if (truecryptMode)

return 0; // SHA-256 not supported by TrueCrypt

return bBoot? 200000 : 500000;

default:

TC_THROW_FATAL_EXCEPTION; // Unknown/wrong ID

}

{

#endif

/* output written to d which must be at lease 32 bytes long */

void hmac_sha256 (char *k, int lk, char *d, int ld);

/* output written to d which must be at lease 64 bytes long */

void hmac_sha512 (char *k, int lk, char *d, int ld);

/* output written to input_digest which must be at lease 20 bytes long */

void hmac_ripemd160 (char *key, int keylen, char *input_digest, int len);

/* output written to d which must be at lease 64 bytes long */

void hmac_whirlpool (char *k, int lk, char *d, int ld);

char *get_pkcs5_prf_name (int pkcs5_prf_id);

#if defined(__cplusplus)

}

BOOL ReadVolumeHeaderRecoveryMode = FALSE;

{

char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];

KEY_INFO keyInfo;

PCRYPTO_INFO cryptoInfo;

item->Pkcs5Prf = enqPkcs5Prf;

EncryptionThreadPoolBeginKeyDerivation (&keyDerivationCompletedEvent, &noOutstandingWorkItemEvent,

&item->KeyReady, &outstandingWorkItemCount, enqPkcs5Prf, keyInfo.userKey,

++queuedWorkItems;

break;

}

item = &keyDerivationWorkItems[i];

if (!item->Free && InterlockedExchangeAdd (&item->KeyReady, 0) == TRUE)

{

pkcs5_prf = item->Pkcs5Prf;

memcpy (dk, item->DerivedKey, sizeof (dk));

item->Free = TRUE;

--queuedWorkItems;

}

else

{

pkcs5_prf = enqPkcs5Prf;

switch (pkcs5_prf)

{

case RIPEMD160:

}

#else // TC_WINDOWS_BOOT

{

#ifdef TC_WINDOWS_BOOT_SINGLE_CIPHER_MODE

char dk[32 * 2]; // 2 * 256-bit key

#else

#endif

PCRYPTO_INFO cryptoInfo;

int status = ERR_SUCCESS;

if (retHeaderCryptoInfo != NULL)

cryptoInfo = retHeaderCryptoInfo;

else

// PKCS5 PRF

#ifdef TC_WINDOWS_BOOT_SHA2

derive_key_sha256 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,

#else

derive_key_ripemd160 (password->Text, (int) password->Length, header + HEADER_SALT_OFFSET,

#endif

// Mode of operation

cryptoInfo->mode = FIRST_MODE_OF_OPERATION_ID;

#endif

// Creates a volume header in memory

int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, int mode, Password *password,

unsigned __int64 volumeSize, unsigned __int64 hiddenVolumeSize,

unsigned __int64 encryptedAreaStart, unsigned __int64 encryptedAreaLength, uint16 requiredProgramVersion, uint32 headerFlags, uint32 sectorSize, BOOL bWipeMode)

{

unsigned char *p = (unsigned char *) header;

// User key

memcpy (keyInfo.userKey, password->Text, nUserKeyLen);

keyInfo.keyLength = nUserKeyLen;

// User selected encryption algorithm

cryptoInfo->ea = ea;

uint16 GetHeaderField16 (byte *header, int offset);

uint32 GetHeaderField32 (byte *header, int offset);

UINT64_STRUCT GetHeaderField64 (byte *header, int offset);

#ifdef TC_WINDOWS_BOOT

#else

#endif

#if !defined (DEVICE_DRIVER) && !defined (TC_WINDOWS_BOOT)

BOOL ReadEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header, DWORD *bytesRead);

BOOL WriteEffectiveVolumeHeader (BOOL device, HANDLE fileHandle, byte *header);

int WriteRandomDataToReservedHeaderAreas (HWND hwndDlg, HANDLE dev, CRYPTO_INFO *cryptoInfo, uint64 dataAreaSize, BOOL bPrimaryOnly, BOOL bBackupOnly);

#endif

int64 hiddenHeaderOffset = BootArgs.HiddenSystemPartitionStart + TC_HIDDEN_VOLUME_HEADER_OFFSET;

NTSTATUS status;

LARGE_INTEGER offset;

char *header;

byte *mappedCryptoInfo = NULL;

Dump ("MountDrive pdo=%p\n", Extension->Pdo);

ASSERT (KeGetCurrentIrql() == PASSIVE_LEVEL);

pkcs5_prf = pBootCryptoInfo->pkcs5;

}

}

{

// Header decrypted

status = STATUS_SUCCESS;

Dump ("Header decrypted\n");

if (!BootDriveFound || !BootDriveFilterExtension || !BootDriveFilterExtension->DriveMounted || !BootDriveFilterExtension->HeaderCryptoInfo

|| request->VolumePassword.Length > MAX_PASSWORD

|| request->pkcs5_prf < 0

|| request->pkcs5_prf > LAST_PRF_ID

)

{

irp->IoStatus.Status = STATUS_INVALID_PARAMETER;

goto wipe;

Dump ("TCReadDevice error %x\n", irp->IoStatus.Status);

goto ret;

}

{

Dump ("Header reopened\n");

BootDriveFilterExtension->Queue.CryptoInfo->header_creation_time = BootDriveFilterExtension->HeaderCryptoInfo->header_creation_time;

MOUNT_STRUCT *mount = (MOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer;

if (mount->VolumePassword.Length > MAX_PASSWORD || mount->ProtectedHidVolPassword.Length > MAX_PASSWORD

|| mount->pkcs5_prf < 0 || mount->pkcs5_prf > LAST_PRF_ID

|| mount->ProtectedHidVolPkcs5Prf < 0 || mount->ProtectedHidVolPkcs5Prf > LAST_PRF_ID

|| (mount->bTrueCryptMode != FALSE && mount->bTrueCryptMode != TRUE)

)

{

burn (&mount->VolumePassword, sizeof (mount->VolumePassword));

burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword));

burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf));

burn (&mount->bTrueCryptMode, sizeof (mount->bTrueCryptMode));

burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf));

}

break;

mount->bCache,

readBuffer,

&mount->ProtectedHidVolPassword,

mount->ProtectedHidVolPkcs5Prf,

mount->bTrueCryptMode,

&tmpCryptoInfo);

}

else

mount->bCache,

readBuffer,

&mount->VolumePassword,

mount->pkcs5_prf,

mount->bTrueCryptMode,

&Extension->cryptoInfo);

}

namespace VeraCryptExpander

{

/* defined in WinMain.c, referenced by ExpandVolumeWizard() */

}

int GetSpaceString(char *dest, size_t maxlen, uint64 size, BOOL bDevice)

OpenVolumeContext *context;

const char *volumePath;

Password *password;

int pkcs5_prf;

BOOL truecryptMode;

BOOL write;

BOOL preserveTimestamps;

BOOL useBackupHeader;

{

OpenVolumeThreadParam* pThreadParam = (OpenVolumeThreadParam*) pArg;

*(pThreadParam)->nStatus = OpenVolume(pThreadParam->context, pThreadParam->volumePath, pThreadParam->password, pThreadParam->pkcs5_prf,

}

/*

ExpandVolumeWizard

{

int nStatus = ERR_OS_ERROR;

wchar_t szTmp[4096];

Password VolumePassword;

uint64 hostSize, volSize, hostSizeFree, maxSizeFS;

BOOL bIsDevice, bIsLegacy;

DWORD dwError;

int driveNo;

{

OpenVolumeContext expandVol;

BOOL truecryptMode = FALSE;

{

goto ret;

}

threadParam.context = &expandVol;

threadParam.volumePath = lpszVolume;

threadParam.password = &VolumePassword;

threadParam.pkcs5_prf = VolumePkcs5;

threadParam.truecryptMode = FALSE;

threadParam.write = FALSE;

threadParam.preserveTimestamps = bPreserveTimestamp;

threadParam.useBackupHeader = FALSE;

WaitCursor();

// auto mount the volume to check the file system type

if (nStatus != ERR_SUCCESS)

goto error;

VolExpandParam.szVolumeName = lpszVolume;

VolExpandParam.FileSystem = volFSType;

VolExpandParam.pVolumePassword = &VolumePassword;

VolExpandParam.VolumePkcs5 = VolumePkcs5;

VolExpandParam.bIsDevice = bIsDevice;

VolExpandParam.bIsLegacy = bIsLegacy;

VolExpandParam.oldSize = bIsDevice ? volSize : hostSize;

VolExpandParam.newSize = hostSize;

int with Truecrypt error code (ERR_SUCCESS on success)

*/

{

MountOptions mountOptions;

ZeroMemory (&mountOptions, sizeof (mountOptions));

mountOptions.PreserveTimestamp = bPreserveTimestamp;

mountOptions.PartitionInInactiveSysEncScope = FALSE;

mountOptions.UseBackupHeader = FALSE;

{

*driveNo = -3;

return ERR_VOL_MOUNT_FAILED;

}

return dataAreaSize + reservedSize;

}

{

char szVolumeGUID[128];

int driveNo = -1;

char rootPath[] = "A:\\";

// mount and resize file system

DebugAddProgressDlgStatus (hwndDlg, "Mounting volume ...\r\n");

if (nStatus!=ERR_SUCCESS)

{

driveNo = -1;

goto error;

Remarks: a lot of code is from TrueCrypt 'Common\Password.c' :: ChangePwd()

*/

{

int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;

char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];

char szDosDevice[TC_MAX_PATH];

}

/* Try to decrypt the header */

if (nStatus == ERR_CIPHER_INIT_WEAK_KEY)

nStatus = 0; // We can ignore this error here

if (nStatus != 0)

cryptoInfo->ea,

cryptoInfo->mode,

pVolumePassword,

cryptoInfo->pkcs5,

(char*)(cryptoInfo->master_keydata),

&ci,

newDataAreaSize,

0, // hiddenVolumeSize

SetLastError (dwError);

if (nStatus == ERR_SUCCESS)

{

}

return nStatus;

}

EXPAND_VOL_THREAD_PARAMS *pParam=(EXPAND_VOL_THREAD_PARAMS *)pExpandDlgParam;

HWND hwndDlg = (HWND) pParam->hwndDlg;

nStatus = ExpandVolume (hwndDlg, (char*)pParam->szVolumeName, pParam->pVolumePassword,

if (nStatus!=ERR_SUCCESS && nStatus!=ERR_USER_ABORT)

handleError (hwndDlg, nStatus);

BOOL bIsLegacy;

BOOL bInitFreeSpace;

Password *pVolumePassword;

int VolumePkcs5;

HWND hwndDlg;

} EXPAND_VOL_THREAD_PARAMS;

#ifdef __cplusplus

/* defined in ExpandVolume.c */

uint64 GetVolumeDataAreaSize (uint64 volumeSize, BOOL legacyVolume);

uint64 GetVolumeSizeByDataAreaSize (uint64 dataSize, BOOL legacyVolume);

int QueryVolumeInfo (HWND hwndDlg, const char *lpszVolume, uint64 * pHostSizeFree, uint64 * pSizeLimitFS );

BOOL GetFileSystemType(const char *szFileName, enum EV_FileSystem *pFS);

BOOL GetNtfsNumberOfSectors(char *rootPath, uint64 *pNumberOfSectors, DWORD *pBytesPerSector);

void __cdecl volTransformThreadFunction (void *hwndDlgArg);

LTEXT "1. Select the VeraCrypt volume to be expanded\n2. Click the 'Start' button",IDC_STATIC,15,156,293,21

LTEXT "Static",IDC_INFOEXPAND,8,6,361,134,SS_NOPREFIX | SS_SUNKEN,WS_EX_STATICEDGE

END

STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION

CAPTION "Enter VeraCrypt Volume Password"

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL

CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,

DEFPUSHBUTTON "OK",IDOK,243,8,64,14

PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14

RTEXT "Password:",IDT_PASSWORD,0,10,65,13

COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP

RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13

CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10

END

IDD_EXPAND_PROGRESS_DLG DIALOGEX 0, 0, 376, 271

STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU

END

IDD_PASSWORD_DLG, DIALOG

BEGIN

END

IDD_EXPAND_PROGRESS_DLG, DIALOG

BEGIN

{

WORD lw = LOWORD (wParam);

static Password *szXPwd;

static int *pkcs5;

static BOOL* truecryptMode;

switch (msg)

{

{

int i, nIndex;

szXPwd = ((PasswordDlgParam *) lParam) -> password;

pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;

truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;

LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");

DragAcceptFiles (hwndDlg, TRUE);

SendMessage (hComboBox, CB_SETCURSEL, 0, 0);

SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);

SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0);

SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);

mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode;

SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_SETPASSWORDCHAR, '*', 0);

InvalidateRect (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL, TRUE);

bPrebootPasswordDlgMode = TRUE;

}

return 1;

bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));

*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);

*truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);

/* SHA-256 is not supported by TrueCrypt */

if ( (*truecryptMode)

&& ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256))

)

{

Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

return 1;

}

}

// Attempt to wipe password stored in the input field buffer

memset (tmp, 'X', MAX_PASSWORD);

// dummy

return 0;

}

{

int result;

PasswordDlgParam dlgParam;

PasswordDialogDisableMountOptions = !enableMountOptions;

dlgParam.password = password;

dlgParam.pkcs5 = pkcs5;

dlgParam.truecryptMode = truecryptMode;

result = DialogBoxParamW (hInst,

MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg,

if (result != IDOK)

{

password->Length = 0;

*pkcs5 = 0;

*truecryptMode = FALSE;

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

}

#define IDC_INFOEXPAND 1113

#define IDC_EDIT1 1114

#define IDC_BOX_STATUS 1114

#define IDC_TRUECRYPT_MODE 1140

#define IDM_HELP 40001

#define IDM_ABOUT 40002

#define IDM_UNMOUNT_VOLUME 40003

#define IDM_CLEAR_HISTORY 40004

#ifndef APSTUDIO_READONLY_SYMBOLS

#define _APS_NO_MFC 1

#define _APS_NEXT_RESOURCE_VALUE 120

#define _APS_NEXT_COMMAND_VALUE 40064

#define _APS_NEXT_SYMED_VALUE 101

#endif

#endif

//

// Dialog

//

STYLE DS_SETFONT | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU

CAPTION "VeraCrypt Volume Creation Wizard"

CLASS "VeraCryptCustomDlg"

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

LTEXT "",IDC_BOX_TITLE,160,8,233,17

CONTROL 116,IDC_BITMAP_WIZARD,"Static",SS_BITMAP | SS_SUNKEN,10,9,137,169

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

COMBOBOX IDC_COMBO_BOX,7,23,137,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP

LTEXT "More information",IDC_LINK_MORE_INFO_ABOUT_CIPHER,7,82,135,10,SS_NOTIFY

LTEXT "Information on hash algorithms",IDC_LINK_HASH_INFO,97,124,115,8,SS_NOTIFY

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_PASSWORD,53,3,163,14,ES_PASSWORD | ES_AUTOHSCROLL

EDITTEXT IDC_VERIFY,53,19,163,14,ES_PASSWORD | ES_AUTOHSCROLL

RTEXT "Password:",IDT_PASSWORD,1,6,50,8

RTEXT "&Confirm:",IDT_CONFIRM,1,23,50,8

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_SIZEBOX,0,22,71,14,ES_AUTOHSCROLL | ES_NUMBER

LTEXT "",IDC_BOX_HELP,0,75,214,64

LTEXT "",IDC_SPACE_LEFT,0,44,214,21

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

COMBOBOX IDC_COMBO_BOX,0,9,148,80,CBS_DROPDOWN | CBS_AUTOHSCROLL | WS_VSCROLL | WS_TABSTOP

CONTROL "&Never save history",IDC_NO_HISTORY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,3,28,137,10

PUSHBUTTON "",IDC_SELECT_VOLUME_LOCATION,155,9,62,14

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

COMBOBOX IDC_FILESYS,43,13,36,90,CBS_DROPDOWNLIST | WS_TABSTOP

GROUPBOX "",IDC_STATIC,0,32,225,35

CONTROL "",IDC_RANDOM_BYTES,"Static",SS_SIMPLE | WS_GROUP,57,38,155,8,WS_EX_TRANSPARENT

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Create an encrypted file container",IDC_FILE_CONTAINER,

LTEXT "Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume.",IDT_NON_SYS_DEVICE,16,66,205,16

LTEXT "Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system.",IDT_SYS_DEVICE,16,100,205,33

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

LTEXT "",IDC_BOX_HELP,0,10,225,137

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Normal mode",IDC_HIDVOL_WIZ_MODE_FULL,"Button",BS_AUTORADIOBUTTON,0,7,217,10

LTEXT "",IDC_BOX_HELP,16,20,205,48

LTEXT "",IDC_BOX_HELP2,16,89,205,50

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_PASSWORD_DIRECT,50,2,149,14,ES_PASSWORD | ES_AUTOHSCROLL

COMBOBOX IDC_PKCS5_PRF_ID,50,17,91,90,CBS_DROPDOWNLIST | WS_TABSTOP

RTEXT "Password:",IDT_PASSWORD,0,6,48,8

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Standard VeraCrypt volume",IDC_STD_VOL,"Button",BS_AUTORADIOBUTTON,0,7,212,10

CONTROL "Hi&dden VeraCrypt volume ",IDC_HIDDEN_VOL,"Button",BS_AUTORADIOBUTTON,0,53,212,10

LTEXT "",IDC_BOX_HELP_NORMAL_VOL,16,20,205,25

LTEXT "",IDC_BOX_HELP,16,66,205,57

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Encrypt the Windows system partition",IDC_SYS_PARTITION,

"Button",BS_AUTORADIOBUTTON,0,7,212,10

CONTROL "Encrypt the whole drive",IDC_WHOLE_SYS_DRIVE,"Button",BS_AUTORADIOBUTTON,0,53,212,10

LTEXT "Select this option to encrypt the partition where the currently running Windows operating system is installed.",IDT_SYS_PARTITION,16,20,205,32

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,1,98,122,10

LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue.",IDT_COLLECTING_RANDOM_DATA_NOTE,1,112,224,40

GROUPBOX "Current pool content (partial)",IDT_PARTIAL_POOL_CONTENTS,0,5,222,88

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Single-boot",IDC_SINGLE_BOOT,"Button",BS_AUTORADIOBUTTON,0,7,212,10

LTEXT "Select this option if there is only one operating system installed on this computer (even if it has multiple users).",IDT_SINGLE_BOOT,16,20,205,32

LTEXT "Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X",IDT_MULTI_BOOT,16,66,205,72

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

LTEXT "Download CD/DVD recording software",IDC_DOWNLOAD_CD_BURN_SOFTWARE,0,136,217,10,SS_NOTIFY

LTEXT "",IDT_RESCUE_DISK_BURN_INFO,0,4,225,128

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

COMBOBOX IDC_WIPE_MODE,61,0,127,90,CBS_DROPDOWNLIST | WS_TABSTOP

RTEXT "Wipe mode:",IDT_WIPE_MODE,0,2,59,8,0,WS_EX_RIGHT

LTEXT "",IDT_WIPE_MODE_INFO,0,19,225,128

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

COMBOBOX IDC_WIPE_MODE,67,13,125,90,CBS_DROPDOWNLIST | WS_TABSTOP

GROUPBOX "Options",IDT_FORMAT_OPTIONS,0,3,225,29

GROUPBOX "",IDC_STATIC,0,32,225,41

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

CONTROL "Display generated keys (their portions)",IDC_DISPLAY_KEYS,

RTEXT "Master Key: ",IDT_MASTER_KEY,2,80,54,8

GROUPBOX "",-1,0,65,225,26

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "",IDC_CHOICE1,"Button",BS_AUTORADIOBUTTON,0,7,212,10

CONTROL "",IDC_CHOICE2,"Button",BS_AUTORADIOBUTTON,0,17,217,10

LTEXT "",IDC_BOX_HELP,1,34,220,112

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

LTEXT "",IDT_SYSENC_DRIVE_ANALYSIS_INFO,2,10,215,88

CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,1,115,216,12

LTEXT "Progress:",IDT_PROGRESS,2,104,57,8

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Normal",IDC_SYSENC_NORMAL,"Button",BS_AUTORADIOBUTTON,0,7,212,10

CONTROL "Hi&dden",IDC_SYSENC_HIDDEN,"Button",BS_AUTORADIOBUTTON,0,53,212,10

LTEXT "",IDC_BOX_HELP_SYSENC_NORMAL,16,20,205,25

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

LTEXT "More information",IDC_HIDDEN_SYSENC_INFO_LINK,0,141,217,10,SS_NOTIFY

LTEXT "",IDC_BOX_HELP,0,2,225,136

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

PUSHBUTTON "Abort",IDC_ABORT_BUTTON,169,48,50,14

GROUPBOX "",IDC_STATIC,0,40,225,42

LTEXT "",IDC_WIPE_MODE,67,21,125,11,SS_CENTERIMAGE,WS_EX_TRANSPARENT | WS_EX_STATICEDGE

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

COMBOBOX IDC_WIPE_MODE,61,9,127,90,CBS_DROPDOWNLIST | WS_TABSTOP

RTEXT "Wipe mode:",IDT_WIPE_MODE,0,11,59,8,0,WS_EX_RIGHT

LTEXT "",IDT_WIPE_MODE_INFO,0,29,225,122

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

CONTROL "Create encrypted volume and format it",IDC_DEVICE_TRANSFORM_MODE_FORMAT,

"Button",BS_AUTORADIOBUTTON,0,8,217,10

CONTROL "Encrypt partition in place",IDC_DEVICE_TRANSFORM_MODE_INPLACE,

"Button",BS_AUTORADIOBUTTON,0,98,217,10

LTEXT "",IDC_BOX_HELP,16,21,205,74

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

LTEXT "",IDC_BOX_HELP,0,107,225,41

LISTBOX IDC_LIST_BOX,0,3,222,100,LBS_NOINTEGRALHEIGHT | LBS_DISABLENOSCROLL | WS_VSCROLL

END

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

LTEXT "",IDC_BOX_HELP,0,40,225,95

IDD_VOL_CREATION_WIZARD_DLG, DIALOG

BEGIN

RIGHTMARGIN, 393

TOPMARGIN, 1

END

IDD_CIPHER_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_PASSWORD_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_SIZE_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_VOLUME_LOCATION_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_FORMAT_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 217

HORZGUIDE, 80

HORZGUIDE, 96

END

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_INFO_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_HIDVOL_HOST_FILL_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_HIDDEN_VOL_WIZARD_MODE_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_PASSWORD_ENTRY_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_VOLUME_TYPE_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_SYSENC_SPAN_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_SYSENC_RESCUE_DISK_CREATION_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG, DIALOG

BEGIN

RIGHTMARGIN, 217

HORZGUIDE, 80

HORZGUIDE, 96

END

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_SYSENC_WIPE_MODE_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_INPLACE_ENCRYPTION_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 217

HORZGUIDE, 80

HORZGUIDE, 96

END

IDD_SYSENC_KEYS_GEN_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 217

HORZGUIDE, 80

HORZGUIDE, 96

END

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_SYSENC_DRIVE_ANALYSIS_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 217

HORZGUIDE, 80

HORZGUIDE, 96

END

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 223

END

IDD_DEVICE_WIPE_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 217

HORZGUIDE, 80

HORZGUIDE, 96

END

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_DEVICE_TRANSFORM_MODE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_EXPANDED_LIST_SELECT_PAGE_DLG, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

IDD_DRIVE_LETTER_SELECTION_PAGE, DIALOG

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 219

TOPMARGIN, 7

END

END

#endif // APSTUDIO_INVOKED

volParams->ea,

FIRST_MODE_OF_OPERATION_ID,

volParams->password,

volParams->pkcs5,

wipePass == 0 ? NULL : (char *) cryptoInfo->master_keydata,

&cryptoInfo,

dataAreaSize,

0,

/* Now we will try to decrypt the backup header to verify it has been correctly written. */

if (nStatus != ERR_SUCCESS

|| cryptoInfo->EncryptedAreaStart.Value != cryptoInfo2->EncryptedAreaStart.Value

|| cryptoInfo2->EncryptedAreaStart.Value == 0)

DWORD n;

char *devicePath = volParams->volumePath;

Password *password = volParams->password;

int pkcs5_prf = volParams->pkcs5;

DISK_GEOMETRY driveGeometry;

HWND hwndDlg = volParams->hwndDlg;

sectorSize = driveGeometry.BytesPerSector;

if (nStatus != ERR_SUCCESS)

goto closing_seq;

headerCryptoInfo->ea,

headerCryptoInfo->mode,

password,

masterCryptoInfo->pkcs5,

(char *) masterCryptoInfo->master_keydata,

&tmpCryptoInfo,

masterCryptoInfo->VolumeSize.Value,

0,

char *devicePath = volParams->volumePath;

Password *password = volParams->password;

HWND hwndDlg = volParams->hwndDlg;

int pkcs5_prf = volParams->pkcs5;

DISK_GEOMETRY driveGeometry;

buf = (char *) TCalloc (TC_MAX_NONSYS_INPLACE_ENC_WORK_CHUNK_SIZE);

goto closing_seq;

}

if (nStatus != ERR_SUCCESS)

goto closing_seq;

return nStatus;

}

{

LARGE_INTEGER offset;

DWORD n;

int nStatus = ERR_SUCCESS;

goto closing_seq;

}

if (nStatus != ERR_SUCCESS)

goto closing_seq;

static int ConcealNTFS (HANDLE dev);

BOOL SaveNonSysInPlaceEncSettings (int delta, WipeAlgorithmId wipeAlgorithm, BOOL bDecrypting);

static void ExportProgressStats (__int64 bytesDone, __int64 totalSize);

int ZeroUnreadableSectors (HANDLE dev, LARGE_INTEGER startOffset, int64 size, int sectorSize, uint64 *zeroedSectorCount);

BOOL MoveClustersBeforeThreshold (HANDLE volumeHandle, PWSTR volumeDevicePath, int64 clusterThreshold);

#ifdef __cplusplus

}

#define IDC_HIDDEN_SYSENC_INFO_LINK 1099

#define IDT_PASS 1100

#define IDC_DEVICE_TRANSFORM_MODE_FORMAT 1101

#define IDC_DEVICE_TRANSFORM_MODE_INPLACE 1102

// Next default values for new objects

//

#ifdef APSTUDIO_INVOKED

#ifndef APSTUDIO_READONLY_SYMBOLS

#define _APS_NO_MFC 1

#define _APS_NEXT_RESOURCE_VALUE 133

#define _APS_NEXT_COMMAND_VALUE 40001

#define _APS_NEXT_SYMED_VALUE 101

#endif

#endif

Password volumePassword; /* User password */

char szVerify[MAX_PASSWORD + 1]; /* Tmp password buffer */

char szRawPassword[MAX_PASSWORD + 1]; /* Password before keyfile was applied to it */

BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */

BOOL ComServerMode = FALSE;

{

if (device.Path == szDevicePath)

{

OpenVolumeContext volume;

if ( status == ERR_SUCCESS)

{

if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0

{

OpenVolumeContext volume;

{

if ((volume.CryptoInfo->HeaderFlags & TC_HEADER_FLAG_NONSYS_INPLACE_ENC) != 0

&& volume.CryptoInfo->EncryptedAreaLength.Value != volume.CryptoInfo->VolumeSize.Value)

{

volParams->quickFormat = quickFormat;

volParams->sectorSize = GetFormatSectorSize();

volParams->realClusterSize = &realClusterSize;

volParams->password = &volumePassword;

volParams->hwndDlg = hwndDlg;

if (bInPlaceDecNonSys)

{

if (bHiddenVolHost && !bVolTransformThreadCancel && nStatus == 0)

{

/* Auto mount the newly created hidden volume host */

{

case ERR_NO_FREE_DRIVES:

MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);

bVolTransformThreadCancel = TRUE;

SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT), szRawPassword);

SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT));

SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (bInPlaceEncNonSys ? (bInPlaceEncNonSysResumed ? "NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP" : "NONSYS_INPLACE_DEC_PASSWORD_PAGE_HELP") : "PASSWORD_HIDDENVOL_HOST_DIRECT_HELP"));

{

wchar_t str[1000];

hPasswordInputField = GetDlgItem (hwndDlg, IDC_PASSWORD);

if (SysEncInEffect ())

{

ToBootPwdField (hwndDlg, IDC_PASSWORD);

SetWindowText (GetDlgItem (hwndDlg, IDC_VERIFY), szVerify);

SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD));

SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect());

EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable);

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str);

NULL,

NULL,

KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

}

break;

case FILESYS_PAGE:

KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

if (volumePassword.Length > 0)

// Password character encoding

if (!CheckPasswordCharEncoding (GetDlgItem (hCurPage, IDC_PASSWORD), NULL))

{

Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg);

return 1;

}

// Check password length (check also done for outer volume which is not the case in TrueCrypt).

{

return 1;

}

}

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

hash_algo = (int) SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hCurPage, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);

// Store the password in case we need to restore it after keyfile is applied to it

GetWindowText (GetDlgItem (hCurPage, IDC_PASSWORD_DIRECT), szRawPassword, sizeof (szRawPassword));

if (KeyFilesEnable)

int retCode;

// Mount the hidden volume host as read-only (to ensure consistent and secure

// results of the volume bitmap scanning)

{

case ERR_NO_FREE_DRIVES:

NormalCursor ();

MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);

mountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE);

// Check that it is not a hidden or legacy volume

{

NormalCursor();

return 1;

}

}

mountOptions.UseBackupHeader = TRUE; // This must be TRUE at this point (we won't be using the regular header, which will be lost soon after the decryption process starts)

{

NormalCursor();

return 1;

}

try

{

WaitCursor();

}

catch (Exception &e)

{

e.Show (hwndDlg);

if (hiddenVolHostDriveNo < 0) // If the hidden volume host is not mounted

{

// Remount the hidden volume host as read-only (to ensure consistent and secure

// results of the volume bitmap scanning)

{

case ERR_NO_FREE_DRIVES:

MessageBoxW (hwndDlg, GetString ("NO_FREE_DRIVE_FOR_OUTER_VOL"), lpszTitle, ICON_HAND);

NormalCursor ();

KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect ());

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

nNewPageNo = SIZE_PAGE + 1; // Skip the hidden volume host password page

if (SysEncInEffect ())

{

}

// Mounts a volume within which the user intends to create a hidden volume

{

MountOptions mountOptions;

ZeroMemory (&mountOptions, sizeof (mountOptions));

mountOptions.PreserveTimestamp = bPreserveTimestamp;

mountOptions.PartitionInInactiveSysEncScope = FALSE;

mountOptions.UseBackupHeader = FALSE;

{

*driveNo = -3;

return ERR_VOL_MOUNT_FAILED;

}

static void NonSysInplaceEncPause (void);

static void NonSysInplaceEncResume (void);

void ShowNonSysInPlaceEncUIStatus (void);

void UpdateNonSysInPlaceEncControls (void);

int AnalyzeHiddenVolumeHost (HWND hwndDlg, int *driveNo, __int64 hiddenVolHostSize, int *realClusterSize, __int64 *pnbrFreeClusters);

int ScanVolClusterBitmap ( HWND hwndDlg, int *driveNo, __int64 nbrClusters, __int64 *nbrFreeClusters);

static void WipeStart (void);

static void WipeAbort (void);

AddRef ();

return S_OK;

}

virtual int STDMETHODCALLTYPE BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume)

{

USES_CONVERSION;

CW2A szVolumeA(lpszVolume);

USES_CONVERSION;

CW2A volumePathA(volumePath);

MainDlg = (HWND) hWnd;

if (volumePathA.m_psz)

else

return ERR_OUTOFMEMORY;

}

USES_CONVERSION;

CW2A volumePathA(volumePath);

MainDlg = (HWND) hWnd;

if (volumePathA.m_psz)

else

return ERR_OUTOFMEMORY;

}

USES_CONVERSION;

CW2A volumePathA(volumePath);

MainDlg = (HWND) hWnd;

if (volumePathA.m_psz)

else

return ERR_OUTOFMEMORY;

}

return r;

}

{

CComPtr<ITrueCryptMainCom> tc;

int r;

if (bstr)

{

volumeBstr.Attach (bstr);

}

else

r = ERR_OUTOFMEMORY;

NormalCursor ();

BOOL ComServerMain ();

int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);

int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);

#ifdef __cplusplus

}

#endif

helpstring("VeraCrypt Main UAC Support Interface")

]

interface ITrueCryptMainCom : IUnknown

{

int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume);

DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output);

int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);

DWORD CopyFile (BSTR sourceFile, BSTR destinationFile);

DWORD SetDriverServiceStartType (DWORD startType);

DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value);

int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);

int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);

};

[

uuid(FE8B3B95-C80C-41f7-830F-FBA271C26F7E),

Password VolumePassword; /* Password used for mounting volumes */

Password CmdVolumePassword; /* Password passed from command line */

int VolumePkcs5 = 0;

int CmdVolumePkcs5 = 0;

int DefaultVolumePkcs5 = 0;

BOOL VolumeTrueCryptMode = FALSE;

BOOL CmdVolumeTrueCryptMode = FALSE;

BOOL DefaultVolumeTrueCryptMode = FALSE;

burn (&VolumePassword, sizeof (VolumePassword));

burn (&CmdVolumePassword, sizeof (CmdVolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode));

burn (&mountOptions, sizeof (mountOptions));

burn (&defaultMountOptions, sizeof (defaultMountOptions));

defaultMountOptions.Removable = ConfigReadInt ("MountVolumesRemovable", FALSE);

defaultMountOptions.ReadOnly = ConfigReadInt ("MountVolumesReadOnly", FALSE);

defaultMountOptions.ProtectHiddenVolume = FALSE;

defaultMountOptions.ProtectedHidVolPkcs5Prf = 0;

defaultMountOptions.PartitionInInactiveSysEncScope = FALSE;

defaultMountOptions.RecoveryMode = FALSE;

defaultMountOptions.UseBackupHeader = FALSE;

typedef struct

{

Password *oldPassword;

int old_pkcs5;

Password *newPassword;

int pkcs5;

int wipePassCount;

BOOL truecryptMode;

int* pnStatus;

} ChangePwdThreadParam;

pThreadParam->pkcs5 = 0; // PKCS-5 PRF unchanged (currently we can't change PRF of system encryption)

try

{

}

catch (Exception &e)

{

e.Show (hwndDlg);

else

{

// Non-system

if (*pThreadParam->pnStatus == ERR_OS_ERROR

&& GetLastError () == ERROR_ACCESS_DENIED

&& IsUacSupported ()

&& IsVolumeDeviceHosted (szFileName))

{

}

}

}

SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_CHANGE_PKCS5_PRF"));

LocalizeDialog (hwndDlg, "IDD_PCDM_CHANGE_PKCS5_PRF");

EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);

LocalizeDialog (hwndDlg, "IDD_PCDM_ADD_REMOVE_VOL_KEYFILES");

newKeyFilesParam.EnableKeyFiles = TRUE;

EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE);

EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), TRUE);

EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);

int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA,

SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);

BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);

if (truecryptMode && (old_pkcs5 == SHA256))

{

Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

return 1;

}

if (!CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL))

{

Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg);

return 1;

}

if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF)

{

newKeyFilesParam.EnableKeyFiles = KeyFilesEnable;

}

else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL)

&& pwdChangeDlgMode == PCDM_CHANGE_PASSWORD)

{

return 1;

}

GetWindowText (GetDlgItem (hParent, IDC_VOLUME), szFileName, sizeof (szFileName));

case PCDM_ADD_REMOVE_VOL_KEYFILES:

case PCDM_CHANGE_PKCS5_PRF:

memcpy (newPassword.Text, oldPassword.Text, sizeof (newPassword.Text));

newPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text);

break;

default:

GetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), (LPSTR) newPassword.Text, sizeof (newPassword.Text));

ChangePwdThreadParam changePwdParam;

changePwdParam.oldPassword = &oldPassword;

changePwdParam.old_pkcs5 = old_pkcs5;

changePwdParam.newPassword = &newPassword;

changePwdParam.pkcs5 = pkcs5;

changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode);

changePwdParam.pnStatus = &nStatus;

changePwdParam.truecryptMode = truecryptMode;

err:

burn (&oldPassword, sizeof (oldPassword));

burn (&newPassword, sizeof (newPassword));

NormalCursor ();

if (nStatus == 0)

{

WORD lw = LOWORD (wParam);

static Password *szXPwd;

static int *pkcs5;

static BOOL* truecryptMode;

switch (msg)

{

{

int i, nIndex, defaultPrfIndex = 0;

szXPwd = ((PasswordDlgParam *) lParam) -> password;

pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;

truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;

LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");

DragAcceptFiles (hwndDlg, TRUE);

SendMessage (hComboBox, CB_SETCURSEL, defaultPrfIndex, 0);

SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);

SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0);

SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);

mountOptions.PartitionInInactiveSysEncScope = bPrebootPasswordDlgMode;

SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_SETPASSWORDCHAR, '*', 0);

InvalidateRect (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL, TRUE);

bPrebootPasswordDlgMode = TRUE;

}

return 1;

{

/* Use default PRF specified by the user if any */

if (mountOptions.ProtectedHidVolPkcs5Prf == 0)

mountOptions.ProtectedHidVolPkcs5Prf = *pkcs5;

DialogBoxParamW (hInst,

MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg,

(DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions);

bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));

*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);

*truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);

/* SHA-256 is not supported by TrueCrypt */

if ( (*truecryptMode)

&& ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256))

)

{

Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);

return 1;

}

}

// Attempt to wipe password stored in the input field buffer

memset (tmp, 'X', MAX_PASSWORD);

if (bSysEnc)

ListSubItemSetW (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE"));

else

{

s = prop.hiddenVolume ? GetString ("HIDDEN") :

(prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL"));

if (truecryptMode)

else

return item.lParam;

}

{

INT_PTR result;

PasswordDlgParam dlgParam;

PasswordDialogDisableMountOptions = !enableMountOptions;

dlgParam.password = password;

dlgParam.pkcs5 = pkcs5;

dlgParam.truecryptMode = truecryptMode;

result = DialogBoxParamW (hInst,

MAKEINTRESOURCEW (IDD_PASSWORD_DLG), hwndDlg,

if (result != IDOK)

{

password->Length = 0;

*pkcs5 = 0;

*truecryptMode = FALSE;

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

}

{

VolumePassword.Length = 0;

VolumePkcs5 = 0;

VolumeTrueCryptMode = FALSE;

}

if (szFileName == NULL)

{

// First try cached passwords and if they fail ask user for a new one

WaitCursor ();

// try TrueCrypt mode first since it is quick

if (!mounted)

// If keyfiles are enabled, test empty password first

if (!mounted && KeyFilesEnable && FirstKeyFile)

{

emptyPassword.Length = 0;

KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile);

// try TrueCrypt mode first since it is quick

if (!mounted)

burn (&emptyPassword, sizeof (emptyPassword));

}

// Test password and/or keyfiles used for the previous volume

if (!mounted && bCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0)

{

// try TrueCrypt mode first as it is quick

if (!mounted)

}

NormalCursor ();

{

VolumePassword = CmdVolumePassword;

VolumePkcs5 = EffectiveVolumePkcs5;

VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;

}

else if (!Silent)

{

int GuiPkcs5 = EffectiveVolumePkcs5;

BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;

StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);

goto ret;

else

{

VolumePkcs5 = GuiPkcs5;

VolumeTrueCryptMode = GuiTrueCryptMode;

burn (&GuiPkcs5, sizeof(GuiPkcs5));

burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));

}

}

WaitCursor ();

if (KeyFilesEnable)

KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);

NormalCursor ();

// Check for legacy non-ASCII passwords

if (mounted > 0 && !KeyFilesEnable && !CheckPasswordCharEncoding (NULL, &VolumePassword))

{

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

}

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

{

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

}

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

if (!CmdVolumePasswordValid && bPasswordPrompt)

{

int GuiPkcs5 = EffectiveVolumePkcs5;

BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;

PasswordDlgVolume[0] = '\0';

goto ret;

else

{

VolumePkcs5 = GuiPkcs5;

VolumeTrueCryptMode = GuiTrueCryptMode;

burn (&GuiPkcs5, sizeof(GuiPkcs5));

burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));

}

}

else if (CmdVolumePasswordValid)

{

bPasswordPrompt = FALSE;

VolumePassword = CmdVolumePassword;

VolumePkcs5 = EffectiveVolumePkcs5;

VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;

}

WaitCursor();

if (LOWORD (GetItemLong (driveList, selDrive)) == 0xffff)

goto ret;

// First try user password then cached passwords

{

// A volume has been successfully mounted

ResetWrongPwdRetryCount ();

{

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

}

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

mountOptions.UseBackupHeader = defaultMountOptions.UseBackupHeader;

if (!EffectiveVolumeTrueCryptMode)

EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;

// Cached password

// Command line password or keyfiles

if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile))

{

if (FirstCmdKeyFile)

KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile);

mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A',

&mountOptions, Silent, reportBadPasswd);

burn (&CmdVolumePassword, sizeof (CmdVolumePassword));

}

// Ask user for password

while (!mounted && !Silent)

{

int GuiPkcs5 = EffectiveVolumePkcs5;

BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;

VolumePassword.Length = 0;

StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName);

break;

else

{

VolumePkcs5 = GuiPkcs5;

VolumeTrueCryptMode = GuiTrueCryptMode;

burn (&GuiPkcs5, sizeof(GuiPkcs5));

burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));

}

WaitCursor ();

if (KeyFilesEnable && FirstKeyFile)

KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));

burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));

if (CmdVolumePkcs5 == 0)

mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5;

else

mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5;

if (IDCANCEL == DialogBoxParamW (hInst,

MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg,

(DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions))

OptionVolume,

CommandWipeCache,

OptionPkcs5,

OptionTrueCryptMode,

};

argument args[]=

{

{ OptionVolume, "/volume", "/v", FALSE },

{ CommandWipeCache, "/wipecache", "/w", FALSE },

{ OptionPkcs5, "/hash", NULL , FALSE },

{ OptionTrueCryptMode, "/truecrypt", "/tc", FALSE },

};

argumentspec as;

else

AbortProcess ("COMMAND_LINE_ERROR");

}

break;

case OptionTrueCryptMode:

CmdVolumeTrueCryptMode = TRUE;

break;

if (CmdVolumePkcs5 == 0)

mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5;

else

mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5;

if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), MainDlg, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions) == IDCANCEL)

{

status = FALSE;

goto skipMount;

MultipleMountOperationInProgress = FALSE;

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

if (status && CloseSecurityTokenSessionsAfterMount)

SecurityToken::CloseAllSessions();

int fBackup = -1;

OpenVolumeContext volume;

OpenVolumeContext hiddenVolume;

Password hiddenVolPassword;

byte temporaryKey[MASTER_KEYDATA_SIZE];

byte originalK2[MASTER_KEYDATA_SIZE];

if (!lpszVolume)

for (int type = TC_VOLUME_TYPE_NORMAL; type <= TC_VOLUME_TYPE_HIDDEN; ++type)

{

OpenVolumeContext *askVol = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolume : &volume);

Password *askPassword = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPassword : &VolumePassword);

while (TRUE)

{

{

nStatus = ERR_SUCCESS;

goto ret;

}

if (KeyFilesEnable && FirstKeyFile)

KeyFilesApply (hwndDlg, askPassword, FirstKeyFile);

NormalCursor();

if (nStatus == ERR_SUCCESS)

goto error;

}

// Store header encrypted with a new key

if (nStatus != ERR_SUCCESS)

goto error;

if (hiddenVolume.VolumeIsOpen)

{

nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE),

if (nStatus != ERR_SUCCESS)

goto error;

}

handleError (hwndDlg, nStatus);

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

burn (&hiddenVolPassword, sizeof (hiddenVolPassword));

burn (temporaryKey, sizeof (temporaryKey));

burn (originalK2, sizeof (originalK2));

// Open the volume using backup header

while (TRUE)

{

StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume);

{

nStatus = ERR_SUCCESS;

goto ret;

}

if (KeyFilesEnable && FirstKeyFile)

KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);

NormalCursor();

if (nStatus == ERR_SUCCESS)

// Create a new header with a new salt

char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE];

if (nStatus != 0)

goto error;

headerOffset.QuadPart = volume.CryptoInfo->hiddenVolume ? TC_HIDDEN_VOLUME_HEADER_OFFSET : TC_VOLUME_HEADER_OFFSET;

// Open the header

while (TRUE)

{

{

nStatus = ERR_SUCCESS;

goto ret;

}

{

if (type == TC_VOLUME_TYPE_HIDDEN)

headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE);

if (nStatus == ERR_SUCCESS)

break;

}

WaitCursor();

// Restore header encrypted with a new key

if (nStatus != ERR_SUCCESS)

goto error;

if (!SetFilePointerEx (dev, headerOffset, NULL, FILE_BEGIN))

if (!restoredCryptoInfo->LegacyVolume)

{

// Restore backup header encrypted with a new key

if (nStatus != ERR_SUCCESS)

goto error;

if (!SetFilePointerEx (dev, headerBackupOffset, NULL, FILE_BEGIN))

handleError (hwndDlg, nStatus);

burn (&VolumePassword, sizeof (VolumePassword));

burn (&VolumePkcs5, sizeof (VolumePkcs5));

burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));

RestoreDefaultKeyFilesParam();

RandStop (FALSE);

NormalCursor();

if (CmdVolumePkcs5 == 0)

mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5;

else

mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5;

if (IDCANCEL == DialogBoxParamW (hInst,

MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg,

(DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions))

return;

typedef struct

{

Password *password;

int* pkcs5;

BOOL* truecryptMode;

} PasswordDlgParam;

extern VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList;

DEFPUSHBUTTON "OK",IDOK,114,203,55,14

CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,192

END

STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU

CAPTION "Change Password or Keyfiles"

CLASS "VeraCryptCustomDlg"

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_OLD_PASSWORD,89,14,162,13,ES_PASSWORD | ES_AUTOHSCROLL

DEFPUSHBUTTON "OK",IDOK,264,7,59,14

PUSHBUTTON "Cancel",IDCANCEL,264,24,59,14

RTEXT "Password:",IDT_PASSWORD,12,16,72,8

RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE

END

IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271

STYLE DS_SETFONT | DS_SETFOREGROUND | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU

CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,98,242,88,20

CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119

END

STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION

CAPTION "Enter VeraCrypt Volume Password"

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL

CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,

DEFPUSHBUTTON "OK",IDOK,243,8,64,14

PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14

RTEXT "Password:",IDT_PASSWORD,0,10,65,13

END

IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269

STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU

BEGIN

LEFTMARGIN, 7

RIGHTMARGIN, 323

TOPMARGIN, 7

END

IDD_MOUNT_DLG, DIALOG

BEGIN

IDD_PASSWORD_DLG, DIALOG

BEGIN

RIGHTMARGIN, 313

END

IDD_TRAVELER_DLG, DIALOG

BEGIN

#define IDT_NEW_PKCS5_PRF 1138

#define IDC_PKCS5_OLD_PRF_ID 1139

#define IDC_TRUECRYPT_MODE 1140

#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141

#define IDM_HELP 40001

#define IDM_ABOUT 40002

#define IDM_UNMOUNT_VOLUME 40003

#define IDM_CLEAR_HISTORY 40004

#ifndef APSTUDIO_READONLY_SYMBOLS

#define _APS_NO_MFC 1

#define _APS_NEXT_RESOURCE_VALUE 119

#define _APS_NEXT_COMMAND_VALUE 40068

#define _APS_NEXT_SYMED_VALUE 101

#endif

#endif

ProjectSection(ProjectDependencies) = postProject

{EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602}

{8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}

{993245CF-6B70-47EE-91BB-39F8FC6DC0E7} = {993245CF-6B70-47EE-91BB-39F8FC6DC0E7}

EndProjectSection

EndProject

Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Setup", "Setup\Setup.vcproj", "{DF5F654D-BD44-4E31-B92E-B68074DC37A8}"

ProjectSection(ProjectDependencies) = postProject

EndProject

Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ExpandVolume", "ExpandVolume\ExpandVolume.vcproj", "{9715FF1D-599B-4BBC-AD96-BEF6E08FF827}"

ProjectSection(ProjectDependencies) = postProject

{EF5EF444-18D0-40D7-8DFA-775EC4448602} = {EF5EF444-18D0-40D7-8DFA-775EC4448602}

{8B7F059F-E4C7-4E11-88F5-EE8B8433072E} = {8B7F059F-E4C7-4E11-88F5-EE8B8433072E}

EndProjectSection

EndProject

Global

GlobalSection(SolutionConfigurationPlatforms) = preSolution