diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-07-13 02:00:26 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-07-13 23:35:15 +0200 |
commit | a43a5ebb2136a77be8e79546f329412e4bef14c4 (patch) | |
tree | e32491754c66e078ca1fa9a52adb1dce22400dcb /src/Common | |
parent | 8fc08b1e468482301fa5c31fcba742e24e197afc (diff) | |
download | VeraCrypt-a43a5ebb2136a77be8e79546f329412e4bef14c4.tar.gz VeraCrypt-a43a5ebb2136a77be8e79546f329412e4bef14c4.zip |
Windows: Modify PIM parts in GUI to make it easier to use. Users must explicitly check "User PIM" to enable its use.
Diffstat (limited to 'src/Common')
-rw-r--r-- | src/Common/Common.rc | 17 | ||||
-rw-r--r-- | src/Common/Dlgcode.c | 8 | ||||
-rw-r--r-- | src/Common/Dlgcode.h | 1 | ||||
-rw-r--r-- | src/Common/Language.xml | 9 | ||||
-rw-r--r-- | src/Common/Password.c | 7 | ||||
-rw-r--r-- | src/Common/Resource.h | 3 |
6 files changed, 32 insertions, 13 deletions
diff --git a/src/Common/Common.rc b/src/Common/Common.rc index 7df10586..652b407f 100644 --- a/src/Common/Common.rc +++ b/src/Common/Common.rc @@ -72,28 +72,29 @@ FONT 8, "MS Shell Dlg", 400, 0, 0x1 BEGIN
CONTROL "Mount volume as read-&only",IDC_MOUNT_READONLY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,11,194,10
CONTROL "Mount volume as removable &medium",IDC_MOUNT_REMOVABLE,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,25,195,10
+ CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
CONTROL "Mount partition &using system encryption without pre-boot authentication",IDC_MOUNT_SYSENC_PART_WITHOUT_PBA,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,53,259,11
CONTROL "&Protect hidden volume against damage caused by writing to outer volume",IDC_PROTECT_HIDDEN_VOL,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,86,252,10
EDITTEXT IDC_PASSWORD_PROT_HIDVOL,112,104,151,14,ES_PASSWORD | ES_AUTOHSCROLL
+ COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ EDITTEXT IDC_PIM,112,145,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE
+ LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,148,112,8,NOT WS_VISIBLE
CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,165,90,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,178,90,10
- PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,167,60,14
- LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,193,247,10,SS_NOTIFY
+ PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,204,174,60,14
DEFPUSHBUTTON "OK",IDOK,211,7,60,14
PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14
+ LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,193,247,10,SS_NOTIFY
RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT
GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,139
- CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
- COMBOBOX IDC_PKCS5_PRF_ID,112,125,91,90,CBS_DROPDOWNLIST | WS_TABSTOP
RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,15,126,91,17
- EDITTEXT IDC_PIM,112,145,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
- RTEXT "Volume PIM:",IDT_PIM,15,148,91,17
- LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,158,148,112,8
+ RTEXT "Volume PIM:",IDT_PIM,15,148,91,17,NOT WS_VISIBLE
+ CONTROL "Use PIM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,152,97,10
END
IDD_KEYFILES DIALOGEX 0, 0, 345, 237
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 478af87c..2742317f 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -117,8 +117,9 @@ BOOL bPortableModeConfirmed = FALSE; // TRUE if it is certain that the instance BOOL bInPlaceEncNonSysPending = FALSE; // TRUE if the non-system in-place encryption config file indicates that one or more partitions are scheduled to be encrypted. This flag is set only when config files are loaded during app startup.
/* Globals used by Mount and Format (separately per instance) */
+BOOL PimEnable = FALSE;
BOOL KeyFilesEnable = FALSE;
KeyFile *FirstKeyFile = NULL;
KeyFilesDlgParam defaultKeyFilesParam;
@@ -9184,8 +9185,12 @@ void Applink (char *dest, BOOL bSendOS, char *extraOutput) else if (strcmp(dest, "contact") == 0)
{
StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Contact");
}
+ else if (strcmp(dest, "pim") == 0)
+ {
+ StringCbCopyA (url, sizeof (url),"https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20%28PIM%29");
+ }
else
{
StringCbCopyA (url, sizeof (url),TC_APPLINK);
}
@@ -10764,9 +10769,10 @@ std::string FindLatestFileOrDirectory (const std::string &directory, const char int GetPim (HWND hwndDlg, UINT ctrlId)
{
int pim = 0;
- if (IsWindowEnabled (GetDlgItem (hwndDlg, ctrlId)))
+ HWND hCtrl = GetDlgItem (hwndDlg, ctrlId);
+ if (IsWindowEnabled (hCtrl) && IsWindowVisible (hCtrl))
{
char szTmp[MAX_PIM + 1] = {0};
if (GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIM + 1) > 0)
{
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 175282fe..18e581f5 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -136,8 +136,9 @@ extern char bCachedSysDevicePathsValid; extern BOOL bHyperLinkBeingTracked;
extern BOOL bInPlaceEncNonSysPending;
+extern BOOL PimEnable;
extern BOOL KeyFilesEnable;
extern KeyFile *FirstKeyFile;
extern KeyFilesDlgParam defaultKeyFilesParam;
extern BOOL UacElevated;
diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 889d7bbb..a02da93c 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -47,8 +47,9 @@ <control lang="en" key="IDC_KEYFILES_RANDOM_SIZE">Random size ( 64 <-> 1048576 )</control>
<control lang="en" key="IDC_KEY_FILES">&Keyfiles...</control>
<control lang="en" key="IDC_LINK_HASH_INFO">Information on hash algorithms</control>
<control lang="en" key="IDC_LINK_MORE_INFO_ABOUT_CIPHER">More information</control>
+ <control lang="en" key="IDC_LINK_PIM_INFO">Information on PIM</control>
<control lang="en" key="IDC_MB">&MB</control>
<control lang="en" key="IDC_MORE_INFO_ON_CONTAINERS">More information</control>
<control lang="en" key="IDC_MORE_INFO_ON_SYS_ENCRYPTION">More information about system encryption</control>
<control lang="en" key="IDC_MORE_INFO_SYS_ENCRYPTION">More information</control>
@@ -56,8 +57,9 @@ <control lang="en" key="IDC_NONSYS_DEVICE">Encrypt a non-system partition/drive</control>
<control lang="en" key="IDC_NO_HISTORY">&Never save history</control>
<control lang="en" key="IDC_OPEN_OUTER_VOLUME">Open Outer Volume</control>
<control lang="en" key="IDC_PAUSE">&Pause</control>
+ <control lang="en" key="IDC_PIM_ENABLE">Use PIM</control>
<control lang="en" key="IDC_QUICKFORMAT">Quick Format</control>
<control lang="en" key="IDC_SHOW_PASSWORD">&Display password</control>
<control lang="en" key="IDC_SHOW_PASSWORD_SINGLE">&Display password</control>
<control lang="en" key="IDC_SINGLE_BOOT">Single-boot</control>
@@ -616,16 +618,17 @@ <string lang="en" key="PASSWORD_OR_MODE_WRONG">Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume.</string>
<string lang="en" key="PASSWORD_OR_KEYFILE_OR_MODE_WRONG">Operation failed due to one or more of the following:\n - Wrong mount mode.\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - Not a valid volume.</string>
<string lang="en" key="PASSWORD_WRONG_AUTOMOUNT">Auto-mount failed due to one or more of the following:\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found.</string>
<string lang="en" key="PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT">Auto-mount failed due to one or more of the following:\n - Incorrect keyfile(s).\n - Incorrect password.\n - Incorrect Volume PIM number.\n - Incorrect PRF (hash).\n - No valid volume found.</string>
- <string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
+ <string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
<string lang="en" key="PIM_CHANGE_WARNING">Remember Number to Mount Volume</string>
<string lang="en" key="PIM_HIDVOL_HOST_TITLE">Outer Volume PIM</string>
<string lang="en" key="PIM_HIDVOL_TITLE">Hidden Volume PIM</string>
<string lang="en" key="PIM_HIDDEN_OS_TITLE">PIM for Hidden Operating System</string>
- <string lang="en" key="PIM_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\n\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA small PIM value will lead to a quicker mount but it can reduce security if the password is not strong enough.</string>
- <string lang="en" key="PIM_SYSENC_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\n\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA small PIM value will lead to a quicker boot but it can reduce security if the password is not strong enough.</string>
+ <string lang="en" key="PIM_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough.</string>
+ <string lang="en" key="PIM_SYSENC_HELP">PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough.</string>
<string lang="en" key="PIM_SYSENC_CHANGE_WARNING">Remember Number to Boot System</string>
+ <string lang="en" key="PIM_LARGE_WARNING">You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot.</string>
<string lang="en" key="PIM_SMALL_WARNING">You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password?</string>
<string lang="en" key="PIM_SYSENC_TOO_BIG">Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535.</string>
<string lang="en" key="PIM_TITLE">Volume PIM</string>
<string lang="en" key="HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH">\n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View).</string>
diff --git a/src/Common/Password.c b/src/Common/Password.c index f8cf4616..fe9a9370 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -133,8 +133,15 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim if (MessageBoxW (hwndDlg, GetString ("PIM_SMALL_WARNING"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2) != IDYES)
return FALSE;
}
#endif
+
+ if ((pim != 0) && (pim > (bForBoot? 98 : 485)))
+ {
+ // warn that mount/boot will take more time
+ MessageBoxW (hwndDlg, GetString ("PIM_LARGE_WARNING"), lpszTitle, MB_OK|MB_ICONWARNING);
+
+ }
return TRUE;
}
int ChangePwd (const char *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg)
diff --git a/src/Common/Resource.h b/src/Common/Resource.h index 2d593b65..f1c20214 100644 --- a/src/Common/Resource.h +++ b/src/Common/Resource.h @@ -190,16 +190,17 @@ #define IDT_PKCS5_PRF 5128
#define IDT_PIM 5129
#define IDC_PIM 5130
#define IDC_PIM_HELP 5131
+#define IDC_PIM_ENABLE 5132
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 542
#define _APS_NEXT_COMMAND_VALUE 40001
-#define _APS_NEXT_CONTROL_VALUE 5132
+#define _APS_NEXT_CONTROL_VALUE 5133
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
|