diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-07-02 19:35:12 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2017-07-02 19:36:53 +0200 |
commit | d1b26d4bfefe4d7f8581d4555e6634c3603772ed (patch) | |
tree | b71140fbd82edd05e1696902069d2779d14c9d11 /src/Common | |
parent | a0f2ffb90bf004b08fc4d3e317718d5a78fb54d5 (diff) | |
download | VeraCrypt-d1b26d4bfefe4d7f8581d4555e6634c3603772ed.tar.gz VeraCrypt-d1b26d4bfefe4d7f8581d4555e6634c3603772ed.zip |
Windows: fix documentation and UI messages about the PIM constraints and calculation formula when EFI system encryption is using SHA-512 or Whirlpool. For historical reasons, if SHA-512 or Whirlpool is selected for EFI system encryption, then iterations = 15000 + (PIM x 1000) and not iterations = PIM x 2048 like the other algorithms.
Diffstat (limited to 'src/Common')
-rw-r--r-- | src/Common/Password.c | 9 | ||||
-rw-r--r-- | src/Common/Password.h | 2 |
2 files changed, 6 insertions, 5 deletions
diff --git a/src/Common/Password.c b/src/Common/Password.c index e3876042..8ba91374 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -133,14 +133,15 @@ BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw) } -BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning) +BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning) { - BOOL bCustomPimSmall = ((pim != 0) && (pim < (bForBoot? 98 : 485)))? TRUE : FALSE; + BOOL bootPimCondition = (bForBoot && (bootPRF != SHA512 && bootPRF != WHIRLPOOL))? TRUE : FALSE; + BOOL bCustomPimSmall = ((pim != 0) && (pim < (bootPimCondition? 98 : 485)))? TRUE : FALSE; if (passwordLength < PASSWORD_LEN_WARNING) { if (bCustomPimSmall) { - Error (bForBoot? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg); + Error (bootPimCondition? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg); return FALSE; } @@ -157,7 +158,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim } #endif - if ((pim != 0) && (pim > (bForBoot? 98 : 485))) + if ((pim != 0) && (pim > (bootPimCondition? 98 : 485))) { // warn that mount/boot will take more time Warning ("PIM_LARGE_WARNING", hwndDlg); diff --git a/src/Common/Password.h b/src/Common/Password.h index 9afcd060..b2b0511d 100644 --- a/src/Common/Password.h +++ b/src/Common/Password.h @@ -39,7 +39,7 @@ typedef struct #if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI) void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled ); -BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning); +BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning); BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw); int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg); |