diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-06-24 14:14:34 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2015-06-24 15:33:16 +0200 |
commit | 9913af3a8ed61333cafd0e611f214f7c86652423 (patch) | |
tree | bae9cbe7b95cb56df9d210cf32b44a0c15574ce8 /src/Core | |
parent | f927ce9b58b137846bb78a47f5a83f7261eac9ff (diff) | |
download | VeraCrypt-9913af3a8ed61333cafd0e611f214f7c86652423.tar.gz VeraCrypt-9913af3a8ed61333cafd0e611f214f7c86652423.zip |
Linux/MacOSX: first dynamic mode implementation
Diffstat (limited to 'src/Core')
-rwxr-xr-x[-rw-r--r--] | src/Core/Core.h | 30 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Core/CoreBase.cpp | 18 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Core/CoreBase.h | 8 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Core/MountOptions.cpp | 8 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Core/MountOptions.h | 4 | ||||
-rwxr-xr-x | src/Core/Unix/CoreUnix.cpp | 2 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Core/VolumeCreator.cpp | 4 | ||||
-rwxr-xr-x[-rw-r--r--] | src/Core/VolumeCreator.h | 1 |
8 files changed, 48 insertions, 27 deletions
diff --git a/src/Core/Core.h b/src/Core/Core.h index 4ff85139..b1d2eb7b 100644..100755 --- a/src/Core/Core.h +++ b/src/Core/Core.h @@ -69,16 +69,18 @@ namespace VeraCrypt shared_ptr <VolumePath> m_volumePath; bool m_preserveTimestamps; shared_ptr <VolumePassword> m_password; + int m_pim; shared_ptr <Pkcs5Kdf> m_kdf; bool m_truecryptMode; shared_ptr <KeyfileList> m_keyfiles; shared_ptr <VolumePassword> m_newPassword; + int m_newPim; shared_ptr <KeyfileList> m_newKeyfiles; shared_ptr <Pkcs5Kdf> m_newPkcs5Kdf; int m_wipeCount; - ChangePasswordThreadRoutine(shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) : m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_kdf(kdf), m_truecryptMode(truecryptMode), m_keyfiles(keyfiles), m_newPassword(newPassword), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount) {} + ChangePasswordThreadRoutine(shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) : m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_pim(pim), m_kdf(kdf), m_truecryptMode(truecryptMode), m_keyfiles(keyfiles), m_newPassword(newPassword), m_newPim(newPim), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount) {} virtual ~ChangePasswordThreadRoutine() { } - virtual void ExecutionCode(void) { Core->ChangePassword(m_volumePath, m_preserveTimestamps, m_password, m_kdf, m_truecryptMode, m_keyfiles, m_newPassword, m_newKeyfiles, m_newPkcs5Kdf, m_wipeCount); } + virtual void ExecutionCode(void) { Core->ChangePassword(m_volumePath, m_preserveTimestamps, m_password, m_pim, m_kdf, m_truecryptMode, m_keyfiles, m_newPassword, m_newPim, m_newKeyfiles, m_newPkcs5Kdf, m_wipeCount); } }; class OpenVolumeThreadRoutine : public WaitThreadRoutine @@ -87,11 +89,13 @@ namespace VeraCrypt shared_ptr <VolumePath> m_volumePath; bool m_preserveTimestamps; shared_ptr <VolumePassword> m_password; + int m_pim; shared_ptr<Pkcs5Kdf> m_Kdf; bool m_truecryptMode; shared_ptr <KeyfileList> m_keyfiles; VolumeProtection::Enum m_protection; shared_ptr <VolumePassword> m_protectionPassword; + int m_protectionPim; shared_ptr<Pkcs5Kdf> m_protectionKdf; shared_ptr <KeyfileList> m_protectionKeyfiles; bool m_sharedAccessAllowed; @@ -100,14 +104,14 @@ namespace VeraCrypt bool m_partitionInSystemEncryptionScope; shared_ptr <Volume> m_pVolume; - OpenVolumeThreadRoutine(shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr<Pkcs5Kdf> Kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr<Pkcs5Kdf> protectionKdf = shared_ptr<Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false): - m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_Kdf(Kdf), m_truecryptMode(truecryptMode), m_keyfiles(keyfiles), - m_protection(protection), m_protectionPassword(protectionPassword), m_protectionKdf(protectionKdf), m_protectionKeyfiles(protectionKeyfiles), m_sharedAccessAllowed(sharedAccessAllowed), m_volumeType(volumeType),m_useBackupHeaders(useBackupHeaders), + OpenVolumeThreadRoutine(shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr<Pkcs5Kdf> Kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr<Pkcs5Kdf> protectionKdf = shared_ptr<Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false): + m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_pim(pim), m_Kdf(Kdf), m_truecryptMode(truecryptMode), m_keyfiles(keyfiles), + m_protection(protection), m_protectionPassword(protectionPassword), m_protectionPim(protectionPim), m_protectionKdf(protectionKdf), m_protectionKeyfiles(protectionKeyfiles), m_sharedAccessAllowed(sharedAccessAllowed), m_volumeType(volumeType),m_useBackupHeaders(useBackupHeaders), m_partitionInSystemEncryptionScope(partitionInSystemEncryptionScope) {} ~OpenVolumeThreadRoutine() {} - virtual void ExecutionCode(void) { m_pVolume = Core->OpenVolume(m_volumePath,m_preserveTimestamps,m_password,m_Kdf,m_truecryptMode,m_keyfiles, m_protection,m_protectionPassword,m_protectionKdf, m_protectionKeyfiles,m_sharedAccessAllowed,m_volumeType,m_useBackupHeaders, m_partitionInSystemEncryptionScope); } + virtual void ExecutionCode(void) { m_pVolume = Core->OpenVolume(m_volumePath,m_preserveTimestamps,m_password,m_pim,m_Kdf,m_truecryptMode,m_keyfiles, m_protection,m_protectionPassword,m_protectionPim,m_protectionKdf, m_protectionKeyfiles,m_sharedAccessAllowed,m_volumeType,m_useBackupHeaders, m_partitionInSystemEncryptionScope); } }; @@ -117,11 +121,12 @@ namespace VeraCrypt const BufferPtr &m_newHeaderBuffer; shared_ptr <VolumeHeader> m_header; shared_ptr <VolumePassword> m_password; + int m_pim; shared_ptr <KeyfileList> m_keyfiles; - ReEncryptHeaderThreadRoutine(const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles) - : m_newHeaderBuffer(newHeaderBuffer), m_header(header), m_password(password), m_keyfiles(keyfiles) {} + ReEncryptHeaderThreadRoutine(const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, int pim, shared_ptr <KeyfileList> keyfiles) + : m_newHeaderBuffer(newHeaderBuffer), m_header(header), m_password(password), m_pim(pim), m_keyfiles(keyfiles) {} virtual ~ReEncryptHeaderThreadRoutine() { } - virtual void ExecutionCode(void) { Core->ReEncryptVolumeHeaderWithNewSalt (m_newHeaderBuffer, m_header, m_password, m_keyfiles); } + virtual void ExecutionCode(void) { Core->ReEncryptVolumeHeaderWithNewSalt (m_newHeaderBuffer, m_header, m_password, m_pim, m_keyfiles); } }; class DecryptThreadRoutine : public WaitThreadRoutine @@ -130,16 +135,17 @@ namespace VeraCrypt shared_ptr <VolumeHeader> m_pHeader; const ConstBufferPtr &m_encryptedData; const VolumePassword &m_password; + int m_pim; shared_ptr <Pkcs5Kdf> m_kdf; bool m_truecryptMode; const Pkcs5KdfList &m_keyDerivationFunctions; const EncryptionAlgorithmList &m_encryptionAlgorithms; const EncryptionModeList &m_encryptionModes; bool m_bResult; - DecryptThreadRoutine(shared_ptr <VolumeHeader> header, const ConstBufferPtr &encryptedData, const VolumePassword &password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes) - : m_pHeader(header), m_encryptedData(encryptedData), m_password(password), m_kdf(kdf), m_truecryptMode(truecryptMode), m_keyDerivationFunctions(keyDerivationFunctions), m_encryptionAlgorithms(encryptionAlgorithms), m_encryptionModes(encryptionModes), m_bResult(false){} + DecryptThreadRoutine(shared_ptr <VolumeHeader> header, const ConstBufferPtr &encryptedData, const VolumePassword &password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, const Pkcs5KdfList &keyDerivationFunctions, const EncryptionAlgorithmList &encryptionAlgorithms, const EncryptionModeList &encryptionModes) + : m_pHeader(header), m_encryptedData(encryptedData), m_password(password), m_pim(pim), m_kdf(kdf), m_truecryptMode(truecryptMode), m_keyDerivationFunctions(keyDerivationFunctions), m_encryptionAlgorithms(encryptionAlgorithms), m_encryptionModes(encryptionModes), m_bResult(false){} virtual ~DecryptThreadRoutine() { } - virtual void ExecutionCode(void) { m_bResult = m_pHeader->Decrypt(m_encryptedData, m_password, m_kdf, m_truecryptMode, m_keyDerivationFunctions, m_encryptionAlgorithms, m_encryptionModes); } + virtual void ExecutionCode(void) { m_bResult = m_pHeader->Decrypt(m_encryptedData, m_password, m_pim, m_kdf, m_truecryptMode, m_keyDerivationFunctions, m_encryptionAlgorithms, m_encryptionModes); } }; class WaitThreadUI diff --git a/src/Core/CoreBase.cpp b/src/Core/CoreBase.cpp index 8dcee144..24eb3f7a 100644..100755 --- a/src/Core/CoreBase.cpp +++ b/src/Core/CoreBase.cpp @@ -23,7 +23,7 @@ namespace VeraCrypt { } - void CoreBase::ChangePassword (shared_ptr <Volume> openVolume, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const + void CoreBase::ChangePassword (shared_ptr <Volume> openVolume, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const { if ((!newPassword || newPassword->Size() < 1) && (!newKeyfiles || newKeyfiles->empty())) throw PasswordEmpty (SRC_POS); @@ -63,7 +63,7 @@ namespace VeraCrypt else RandomNumberGenerator::GetDataFast (newSalt); - newPkcs5Kdf->DeriveKey (newHeaderKey, *password, newSalt); + newPkcs5Kdf->DeriveKey (newHeaderKey, *password, newPim, newSalt); openVolume->ReEncryptHeader (backupHeader, newSalt, newHeaderKey, newPkcs5Kdf); openVolume->GetFile()->Flush(); @@ -76,10 +76,10 @@ namespace VeraCrypt } } - void CoreBase::ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const + void CoreBase::ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf, int wipeCount) const { - shared_ptr <Volume> volume = OpenVolume (volumePath, preserveTimestamps, password, kdf, truecryptMode, keyfiles); - ChangePassword (volume, newPassword, newKeyfiles, newPkcs5Kdf, wipeCount); + shared_ptr <Volume> volume = OpenVolume (volumePath, preserveTimestamps, password, pim, kdf, truecryptMode, keyfiles); + ChangePassword (volume, newPassword, newPim, newKeyfiles, newPkcs5Kdf, wipeCount); } void CoreBase::CoalesceSlotNumberAndMountPoint (MountOptions &options) const @@ -250,10 +250,10 @@ namespace VeraCrypt return GetMountedVolume (volumePath); } - shared_ptr <Volume> CoreBase::OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr<Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, shared_ptr<Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) const + shared_ptr <Volume> CoreBase::OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr<Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr<Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope) const { make_shared_auto (Volume, volume); - volume->Open (*volumePath, preserveTimestamps, password, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionKdf, protectionKeyfiles, sharedAccessAllowed, volumeType, useBackupHeaders, partitionInSystemEncryptionScope); + volume->Open (*volumePath, preserveTimestamps, password, pim, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionPim, protectionKdf, protectionKeyfiles, sharedAccessAllowed, volumeType, useBackupHeaders, partitionInSystemEncryptionScope); return volume; } @@ -268,7 +268,7 @@ namespace VeraCrypt encryptionAlgorithm->GetMode()->SetKey (modeKey); } - void CoreBase::ReEncryptVolumeHeaderWithNewSalt (const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles) const + void CoreBase::ReEncryptVolumeHeaderWithNewSalt (const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, int pim, shared_ptr <KeyfileList> keyfiles) const { shared_ptr <Pkcs5Kdf> pkcs5Kdf = header->GetPkcs5Kdf(); @@ -280,7 +280,7 @@ namespace VeraCrypt shared_ptr <VolumePassword> passwordKey (Keyfile::ApplyListToPassword (keyfiles, password)); RandomNumberGenerator::GetData (newSalt); - pkcs5Kdf->DeriveKey (newHeaderKey, *passwordKey, newSalt); + pkcs5Kdf->DeriveKey (newHeaderKey, *passwordKey, pim, newSalt); header->EncryptNew (newHeaderBuffer, newSalt, newHeaderKey, pkcs5Kdf); } diff --git a/src/Core/CoreBase.h b/src/Core/CoreBase.h index 9f704369..ce806536 100644..100755 --- a/src/Core/CoreBase.h +++ b/src/Core/CoreBase.h @@ -29,8 +29,8 @@ namespace VeraCrypt public: virtual ~CoreBase (); - virtual void ChangePassword (shared_ptr <Volume> openVolume, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const; - virtual void ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const; + virtual void ChangePassword (shared_ptr <Volume> openVolume, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const; + virtual void ChangePassword (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Pkcs5Kdf> newPkcs5Kdf = shared_ptr <Pkcs5Kdf> (), int wipeCount = PRAND_HEADER_WIPE_PASSES) const; virtual void CheckFilesystem (shared_ptr <VolumeInfo> mountedVolume, bool repair = false) const = 0; virtual void CoalesceSlotNumberAndMountPoint (MountOptions &options) const; virtual void CreateKeyfile (const FilePath &keyfilePath) const; @@ -65,9 +65,9 @@ namespace VeraCrypt virtual bool IsVolumeMounted (const VolumePath &volumePath) const; virtual VolumeSlotNumber MountPointToSlotNumber (const DirectoryPath &mountPoint) const = 0; virtual shared_ptr <VolumeInfo> MountVolume (MountOptions &options) = 0; - virtual shared_ptr <Volume> OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, shared_ptr<Pkcs5Kdf> Kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), shared_ptr<Pkcs5Kdf> protectionKdf = shared_ptr<Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false) const; + virtual shared_ptr <Volume> OpenVolume (shared_ptr <VolumePath> volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr<Pkcs5Kdf> Kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr<Pkcs5Kdf> protectionKdf = shared_ptr<Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false) const; virtual void RandomizeEncryptionAlgorithmKey (shared_ptr <EncryptionAlgorithm> encryptionAlgorithm) const; - virtual void ReEncryptVolumeHeaderWithNewSalt (const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, shared_ptr <KeyfileList> keyfiles) const; + virtual void ReEncryptVolumeHeaderWithNewSalt (const BufferPtr &newHeaderBuffer, shared_ptr <VolumeHeader> header, shared_ptr <VolumePassword> password, int pim, shared_ptr <KeyfileList> keyfiles) const; virtual void SetAdminPasswordCallback (shared_ptr <GetStringFunctor> functor) { } virtual void SetApplicationExecutablePath (const FilePath &path) { ApplicationExecutablePath = path; } virtual void SetFileOwner (const FilesystemPath &path, const UserId &owner) const = 0; diff --git a/src/Core/MountOptions.cpp b/src/Core/MountOptions.cpp index 844d72b4..e78549fb 100644..100755 --- a/src/Core/MountOptions.cpp +++ b/src/Core/MountOptions.cpp @@ -26,6 +26,7 @@ namespace VeraCrypt TC_CLONE (NoHardwareCrypto); TC_CLONE (NoKernelCrypto); TC_CLONE_SHARED (VolumePassword, Password); + TC_CLONE (Pim); if (other.Kdf) { Kdf.reset(other.Kdf->Clone()); @@ -37,6 +38,7 @@ namespace VeraCrypt TC_CLONE (PreserveTimestamps); TC_CLONE (Protection); TC_CLONE_SHARED (VolumePassword, ProtectionPassword); + TC_CLONE (ProtectionPim); if (other.ProtectionKdf) ProtectionKdf.reset(other.ProtectionKdf->Clone()); else @@ -116,6 +118,9 @@ namespace VeraCrypt } } catch(...) {} + + sr.Deserialize ("Pim", Pim); + sr.Deserialize ("ProtectionPim", ProtectionPim); } void MountOptions::Serialize (shared_ptr <Stream> stream) const @@ -167,6 +172,9 @@ namespace VeraCrypt sr.Serialize ("ProtectionKdfNull", ProtectionKdf == nullptr); if (ProtectionKdf) sr.Serialize ("ProtectionKdf", ProtectionKdf->GetName()); + + sr.Serialize ("Pim", Pim); + sr.Serialize ("ProtectionPim", ProtectionPim); } TC_SERIALIZER_FACTORY_ADD_CLASS (MountOptions); diff --git a/src/Core/MountOptions.h b/src/Core/MountOptions.h index 8ccbffa0..0544d465 100644..100755 --- a/src/Core/MountOptions.h +++ b/src/Core/MountOptions.h @@ -25,9 +25,11 @@ namespace VeraCrypt NoFilesystem (false), NoHardwareCrypto (false), NoKernelCrypto (false), + Pim (-1), PartitionInSystemEncryptionScope (false), PreserveTimestamps (true), Protection (VolumeProtection::None), + ProtectionPim (-1), Removable (false), SharedAccessAllowed (false), SlotNumber (0), @@ -52,12 +54,14 @@ namespace VeraCrypt bool NoHardwareCrypto; bool NoKernelCrypto; shared_ptr <VolumePassword> Password; + int Pim; shared_ptr <Pkcs5Kdf> Kdf; bool PartitionInSystemEncryptionScope; shared_ptr <VolumePath> Path; bool PreserveTimestamps; VolumeProtection::Enum Protection; shared_ptr <VolumePassword> ProtectionPassword; + int ProtectionPim; shared_ptr <Pkcs5Kdf> ProtectionKdf; shared_ptr <KeyfileList> ProtectionKeyfiles; bool Removable; diff --git a/src/Core/Unix/CoreUnix.cpp b/src/Core/Unix/CoreUnix.cpp index 57513ded..a6d1236a 100755 --- a/src/Core/Unix/CoreUnix.cpp +++ b/src/Core/Unix/CoreUnix.cpp @@ -409,11 +409,13 @@ namespace VeraCrypt options.Path, options.PreserveTimestamps, options.Password, + options.Pim, options.Kdf, options.TrueCryptMode, options.Keyfiles, options.Protection, options.ProtectionPassword, + options.ProtectionPim, options.ProtectionKdf, options.ProtectionKeyfiles, options.SharedAccessAllowed, diff --git a/src/Core/VolumeCreator.cpp b/src/Core/VolumeCreator.cpp index 307c0bf3..be7b646a 100644..100755 --- a/src/Core/VolumeCreator.cpp +++ b/src/Core/VolumeCreator.cpp @@ -136,7 +136,7 @@ namespace VeraCrypt SecureBuffer backupHeaderSalt (VolumeHeader::GetSaltSize()); RandomNumberGenerator::GetData (backupHeaderSalt); - Options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, backupHeaderSalt); + Options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, Options->Pim, backupHeaderSalt); Layout->GetHeader()->EncryptNew (backupHeader, backupHeaderSalt, HeaderKey, Options->VolumeHeaderKdf); @@ -276,7 +276,7 @@ namespace VeraCrypt // Header key HeaderKey.Allocate (VolumeHeader::GetLargestSerializedKeySize()); PasswordKey = Keyfile::ApplyListToPassword (options->Keyfiles, options->Password); - options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, salt); + options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, options->Pim, salt); headerOptions.HeaderKey = HeaderKey; header->Create (headerBuffer, headerOptions); diff --git a/src/Core/VolumeCreator.h b/src/Core/VolumeCreator.h index 74641d58..8812e8e2 100644..100755 --- a/src/Core/VolumeCreator.h +++ b/src/Core/VolumeCreator.h @@ -22,6 +22,7 @@ namespace VeraCrypt VolumeType::Enum Type; uint64 Size; shared_ptr <VolumePassword> Password; + int Pim; shared_ptr <KeyfileList> Keyfiles; shared_ptr <Pkcs5Kdf> VolumeHeaderKdf; shared_ptr <EncryptionAlgorithm> EA; |