VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-05-26 01:36:20 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-05-26 01:38:15 +0200
commit8ebf5ac605d57eab80b600a7827d2ba48668d887 (patch)
tree6159a4d45fd79b15746b44ee986ddedb923ab91d /src/Mount
parent85e5e383f9b879736d7a793a5dc0f9bce20b8383 (diff)
downloadVeraCrypt-8ebf5ac605d57eab80b600a7827d2ba48668d887.tar.gz
VeraCrypt-8ebf5ac605d57eab80b600a7827d2ba48668d887.zip
Windows: first implementation of dynamic mode
Diffstat (limited to 'src/Mount')
-rw-r--r--src/Mount/MainCom.cpp27
-rw-r--r--src/Mount/MainCom.h2
-rw-r--r--src/Mount/MainCom.idl2
-rw-r--r--src/Mount/Mount.c187
-rw-r--r--src/Mount/Mount.h1
-rw-r--r--src/Mount/Mount.rc69
-rw-r--r--src/Mount/Resource.h8
7 files changed, 227 insertions, 69 deletions
diff --git a/src/Mount/MainCom.cpp b/src/Mount/MainCom.cpp
index 69f8bd4e..b527d428 100644
--- a/src/Mount/MainCom.cpp
+++ b/src/Mount/MainCom.cpp
@@ -67,6 +67,12 @@ public:
return S_OK;
}
+ virtual void STDMETHODCALLTYPE AnalyzeKernelMiniDump (LONG_PTR hwndDlg)
+ {
+ // Do nothing
+ MainDlg = (HWND) hwndDlg;
+ }
+
virtual int STDMETHODCALLTYPE BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume)
{
USES_CONVERSION;
@@ -100,7 +106,7 @@ public:
CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd;
if (volumePathA.m_psz)
- return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, FALSE, newPassword, pkcs5, wipePassCount, (HWND) hWnd);
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, 0, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
else
return ERR_OUTOFMEMORY;
}
@@ -151,7 +157,7 @@ public:
CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd;
if (volumePathA.m_psz)
- return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, FALSE, newPassword, pkcs5, wipePassCount, (HWND) hWnd);
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, 0, FALSE, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
else
return ERR_OUTOFMEMORY;
}
@@ -162,7 +168,18 @@ public:
CW2A volumePathA(volumePath);
MainDlg = (HWND) hWnd;
if (volumePathA.m_psz)
- return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, truecryptMode, newPassword, pkcs5, wipePassCount, (HWND) hWnd);
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, 0, truecryptMode, newPassword, pkcs5, 0, wipePassCount, (HWND) hWnd);
+ else
+ return ERR_OUTOFMEMORY;
+ }
+
+ virtual int STDMETHODCALLTYPE ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, LONG_PTR hWnd)
+ {
+ USES_CONVERSION;
+ CW2A volumePathA(volumePath);
+ MainDlg = (HWND) hWnd;
+ if (volumePathA.m_psz)
+ return ::ChangePwd (volumePathA.m_psz, oldPassword, old_pkcs5, old_pin, truecryptMode, newPassword, pkcs5, pin, wipePassCount, (HWND) hWnd);
else
return ERR_OUTOFMEMORY;
}
@@ -280,7 +297,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
}
-extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
+extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, HWND hwndDlg)
{
CComPtr<ITrueCryptMainCom> tc;
int r;
@@ -294,7 +311,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pk
{
volumeBstr.Attach (bstr);
- r = tc->ChangePasswordEx2 (volumeBstr, oldPassword, old_pkcs5, truecryptMode, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
+ r = tc->ChangePasswordEx3 (volumeBstr, oldPassword, old_pkcs5, old_pin, truecryptMode, newPassword, pkcs5, pin, wipePassCount, (LONG_PTR) hwndDlg);
}
else
r = ERR_OUTOFMEMORY;
diff --git a/src/Mount/MainCom.h b/src/Mount/MainCom.h
index c42094da..0a2afe60 100644
--- a/src/Mount/MainCom.h
+++ b/src/Mount/MainCom.h
@@ -22,7 +22,7 @@ extern "C" {
BOOL ComServerMain ();
int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);
int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);
-int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
+int UacChangePwd (char *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, HWND hwndDlg);
#ifdef __cplusplus
}
diff --git a/src/Mount/MainCom.idl b/src/Mount/MainCom.idl
index 6f04bef3..91eacb6e 100644
--- a/src/Mount/MainCom.idl
+++ b/src/Mount/MainCom.idl
@@ -24,6 +24,7 @@ library TrueCryptMainCom
]
interface ITrueCryptMainCom : IUnknown
{
+ void AnalyzeKernelMiniDump (LONG_PTR hwndDlg);
int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume);
DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output);
int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
@@ -38,6 +39,7 @@ library TrueCryptMainCom
DWORD WriteLocalMachineRegistryDwordValue (BSTR keyPath, BSTR valueName, DWORD value);
int ChangePasswordEx (BSTR volumePath, Password *oldPassword, int old_pkcs5, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
int ChangePasswordEx2 (BSTR volumePath, Password *oldPassword, int old_pkcs5, BOOL truecryptMode, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
+ int ChangePasswordEx3 (BSTR volumePath, Password *oldPassword, int old_pkcs5, int old_pin, BOOL truecryptMode, Password *newPassword, int pkcs5, int pin, int wipePassCount, LONG_PTR hWnd);
};
[
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 87f4acd0..7f8cbca2 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -123,6 +123,8 @@ Password VolumePassword; /* Password used for mounting volumes */
Password CmdVolumePassword; /* Password passed from command line */
int VolumePkcs5 = 0;
int CmdVolumePkcs5 = 0;
+int VolumePin = 0;
+int CmdVolumePin = 0;
int DefaultVolumePkcs5 = 0;
BOOL VolumeTrueCryptMode = FALSE;
BOOL CmdVolumeTrueCryptMode = FALSE;
@@ -220,6 +222,8 @@ static void localcleanup (void)
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&CmdVolumePkcs5, sizeof (CmdVolumePkcs5));
+ burn (&VolumePin, sizeof (VolumePin));
+ burn (&CmdVolumePin, sizeof (CmdVolumePin));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&CmdVolumeTrueCryptMode, sizeof (CmdVolumeTrueCryptMode));
burn (&mountOptions, sizeof (mountOptions));
@@ -682,6 +686,7 @@ void LoadSettings (HWND hwndDlg)
defaultMountOptions.ReadOnly = ConfigReadInt ("MountVolumesReadOnly", FALSE);
defaultMountOptions.ProtectHiddenVolume = FALSE;
defaultMountOptions.ProtectedHidVolPkcs5Prf = 0;
+ defaultMountOptions.ProtectedHidVolPin = 0;
defaultMountOptions.PartitionInInactiveSysEncScope = FALSE;
defaultMountOptions.RecoveryMode = FALSE;
defaultMountOptions.UseBackupHeader = FALSE;
@@ -1683,8 +1688,10 @@ typedef struct
{
Password *oldPassword;
int old_pkcs5;
+ int old_pin;
Password *newPassword;
int pkcs5;
+ int pin;
int wipePassCount;
BOOL truecryptMode;
int* pnStatus;
@@ -1711,7 +1718,7 @@ void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg)
try
{
- *pThreadParam->pnStatus = BootEncObj->ChangePassword (pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg);
+ *pThreadParam->pnStatus = BootEncObj->ChangePassword (pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pin, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pin, pThreadParam->wipePassCount, hwndDlg);
}
catch (Exception &e)
{
@@ -1723,14 +1730,14 @@ void CALLBACK ChangePwdWaitThreadProc(void* pArg, HWND hwndDlg)
{
// Non-system
- *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg);
+ *pThreadParam->pnStatus = ChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pin, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pin, pThreadParam->wipePassCount, hwndDlg);
if (*pThreadParam->pnStatus == ERR_OS_ERROR
&& GetLastError () == ERROR_ACCESS_DENIED
&& IsUacSupported ()
&& IsVolumeDeviceHosted (szFileName))
{
- *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->wipePassCount, hwndDlg);
+ *pThreadParam->pnStatus = UacChangePwd (szFileName, pThreadParam->oldPassword, pThreadParam->old_pkcs5, pThreadParam->old_pin, pThreadParam->truecryptMode, pThreadParam->newPassword, pThreadParam->pkcs5, pThreadParam->pin, pThreadParam->wipePassCount, hwndDlg);
}
}
}
@@ -1847,6 +1854,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
LocalizeDialog (hwndDlg, "IDD_PCDM_CHANGE_PKCS5_PRF");
EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE);
@@ -1860,6 +1868,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
newKeyFilesParam.EnableKeyFiles = TRUE;
EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);
@@ -1877,6 +1886,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE);
@@ -2186,11 +2196,19 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
+ int old_pin = GetPin (hwndDlg, IDC_OLD_PIN);
+ int pin = GetPin (hwndDlg, IDC_PIN);
+
if (truecryptMode && (old_pkcs5 == SHA256))
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
+ else if (truecryptMode && (old_pin != 0))
+ {
+ Error ("PIN_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
+ return 1;
+ }
if (!CheckPasswordCharEncoding (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL))
{
@@ -2198,6 +2216,13 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
return 1;
}
+ if (bSysEncPwdChangeDlgMode && (pin > MAX_BOOT_PIN_VALUE))
+ {
+ SetFocus (GetDlgItem(hwndDlg, IDC_PIN));
+ Error ("PIN_SYSENC_TOO_BIG", hwndDlg);
+ return 1;
+ }
+
if (pwdChangeDlgMode == PCDM_CHANGE_PKCS5_PRF)
{
newKeyFilesParam.EnableKeyFiles = KeyFilesEnable;
@@ -2205,7 +2230,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL)
&& pwdChangeDlgMode == PCDM_CHANGE_PASSWORD)
{
- if (!CheckPasswordLength (hwndDlg, GetDlgItem (hwndDlg, IDC_PASSWORD)))
+ if (!CheckPasswordLength (hwndDlg, GetDlgItem (hwndDlg, IDC_PASSWORD), pin, bSysEncPwdChangeDlgMode))
return 1;
}
@@ -2221,6 +2246,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
case PCDM_CHANGE_PKCS5_PRF:
memcpy (newPassword.Text, oldPassword.Text, sizeof (newPassword.Text));
newPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text);
+ pin = old_pin;
break;
default:
@@ -2245,8 +2271,10 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
ChangePwdThreadParam changePwdParam;
changePwdParam.oldPassword = &oldPassword;
changePwdParam.old_pkcs5 = old_pkcs5;
+ changePwdParam.old_pin = old_pin;
changePwdParam.newPassword = &newPassword;
changePwdParam.pkcs5 = pkcs5;
+ changePwdParam.pin = pin;
changePwdParam.wipePassCount = GetWipePassCount(headerWiperMode);
changePwdParam.pnStatus = &nStatus;
changePwdParam.truecryptMode = truecryptMode;
@@ -2256,6 +2284,8 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
err:
burn (&oldPassword, sizeof (oldPassword));
burn (&newPassword, sizeof (newPassword));
+ burn (&old_pin, sizeof(old_pin));
+ burn (&pin, sizeof(pin));
NormalCursor ();
@@ -2299,6 +2329,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
WORD lw = LOWORD (wParam);
static Password *szXPwd;
static int *pkcs5;
+ static int *pin;
static BOOL* truecryptMode;
switch (msg)
@@ -2308,6 +2339,7 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
int i, nIndex, defaultPrfIndex = 0;
szXPwd = ((PasswordDlgParam *) lParam) -> password;
pkcs5 = ((PasswordDlgParam *) lParam) -> pkcs5;
+ pin = ((PasswordDlgParam *) lParam) -> pin;
truecryptMode = ((PasswordDlgParam *) lParam) -> truecryptMode;
LocalizeDialog (hwndDlg, "IDD_PASSWORD_DLG");
DragAcceptFiles (hwndDlg, TRUE);
@@ -2356,6 +2388,16 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);
SendMessage (GetDlgItem (hwndDlg, IDC_CACHE), BM_SETCHECK, bCacheInDriver ? BST_CHECKED:BST_UNCHECKED, 0);
+ SendMessage (GetDlgItem (hwndDlg, IDC_PIN), EM_LIMITTEXT, MAX_PIN, 0);
+
+ if (*pin > 0)
+ {
+ /* display the given PIN */
+ char szTmp[MAX_PIN + 1];
+ StringCbPrintfA(szTmp, sizeof(szTmp), "%d", *pin);
+
+ SetDlgItemText (hwndDlg, IDC_PIN, szTmp);
+ }
SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable);
@@ -2453,6 +2495,19 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_SETPASSWORDCHAR, '*', 0);
InvalidateRect (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL, TRUE);
+ SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), FALSE);
+
+ if (*pin >= 0)
+ {
+ /* display the given PIN */
+ char szTmp[MAX_PIN + 1];
+ StringCbPrintfA(szTmp, sizeof(szTmp), "%d", *pin);
+
+ SetDlgItemText (hwndDlg, IDC_PIN, szTmp);
+ }
+
bPrebootPasswordDlgMode = TRUE;
}
return 1;
@@ -2504,6 +2559,8 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
/* Use default PRF specified by the user if any */
if (mountOptions.ProtectedHidVolPkcs5Prf == 0)
mountOptions.ProtectedHidVolPkcs5Prf = *pkcs5;
+ if (mountOptions.ProtectedHidVolPin == 0)
+ mountOptions.ProtectedHidVolPin = *pin;
DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg,
(DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions);
@@ -2565,6 +2622,13 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
*truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
+
+ GetWindowText (GetDlgItem (hwndDlg, IDC_PIN), tmp, MAX_PIN + 1);
+ if (strlen(tmp))
+ *pin = (int) strtol(tmp, NULL, 10); /* IDC_PIN is configured to accept only numbers */
+ else
+ *pin = 0;
+
/* SHA-256 is not supported by TrueCrypt */
if ( (*truecryptMode)
&& ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256))
@@ -2573,6 +2637,14 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
}
+
+ if ( (*truecryptMode)
+ && (*pin != 0)
+ )
+ {
+ Error ("PIN_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
+ return 1;
+ }
}
// Attempt to wipe password stored in the input field buffer
@@ -3290,7 +3362,7 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP
ListSubItemSetW (list, i++, 1, GetString (IsHiddenOSRunning() ? "TYPE_HIDDEN_SYSTEM_ADJECTIVE" : "SYSTEM_VOLUME_TYPE_ADJECTIVE"));
else
{
- bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, TRUE, prop.partitionInInactiveSysEncScope);
+ bool truecryptMode = prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope);
s = prop.hiddenVolume ? GetString ("HIDDEN") :
(prop.hiddenVolProtection != HIDVOL_PROT_STATUS_NONE ? GetString ("OUTER") : GetString ("NORMAL"));
@@ -3865,7 +3937,7 @@ LPARAM GetItemLong (HWND hTree, int itemNo)
return item.lParam;
}
-static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions)
+static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int *pin, BOOL* truecryptMode, char *titleStringId, BOOL enableMountOptions)
{
INT_PTR result;
PasswordDlgParam dlgParam;
@@ -3875,6 +3947,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL
dlgParam.password = password;
dlgParam.pkcs5 = pkcs5;
+ dlgParam.pin = pin;
dlgParam.truecryptMode = truecryptMode;
result = DialogBoxParamW (hInst,
@@ -3885,6 +3958,7 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, BOOL
{
password->Length = 0;
*pkcs5 = 0;
+ *pin = 0;
*truecryptMode = FALSE;
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@@ -3920,6 +3994,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
VolumePassword.Length = 0;
VolumePkcs5 = 0;
VolumeTrueCryptMode = FALSE;
+ VolumePin = 0;
}
if (szFileName == NULL)
@@ -3956,9 +4031,9 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
WaitCursor ();
// try TrueCrypt mode first since it is quick
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile)
@@ -3968,9 +4043,9 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile);
// try TrueCrypt mode first since it is quick
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
burn (&emptyPassword, sizeof (emptyPassword));
}
@@ -3979,9 +4054,9 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
if (!mounted && bCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0)
{
// try TrueCrypt mode first as it is quick
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
}
NormalCursor ();
@@ -4001,21 +4076,25 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
VolumePassword = CmdVolumePassword;
VolumePkcs5 = EffectiveVolumePkcs5;
VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;
+ VolumePin = CmdVolumePin;
}
else if (!Silent)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
+ int GuiPin = CmdVolumePin;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE))
goto ret;
else
{
VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
+ VolumePin = GuiPin;
burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
+ burn (&GuiPin, sizeof(GuiPin));
}
}
@@ -4024,7 +4103,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
if (KeyFilesEnable)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, !Silent);
NormalCursor ();
// Check for legacy non-ASCII passwords
@@ -4040,6 +4119,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
+ burn (&VolumePin, sizeof (VolumePin));
}
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
@@ -4075,6 +4155,7 @@ ret:
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
+ burn (&VolumePin, sizeof (VolumePin));
}
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
@@ -4304,15 +4385,18 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
+ int GuiPin = CmdVolumePin;
PasswordDlgVolume[0] = '\0';
- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE))
goto ret;
else
{
VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
+ VolumePin = GuiPin;
burn (&GuiPkcs5, sizeof(GuiPkcs5));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
+ burn (&GuiPin, sizeof(GuiPin));
}
}
else if (CmdVolumePasswordValid)
@@ -4321,6 +4405,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
VolumePassword = CmdVolumePassword;
VolumePkcs5 = EffectiveVolumePkcs5;
VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;
+ VolumePin = CmdVolumePin;
}
WaitCursor();
@@ -4374,8 +4459,8 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
goto ret;
// First try user password then cached passwords
- if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
- || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
+ if ((mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0
+ || (mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, TRUE, FALSE)) > 0)
{
// A volume has been successfully mounted
@@ -4455,6 +4540,7 @@ static BOOL MountAllDevices (HWND hwndDlg, BOOL bPasswordPrompt)
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
+ burn (&VolumePin, sizeof (VolumePin));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
@@ -4492,6 +4578,7 @@ ret:
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
+ burn (&VolumePin, sizeof (VolumePin));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@@ -5485,7 +5572,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
// Cached password
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, EffectiveVolumePkcs5, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePin, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// Command line password or keyfiles
if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile))
@@ -5496,7 +5583,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile);
mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A',
- szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount,
+ szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePin, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount,
&mountOptions, Silent, reportBadPasswd);
burn (&CmdVolumePassword, sizeof (CmdVolumePassword));
@@ -5512,17 +5599,20 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
while (!mounted && !Silent)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
+ int GuiPin = CmdVolumePin;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
VolumePassword.Length = 0;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume),szFileName);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiTrueCryptMode, NULL, TRUE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE))
break;
else
{
VolumePkcs5 = GuiPkcs5;
+ VolumePin = GuiPin;
VolumeTrueCryptMode = GuiTrueCryptMode;
burn (&GuiPkcs5, sizeof(GuiPkcs5));
+ burn (&GuiPin, sizeof(GuiPin));
burn (&GuiTrueCryptMode, sizeof(GuiTrueCryptMode));
}
@@ -5531,10 +5621,11 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);
- mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
+ mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, FALSE, TRUE);
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ burn (&VolumePin, sizeof (VolumePin));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&mountOptions.ProtectedHidVolPassword, sizeof (mountOptions.ProtectedHidVolPassword));
burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
@@ -6254,6 +6345,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5;
else
mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5;
+ mountOptions.ProtectedHidVolPin = CmdVolumePin;
if (IDCANCEL == DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg,
@@ -7387,6 +7479,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
CommandWipeCache,
OptionPkcs5,
OptionTrueCryptMode,
+ OptionPin,
};
argument args[]=
@@ -7410,6 +7503,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
{ CommandWipeCache, "/wipecache", "/w", FALSE },
{ OptionPkcs5, "/hash", NULL , FALSE },
{ OptionTrueCryptMode, "/truecrypt", "/tc", FALSE },
+ { OptionPin, "/pin", NULL, FALSE },
};
argumentspec as;
@@ -7683,6 +7777,27 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
AbortProcess ("COMMAND_LINE_ERROR");
}
break;
+
+ case OptionPin:
+ {
+ char szTmp[32] = {0};
+ if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs,
+ &i, nNoCommandLineArgs, szTmp, sizeof (szTmp)))
+ {
+ char* endPtr = NULL;
+ CmdVolumePin = (int) strtol(szTmp, &endPtr, 0);
+ if (CmdVolumePin < 0 || endPtr == szTmp || *endPtr != '\0')
+ {
+ CmdVolumePin = 0;
+ AbortProcess ("COMMAND_LINE_ERROR");
+ }
+
+ }
+ else
+ AbortProcess ("COMMAND_LINE_ERROR");
+ }
+ break;
+
case OptionTrueCryptMode:
CmdVolumeTrueCryptMode = TRUE;
break;
@@ -8115,6 +8230,7 @@ BOOL MountFavoriteVolumes (BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMou
mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5;
else
mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5;
+ mountOptions.ProtectedHidVolPin = CmdVolumePin;
if (DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), MainDlg, (DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions) == IDCANCEL)
{
status = FALSE;
@@ -8167,6 +8283,7 @@ skipMount:
MultipleMountOperationInProgress = FALSE;
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ burn (&VolumePin, sizeof (VolumePin));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
if (status && CloseSecurityTokenSessionsAfterMount)
@@ -8373,6 +8490,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
OpenVolumeContext volume;
OpenVolumeContext hiddenVolume;
Password hiddenVolPassword;
+ int hiddenVolPkcs5 = 0, hiddenVolPin = 0;
byte temporaryKey[MASTER_KEYDATA_SIZE];
byte originalK2[MASTER_KEYDATA_SIZE];
@@ -8418,10 +8536,12 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
{
OpenVolumeContext *askVol = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolume : &volume);
Password *askPassword = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPassword : &VolumePassword);
+ int* askPkcs5 = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPkcs5 : &VolumePkcs5);
+ int* askPin = (type == TC_VOLUME_TYPE_HIDDEN ? &hiddenVolPin : &VolumePin);
while (TRUE)
{
- if (!AskVolumePassword (hwndDlg, askPassword, &VolumePkcs5, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
+ if (!AskVolumePassword (hwndDlg, askPassword, askPkcs5, askPin, &VolumeTrueCryptMode, type == TC_VOLUME_TYPE_HIDDEN ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -8432,7 +8552,7 @@ int BackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, const char *lps
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, askPassword, FirstKeyFile);
- nStatus = OpenVolume (askVol, lpszVolume, askPassword, VolumePkcs5, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE);
+ nStatus = OpenVolume (askVol, lpszVolume, askPassword, *askPkcs5, *askPin, VolumeTrueCryptMode, FALSE, bPreserveTimestamp, FALSE);
NormalCursor();
@@ -8549,14 +8669,14 @@ noHidden:
}
// Store header encrypted with a new key
- nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, FALSE);
+ nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup, FALSE, volume.CryptoInfo, &VolumePassword, VolumePin, FALSE);
if (nStatus != ERR_SUCCESS)
goto error;
if (hiddenVolume.VolumeIsOpen)
{
nStatus = ReEncryptVolumeHeader (hwndDlg, (char *) backup + (legacyVolume ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE),
- FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, FALSE);
+ FALSE, hiddenVolume.CryptoInfo, &hiddenVolPassword, hiddenVolPin, FALSE);
if (nStatus != ERR_SUCCESS)
goto error;
@@ -8589,6 +8709,7 @@ error:
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ burn (&VolumePin, sizeof (VolumePin));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
burn (&hiddenVolPassword, sizeof (hiddenVolPassword));
burn (temporaryKey, sizeof (temporaryKey));
@@ -8691,7 +8812,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
while (TRUE)
{
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), lpszVolume);
- if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumeTrueCryptMode, NULL, FALSE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumePin, &VolumeTrueCryptMode, NULL, FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -8702,7 +8823,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (KeyFilesEnable && FirstKeyFile)
KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile);
- nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE);
+ nStatus = OpenVolume (&volume, lpszVolume, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode,TRUE, bPreserveTimestamp, TRUE);
NormalCursor();
@@ -8725,7 +8846,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
// Create a new header with a new salt
char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
- nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, FALSE);
+ nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, volume.CryptoInfo, &VolumePassword, VolumePin, FALSE);
if (nStatus != 0)
goto error;
@@ -8893,7 +9014,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
// Open the header
while (TRUE)
{
- if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
+ if (!AskVolumePassword (hwndDlg, &VolumePassword, &VolumePkcs5, &VolumePin, &VolumeTrueCryptMode, "ENTER_HEADER_BACKUP_PASSWORD", FALSE))
{
nStatus = ERR_SUCCESS;
goto ret;
@@ -8909,7 +9030,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (type == TC_VOLUME_TYPE_HIDDEN)
headerOffsetBackupFile += (legacyBackup ? TC_VOLUME_HEADER_SIZE_LEGACY : TC_VOLUME_HEADER_SIZE);
- nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumeTrueCryptMode, &restoredCryptoInfo, NULL);
+ nStatus = ReadVolumeHeader (FALSE, buffer + headerOffsetBackupFile, &VolumePassword, VolumePkcs5, VolumePin, VolumeTrueCryptMode, &restoredCryptoInfo, NULL);
if (nStatus == ERR_SUCCESS)
break;
}
@@ -8938,7 +9059,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
WaitCursor();
// Restore header encrypted with a new key
- nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, FALSE);
+ nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePin, FALSE);
if (nStatus != ERR_SUCCESS)
goto error;
@@ -8957,7 +9078,7 @@ int RestoreVolumeHeader (HWND hwndDlg, const char *lpszVolume)
if (!restoredCryptoInfo->LegacyVolume)
{
// Restore backup header encrypted with a new key
- nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, FALSE);
+ nStatus = ReEncryptVolumeHeader (hwndDlg, buffer, FALSE, restoredCryptoInfo, &VolumePassword, VolumePin, FALSE);
if (nStatus != ERR_SUCCESS)
goto error;
@@ -9014,6 +9135,7 @@ error:
burn (&VolumePassword, sizeof (VolumePassword));
burn (&VolumePkcs5, sizeof (VolumePkcs5));
+ burn (&VolumePin, sizeof (VolumePin));
burn (&VolumeTrueCryptMode, sizeof (VolumeTrueCryptMode));
RestoreDefaultKeyFilesParam();
RandStop (FALSE);
@@ -9574,6 +9696,7 @@ void MountSelectedVolume (HWND hwndDlg, BOOL mountWithOptions)
mountOptions.ProtectedHidVolPkcs5Prf = DefaultVolumePkcs5;
else
mountOptions.ProtectedHidVolPkcs5Prf = CmdVolumePkcs5;
+ mountOptions.ProtectedHidVolPin = CmdVolumePin;
if (IDCANCEL == DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_MOUNT_OPTIONS), hwndDlg,
(DLGPROC) MountOptionsDlgProc, (LPARAM) &mountOptions))
diff --git a/src/Mount/Mount.h b/src/Mount/Mount.h
index d6e18bb8..5a8e9fe4 100644
--- a/src/Mount/Mount.h
+++ b/src/Mount/Mount.h
@@ -52,6 +52,7 @@ typedef struct
{
Password *password;
int* pkcs5;
+ int* pin;
BOOL* truecryptMode;
} PasswordDlgParam;
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index e2aa43a3..d40eb805 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -105,35 +105,41 @@ BEGIN
CONTROL "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,192
END
-IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 330, 207
+IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 330, 245
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Change Password or Keyfiles"
CLASS "VeraCryptCustomDlg"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_OLD_PASSWORD,89,14,162,13,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,53,98,10
- PUSHBUTTON "Keyfiles...",IDC_KEYFILES,192,50,59,14
- CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,65,138,10,WS_EX_TRANSPARENT
- EDITTEXT IDC_PASSWORD,89,99,162,13,ES_PASSWORD | ES_AUTOHSCROLL
- EDITTEXT IDC_VERIFY,89,115,162,13,ES_PASSWORD | ES_AUTOHSCROLL
- CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,134,99,11
- PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,192,132,59,14
- CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,146,160,11,WS_EX_TRANSPARENT
- COMBOBOX IDC_PKCS5_PRF_ID,89,161,85,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,85,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,179,35,78,10
+ EDITTEXT IDC_OLD_PIN,89,51,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
+ CONTROL "Use keyfiles",IDC_ENABLE_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,72,98,10
+ PUSHBUTTON "Keyfiles...",IDC_KEYFILES,192,70,59,14
+ CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_ORI,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,85,138,10,WS_EX_TRANSPARENT
+ EDITTEXT IDC_PASSWORD,89,121,162,13,ES_PASSWORD | ES_AUTOHSCROLL
+ EDITTEXT IDC_VERIFY,89,137,162,13,ES_PASSWORD | ES_AUTOHSCROLL
+ EDITTEXT IDC_PIN,89,154,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
+ CONTROL "Use keyfiles",IDC_ENABLE_NEW_KEYFILES,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,172,99,11
+ PUSHBUTTON "Keyfiles...",IDC_NEW_KEYFILES,192,170,59,14
+ CONTROL "Display password",IDC_SHOW_PASSWORD_CHPWD_NEW,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,89,184,160,11,WS_EX_TRANSPARENT
+ COMBOBOX IDC_PKCS5_PRF_ID,89,199,85,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ COMBOBOX IDC_WIPE_MODE,89,218,106,90,CBS_DROPDOWNLIST | WS_TABSTOP
DEFPUSHBUTTON "OK",IDOK,264,7,59,14
PUSHBUTTON "Cancel",IDCANCEL,264,24,59,14
RTEXT "Password:",IDT_PASSWORD,12,16,72,8
- RTEXT "Password:",IDT_NEW_PASSWORD,8,102,76,8
- RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,118,75,16
- RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,162,74,10,SS_CENTERIMAGE
- GROUPBOX "Current",IDT_CURRENT,6,3,252,77
- GROUPBOX "New",IDT_NEW,6,87,252,113
- COMBOBOX IDC_WIPE_MODE,89,180,106,90,CBS_DROPDOWNLIST | WS_TABSTOP
- RTEXT "Wipe mode:",IDT_WIPE_MODE,9,182,74,8,0,WS_EX_RIGHT
- COMBOBOX IDC_PKCS5_OLD_PRF_ID,89,33,85,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ RTEXT "Password:",IDT_NEW_PASSWORD,8,124,76,8
+ RTEXT "Confirm Password:",IDT_CONFIRM_PASSWORD,9,140,75,16
+ RTEXT "PKCS-5 PRF:",IDT_NEW_PKCS5_PRF,9,200,74,10,SS_CENTERIMAGE
+ GROUPBOX "Current",IDT_CURRENT,6,3,252,97
+ GROUPBOX "New",IDT_NEW,6,108,252,130
+ RTEXT "Wipe mode:",IDT_WIPE_MODE,9,220,74,8,0,WS_EX_RIGHT
RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,12,34,74,10,SS_CENTERIMAGE
- CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,179,35,78,10
+ RTEXT "Volume PIN:",IDT_OLD_PIN,12,54,74,10
+ LTEXT "(Empty or 0 for default iterations)",IDC_OLD_PIN_HELP,135,54,119,8
+ RTEXT "Volume PIN:",IDT_PIN,9,157,75,16
+ LTEXT "(Empty or 0 for default iterations)",IDC_PIN_HELP,135,157,119,8
END
IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271
@@ -166,24 +172,27 @@ BEGIN
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDFRAME,2,151,372,119
END
-IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 91
+IDD_PASSWORD_DLG DIALOGEX 0, 0, 322, 103
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_VISIBLE | WS_CAPTION
CAPTION "Enter VeraCrypt Volume Password"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_PASSWORD,69,8,166,14,ES_PASSWORD | ES_AUTOHSCROLL
+ COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP
+ CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10
+ EDITTEXT IDC_PIN,69,43,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,50,153,10
- CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,63,83,10
- CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,75,83,11
- PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,72,64,14
- PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,72,64,14
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,153,10
+ CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,83,10
+ CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,87,83,11
+ PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,171,84,64,14
+ PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,243,84,64,14
DEFPUSHBUTTON "OK",IDOK,243,8,64,14
PUSHBUTTON "Cancel",IDCANCEL,243,25,64,14
RTEXT "Password:",IDT_PASSWORD,0,10,65,13
- COMBOBOX IDC_PKCS5_PRF_ID,69,26,86,90,CBS_DROPDOWNLIST | WS_TABSTOP
- RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,13
- CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,159,28,76,10
+ RTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,0,27,65,11
+ RTEXT "Volume PIN:",IDT_PIN,0,46,65,8
+ LTEXT "(Empty or 0 for default iterations)",IDC_PIN_HELP,115,46,189,8
END
IDD_TRAVELER_DLG DIALOGEX 0, 0, 300, 269
@@ -375,7 +384,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 323
TOPMARGIN, 7
- BOTTOMMARGIN, 200
+ BOTTOMMARGIN, 238
END
IDD_MOUNT_DLG, DIALOG
@@ -387,7 +396,7 @@ BEGIN
IDD_PASSWORD_DLG, DIALOG
BEGIN
RIGHTMARGIN, 313
- BOTTOMMARGIN, 86
+ BOTTOMMARGIN, 98
END
IDD_TRAVELER_DLG, DIALOG
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index fe57e0d1..857ef197 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -163,6 +163,12 @@
#define IDC_PKCS5_OLD_PRF_ID 1139
#define IDC_TRUECRYPT_MODE 1140
#define IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT 1141
+#define IDT_PIN 1142
+#define IDC_PIN 1143
+#define IDC_PIN_HELP 1144
+#define IDT_OLD_PIN 1145
+#define IDC_OLD_PIN 1146
+#define IDC_OLD_PIN_HELP 1147
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -238,7 +244,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 119
#define _APS_NEXT_COMMAND_VALUE 40068
-#define _APS_NEXT_CONTROL_VALUE 1142
+#define _APS_NEXT_CONTROL_VALUE 1148
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif