diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-12-08 17:06:52 +0100 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-12-08 17:53:28 +0100 |
commit | 4262d4feb71aaade721ae5d06eec63ac07144a8f (patch) | |
tree | 2ea6df1dc4f31e7a6c11600b22f8e9a896b71b53 /src/Mount | |
parent | e131d7a6070bbeb6b406fbaa54f8528e0dcace89 (diff) | |
download | VeraCrypt-4262d4feb71aaade721ae5d06eec63ac07144a8f.tar.gz VeraCrypt-4262d4feb71aaade721ae5d06eec63ac07144a8f.zip |
Windows: Enhancement to favorites handling. Add PRF/TrueCryptMode fields in favorites management dialog, and use default mount parameters when mounting multiple favorites at once.
Diffstat (limited to 'src/Mount')
-rw-r--r-- | src/Mount/Favorites.cpp | 84 | ||||
-rw-r--r-- | src/Mount/Favorites.h | 4 | ||||
-rw-r--r-- | src/Mount/Mount.c | 74 | ||||
-rw-r--r-- | src/Mount/Mount.rc | 17 |
4 files changed, 144 insertions, 35 deletions
diff --git a/src/Mount/Favorites.cpp b/src/Mount/Favorites.cpp index c27fed5f..ee34272f 100644 --- a/src/Mount/Favorites.cpp +++ b/src/Mount/Favorites.cpp @@ -21,6 +21,7 @@ #include "Resource.h" #include "Xml.h" #include "Favorites.h" +#include "Pkcs5.h" using namespace std; @@ -98,6 +99,8 @@ namespace VeraCrypt favorite.SystemEncryption = prop.partitionInInactiveSysEncScope ? true : false; favorite.OpenExplorerWindow = (bExplore == TRUE); favorite.Pim = prop.volumePim; + favorite.Pkcs5 = prop.pkcs5; + favorite.TrueCryptMode = (prop.pkcs5Iterations == get_pkcs5_iteration_count(prop.pkcs5, 0, TRUE, prop.partitionInInactiveSysEncScope))? 1 : 0; memcpy (favorite.VolumeID, prop.volumeID, VOLUME_ID_SIZE); if (favorite.VolumePathId.empty() @@ -669,6 +672,30 @@ namespace VeraCrypt favorite.DisconnectedDevice = true; } + XmlGetAttributeText (xml, "TrueCryptMode", boolVal, sizeof (boolVal)); + if (boolVal[0]) + favorite.TrueCryptMode = (boolVal[0] == '1')? 1 : 0; + else + favorite.TrueCryptMode = -1; + + if (favorite.TrueCryptMode) + favorite.Pim = 0; + + XmlGetAttributeText (xml, "pkcs5", label, sizeof (label)); + if (label[0]) + favorite.Pkcs5 = strtol (label, NULL, 10); + else + favorite.Pkcs5 = -1; + if ( (favorite.Pkcs5 != -1) + && ( (favorite.Pkcs5 < FIRST_PRF_ID) + || (favorite.Pkcs5 > LAST_PRF_ID) + || (favorite.TrueCryptMode == 1 && (0 == get_pkcs5_iteration_count (favorite.Pkcs5, 0, TRUE, favorite.SystemEncryption? TRUE : FALSE))) + ) + ) + { + favorite.Pkcs5 = -1; + } + favorites.push_back (favorite); xml++; } @@ -762,6 +789,14 @@ namespace VeraCrypt if (favorite.Pim > 0) s += L" pim=\"" + IntToWideString(favorite.Pim) + L"\""; + if (favorite.Pkcs5 > 0) + s += L" pkcs5=\"" + IntToWideString(favorite.Pkcs5) + L"\""; + + if (favorite.TrueCryptMode > 0) + s += L" TrueCryptMode=\"1\""; + else if (favorite.TrueCryptMode == 0) + s += L" TrueCryptMode=\"0\""; + if (favorite.ReadOnly) s += L" readonly=\"1\""; @@ -871,6 +906,29 @@ namespace VeraCrypt SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_READONLY, favorite.ReadOnly); SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE, favorite.Removable); SetCheckBox (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID, favorite.UseVolumeID && bIsDevice); + SetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE, (favorite.TrueCryptMode > 0)? TRUE : FALSE); + + /* Populate the PRF algorithms list */ + int nIndex, i, nSelected = 0; + HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID); + SendMessage (hComboBox, CB_RESETCONTENT, 0, 0); + + nIndex = (int) SendMessageW (hComboBox, CB_ADDSTRING, 0, (LPARAM) GetString ("AUTODETECTION")); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) 0); + + for (i = FIRST_PRF_ID; i <= LAST_PRF_ID; i++) + { + if (!favorite.SystemEncryption || (favorite.TrueCryptMode != 1) || (i == RIPEMD160)) + { + nIndex = (int) SendMessage (hComboBox, CB_ADDSTRING, 0, (LPARAM) get_pkcs5_prf_name(i)); + SendMessage (hComboBox, CB_SETITEMDATA, nIndex, (LPARAM) i); + if (favorite.Pkcs5 == i) + nSelected = nIndex; + } + } + + if (favorite.Pkcs5 >= 0) + SendMessage (hComboBox, CB_SETCURSEL, nSelected, 0); if (IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID)) || !bIsDevice) { @@ -898,6 +956,9 @@ namespace VeraCrypt EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_UP), enable); EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_DOWN), enable); EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_REMOVE), enable); + EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), enable && !favorite.SystemEncryption); + EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), enable && !favorite.SystemEncryption); + EnableWindow (GetDlgItem (hwndDlg, IDC_TRUECRYPT_MODE), enable && !favorite.SystemEncryption); EnableWindow (GetDlgItem (hwndDlg, IDT_PIM), enable); EnableWindow (GetDlgItem (hwndDlg, IDC_PIM), enable); EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PIM), enable); @@ -971,6 +1032,29 @@ namespace VeraCrypt favorite.Pim = GetPim (hwndDlg, IDC_PIM); favorite.UseLabelInExplorer = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_USE_LABEL_IN_EXPLORER) != 0); favorite.UseVolumeID = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_USE_VOLUME_ID) != 0); + int nSelected = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0); + if (nSelected != CB_ERR) + favorite.Pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, nSelected, 0); + else + favorite.Pkcs5 = -1; + BOOL selectedTrueCryptMode = (IsDlgButtonChecked (hwndDlg, IDC_TRUECRYPT_MODE) != 0)? 1 : 0; + if ((favorite.TrueCryptMode >= 0) || selectedTrueCryptMode) + favorite.TrueCryptMode = selectedTrueCryptMode; + + if (favorite.TrueCryptMode == 1) + { + if ((favorite.Pkcs5 > 0) && !is_pkcs5_prf_supported (favorite.Pkcs5, TRUE, favorite.SystemEncryption? PRF_BOOT_MBR : PRF_BOOT_NO)) + { + Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + favorite.Pkcs5 = 0; + } + + if (favorite.Pim > 0) + { + Error ("PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); + favorite.Pim = 0; + } + } favorite.ReadOnly = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_READONLY) != 0); favorite.Removable = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE) != 0); diff --git a/src/Mount/Favorites.h b/src/Mount/Favorites.h index acb9c8d4..6c75590b 100644 --- a/src/Mount/Favorites.h +++ b/src/Mount/Favorites.h @@ -22,6 +22,8 @@ namespace VeraCrypt FavoriteVolume() : Pim (0), + Pkcs5 (-1), + TrueCryptMode (-1), DisableHotkeyMount (false), DisconnectedDevice (false), MountOnLogOn (false), @@ -41,6 +43,8 @@ namespace VeraCrypt wstring VolumePathId; wstring Label; int Pim; + int Pkcs5; + int TrueCryptMode; BYTE VolumeID[VOLUME_ID_SIZE]; bool DisableHotkeyMount; diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index fe4d5605..265f651a 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -2506,7 +2506,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR int old_pim = GetPim (hwndDlg, IDC_OLD_PIM); int pim = GetPim (hwndDlg, IDC_PIM); - if (truecryptMode && (old_pkcs5 == SHA256)) + if (truecryptMode && !is_pkcs5_prf_supported (old_pkcs5, TRUE, PRF_BOOT_NO)) { Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); return 1; @@ -2973,9 +2973,9 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa *pim = GetPim (hwndDlg, IDC_PIM); - /* SHA-256 is not supported by TrueCrypt */ + /* check that PRF is supported in TrueCrypt Mode */ if ( (*truecryptMode) - && ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256)) + && ((!is_pkcs5_prf_supported (*pkcs5, TRUE, PRF_BOOT_NO)) || (mountOptions.ProtectHiddenVolume && !is_pkcs5_prf_supported (mountOptions.ProtectedHidVolPkcs5Prf, TRUE, PRF_BOOT_NO))) ) { Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); @@ -4556,25 +4556,44 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int // GUI actions -static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim) +static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim, int pkcs5, int trueCryptMode) { BOOL status = FALSE; wchar_t fileName[MAX_PATH]; - int mounted = 0, EffectiveVolumePkcs5 = CmdVolumePkcs5; - BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode; + int mounted = 0, EffectiveVolumePkcs5 = 0; + BOOL EffectiveVolumeTrueCryptMode = FALSE; int EffectiveVolumePim = (pim < 0)? CmdVolumePim : pim; BOOL bEffectiveCacheDuringMultipleMount = bCmdCacheDuringMultipleMount? TRUE: bCacheDuringMultipleMount; BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed; BOOL bUseCmdVolumePassword = CmdVolumePasswordValid && ((CmdVolumePassword.Length > 0) || (KeyFilesEnable && FirstKeyFile)); - /* Priority is given to command line parameters - * Default values used only when nothing specified in command line + /* Priority is given to arguments and command line parameters + * Default values used only when nothing specified */ - if (EffectiveVolumePkcs5 == 0) + if (pkcs5 > 0) + EffectiveVolumePkcs5 = pkcs5; + else if (CmdVolumePkcs5 > 0) + EffectiveVolumePkcs5 = CmdVolumePkcs5; + else EffectiveVolumePkcs5 = DefaultVolumePkcs5; - if (!EffectiveVolumeTrueCryptMode) + + if (trueCryptMode >= 0) + EffectiveVolumeTrueCryptMode = (trueCryptMode == 0)? FALSE : TRUE; + else if (CmdVolumeTrueCryptMode) + EffectiveVolumeTrueCryptMode = TRUE; + else EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode; + if (EffectiveVolumeTrueCryptMode) + { + /* No PIM Mode if TrueCrypt Mode specified */ + EffectiveVolumePim = 0; + + /* valdate the effective PRF is compatible with TrueCrypt Mode */ + if (!is_pkcs5_prf_supported (EffectiveVolumePkcs5, TRUE, mountOptions.PartitionInInactiveSysEncScope? PRF_BOOT_MBR : PRF_BOOT_NO)) + EffectiveVolumePkcs5 = 0; + } + bPrebootPasswordDlgMode = mountOptions.PartitionInInactiveSysEncScope; if (nDosDriveNo == -1) @@ -4632,11 +4651,10 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim) if (!bUseCmdVolumePassword) { // First try cached passwords and if they fail ask user for a new one - // try TrueCrypt mode first since it is quick, only if no custom pim specified - if (EffectiveVolumePim <= 0) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + if (EffectiveVolumeTrueCryptMode) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + else + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); // If keyfiles are enabled, test empty password first if (!mounted && KeyFilesEnable && FirstKeyFile && bEffectiveTryEmptyPasswordWhenKeyfileUsed) @@ -4644,11 +4662,11 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim) Password emptyPassword = {0}; KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile, szFileName); - // try TrueCrypt mode first since it is quick, only if no custom pim specified - if (EffectiveVolumePim <= 0) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + + if (EffectiveVolumeTrueCryptMode) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + else + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); burn (&emptyPassword, sizeof (emptyPassword)); } @@ -4658,10 +4676,10 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim) if (!mounted && bEffectiveCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0) { // try TrueCrypt mode first as it is quick, only if no custom pim specified - if (EffectiveVolumePim <= 0) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); - if (!mounted) - mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + if (EffectiveVolumeTrueCryptMode) + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, 0, TRUE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); + else + mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, EffectiveVolumePkcs5, EffectiveVolumePim, FALSE, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, Silent, FALSE); } NormalCursor (); @@ -4811,7 +4829,7 @@ void __cdecl mountThreadFunction (void *hwndDlgArg) EnableWindow(hwndDlg, FALSE); finally_do_arg2 (HWND, hwndDlg, BOOL, bIsForeground, { EnableWindow(finally_arg, TRUE); if (finally_arg2) BringToForeground (finally_arg); bPrebootPasswordDlgMode = FALSE;}); - Mount (hwndDlg, -1, 0, -1); + Mount (hwndDlg, -1, 0, -1, -1, -1); } typedef struct @@ -9283,7 +9301,7 @@ static BOOL MountFavoriteVolumeBase (HWND hwnd, const FavoriteVolume &favorite, if (ServiceMode) SystemFavoritesServiceLogInfo (wstring (L"Mounting system favorite \"") + effectiveVolumePath + L"\""); - status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim); + status = Mount (hwnd, drive, (wchar_t *) effectiveVolumePath.c_str(), favorite.Pim, favorite.Pkcs5, favorite.TrueCryptMode); if (ServiceMode) { @@ -10785,9 +10803,9 @@ static BOOL CALLBACK DefaultMountParametersDlgProc (HWND hwndDlg, UINT msg, WPAR { int pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); BOOL truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); - /* SHA-256 is not supported by TrueCrypt */ + /* check that PRF is supported in TrueCrypt Mode */ if ( (truecryptMode) - && (pkcs5 == SHA256) + && (!is_pkcs5_prf_supported(pkcs5, TRUE, PRF_BOOT_NO)) ) { Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg); diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index 26050225..8a056c0c 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -355,16 +355,19 @@ BEGIN GROUPBOX "",IDC_FAV_VOL_OPTIONS_GROUP_BOX,7,123,366,219 LTEXT "Label of selected favorite volume:",IDT_FAVORITE_LABEL,18,215,202,8 GROUPBOX "Global Settings",IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX,7,300,366,42 - EDITTEXT IDC_PIM,18,183,42,13,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,64,185,189,8 - LTEXT "Volume PIM:",IDT_PIM,18,173,65,8 - CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,199,150,10 + EDITTEXT IDC_PIM,87,183,42,13,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER + LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,135,186,189,8 + LTEXT "Volume PIM:",IDT_PIM,18,185,65,8 + CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,200,150,10 CONTROL "Use favorite label as Explorer drive label",IDC_FAVORITE_USE_LABEL_IN_EXPLORER, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,242,349,10 - LTEXT "Volume ID:",IDT_VOLUME_ID,18,131,57,8 - EDITTEXT IDC_FAVORITE_VOLUME_ID,18,141,344,14,ES_AUTOHSCROLL | ES_READONLY + LTEXT "Volume ID:",IDT_VOLUME_ID,18,132,62,8 + EDITTEXT IDC_FAVORITE_VOLUME_ID,87,130,275,14,ES_AUTOHSCROLL | ES_READONLY CONTROL "Use Volume ID to mount favorite",IDC_FAVORITE_USE_VOLUME_ID, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,159,337,10 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,148,337,10 + COMBOBOX IDC_PKCS5_PRF_ID,87,166,96,90,CBS_DROPDOWNLIST | WS_TABSTOP + CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,189,168,76,10 + LTEXT "PKCS-5 PRF:",IDT_PKCS5_PRF,19,168,63,10 END IDD_DEFAULT_MOUNT_PARAMETERS DIALOGEX 0, 0, 167, 65 |