diff options
-rw-r--r-- | src/Common/Apidrvr.h | 1 | ||||
-rw-r--r-- | src/Common/Crypto.h | 1 | ||||
-rw-r--r-- | src/Common/Dlgcode.c | 34 | ||||
-rw-r--r-- | src/Common/Dlgcode.h | 2 | ||||
-rw-r--r-- | src/Common/Language.xml | 12 | ||||
-rw-r--r-- | src/Common/Volumes.c | 4 | ||||
-rw-r--r-- | src/Driver/DriveFilter.c | 2 | ||||
-rw-r--r-- | src/Driver/Ntdriver.c | 2 | ||||
-rw-r--r-- | src/Format/Tcformat.c | 33 | ||||
-rw-r--r-- | src/Mount/Favorites.cpp | 23 | ||||
-rw-r--r-- | src/Mount/Favorites.h | 2 | ||||
-rw-r--r-- | src/Mount/Mount.c | 111 | ||||
-rw-r--r-- | src/Mount/Mount.rc | 33 |
13 files changed, 211 insertions, 49 deletions
diff --git a/src/Common/Apidrvr.h b/src/Common/Apidrvr.h index d168cf74..b61370c7 100644 --- a/src/Common/Apidrvr.h +++ b/src/Common/Apidrvr.h @@ -140,16 +140,17 @@ typedef struct BOOL readOnly;
BOOL removable;
BOOL partitionInInactiveSysEncScope;
uint32 volumeHeaderFlags;
unsigned __int64 totalBytesRead;
unsigned __int64 totalBytesWritten;
int hiddenVolProtection; /* Hidden volume protection status (e.g. HIDVOL_PROT_STATUS_NONE, HIDVOL_PROT_STATUS_ACTIVE, etc.) */
int volFormatVersion;
+ int volumePin;
} VOLUME_PROPERTIES_STRUCT;
typedef struct
{
WCHAR symLinkName[TC_MAX_PATH];
WCHAR targetName[TC_MAX_PATH];
} RESOLVE_SYMLINK_STRUCT;
diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index 038e5430..ff743890 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -208,16 +208,17 @@ typedef struct CRYPTO_INFO_t GfCtx gf_ctx;
unsigned __int8 master_keydata[MASTER_KEYDATA_SIZE]; /* This holds the volume header area containing concatenated master key(s) and secondary key(s) (XTS mode). For LRW (deprecated/legacy), it contains the tweak key before the master key(s). For CBC (deprecated/legacy), it contains the IV seed before the master key(s). */
unsigned __int8 k2[MASTER_KEYDATA_SIZE]; /* For XTS, this contains the secondary key (if cascade, multiple concatenated). For LRW (deprecated/legacy), it contains the tweak key. For CBC (deprecated/legacy), it contains the IV seed. */
unsigned __int8 salt[PKCS5_SALT_SIZE];
int noIterations;
BOOL bTrueCryptMode;
+ int volumePin;
uint64 volume_creation_time; // Legacy
uint64 header_creation_time; // Legacy
BOOL bProtectHiddenVolume; // Indicates whether the volume contains a hidden volume to be protected against overwriting
BOOL bHiddenVolProtectionAction; // TRUE if a write operation has been denied by the driver in order to prevent the hidden volume from being overwritten (set to FALSE upon volume mount).
uint64 volDataAreaOffset; // Absolute position, in bytes, of the first data sector of the volume.
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index bfa8a32e..cc66506c 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -4348,16 +4348,32 @@ string GetUserFriendlyVersionString (int version) versionString.insert (version > 0xfff ? 2 : 1,".");
if (versionString[versionString.length()-1] == '0')
versionString.erase (versionString.length()-1, 1);
return (versionString);
}
+string IntToString (int val)
+{
+ char szTmp [64];
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%d", val);
+
+ return szTmp;
+}
+
+wstring IntToWideString (int val)
+{
+ wchar_t szTmp [64];
+ StringCbPrintfW (szTmp, sizeof(szTmp), L"%d", val);
+
+ return szTmp;
+}
+
void GetSizeString (unsigned __int64 size, wchar_t *str, size_t cbStr)
{
static wchar_t *b, *kb, *mb, *gb, *tb, *pb;
static int serNo;
if (b == NULL || serNo != LocalizationSerialNo)
{
serNo = LocalizationSerialNo;
@@ -10715,24 +10731,26 @@ std::string FindLatestFileOrDirectory (const std::string &directory, const char return name;
return string (directory) + "\\" + name;
}
int GetPin (HWND hwndDlg, UINT ctrlId)
{
int pin = 0;
- char szTmp[MAX_PIN + 1] = {0};
- GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIN + 1);
- if (strlen(szTmp))
- {
- char* endPtr = NULL;
- pin = strtol(szTmp, &endPtr, 0);
- if (pin < 0 || endPtr == szTmp || !endPtr || *endPtr != '\0')
- pin = 0;
+ if (IsWindowEnabled (GetDlgItem (hwndDlg, ctrlId)))
+ {
+ char szTmp[MAX_PIN + 1] = {0};
+ if (GetDlgItemText (hwndDlg, ctrlId, szTmp, MAX_PIN + 1) > 0)
+ {
+ char* endPtr = NULL;
+ pin = strtol(szTmp, &endPtr, 10);
+ if (pin < 0 || endPtr == szTmp || !endPtr || *endPtr != '\0')
+ pin = 0;
+ }
}
return pin;
}
void SetPin (HWND hwndDlg, UINT ctrlId, int pin)
{
if (pin > 0)
{
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 781efeee..a8d571dd 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -543,16 +543,18 @@ std::string ToUpperCase (const std::string &str); std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg);
std::string GetWindowsEdition ();
std::string FitPathInGfxWidth (HWND hwnd, HFONT hFont, LONG width, const std::string &path);
std::string GetServiceConfigPath (const char *fileName);
std::string VolumeGuidPathToDevicePath (std::string volumeGuidPath);
std::string HarddiskVolumePathToPartitionPath (const std::string &harddiskVolumePath);
std::string FindLatestFileOrDirectory (const std::string &directory, const char *namePattern, bool findDirectory, bool findFile);
std::string GetUserFriendlyVersionString (int version);
+std::string IntToString (int val);
+std::wstring IntToWideString (int val);
// Display a wait dialog while calling the provided callback with the given parameter
typedef void (CALLBACK* WaitThreadProc)(void* pArg, HWND hWaitDlg);
void ShowWaitDialog(HWND hwnd, BOOL bUseHwndAsParent, WaitThreadProc callback, void* pArg);
#endif // __cplusplus
#endif // TC_HEADER_DLGCODE
diff --git a/src/Common/Language.xml b/src/Common/Language.xml index e1cdcde7..fe94ab2e 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -592,35 +592,37 @@ <string lang="en" key="SYS_HKD_ALGO_CHANGED_ASK_RESCUE_DISK">Note that your VeraCrypt Rescue Disk still uses the previous algorithm. If you consider the previous algorithm insecure, you should create a new VeraCrypt Rescue Disk and then destroy the old one.\n\nDo you want to create a new VeraCrypt Rescue Disk?</string>
<string lang="en" key="KEYFILES_NOTE">Any kind of file (for example, .mp3, .jpg, .zip, .avi) may be used as a VeraCrypt keyfile. Note that VeraCrypt never modifies the keyfile contents. You can select more than one keyfile (the order does not matter). If you add a folder, all non-hidden files found in it will be used as keyfiles. Click 'Add Token Files' to select keyfiles stored on security tokens or smart cards (or to import keyfiles to security tokens or smart cards).</string>
<string lang="en" key="KEYFILE_CHANGED">Keyfile(s) successfully added/removed.</string>
<string lang="en" key="KEYFILE_EXPORTED">Keyfile exported.</string>
<string lang="en" key="PKCS5_PRF_CHANGED">Header key derivation algorithm successfully set.</string>
<string lang="en" key="NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP">Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, VeraCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the VeraCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step.</string>
<string lang="en" key="NONSYS_INPLACE_ENC_RESUME_VOL_SELECT_HELP">Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s).</string>
<string lang="en" key="NONSYS_INPLACE_DEC_PASSWORD_PAGE_HELP">Please enter the password and/or keyfile(s) for the non-system VeraCrypt volume that you want to decrypt.</string>
- <string lang="en" key="PASSWORD_HELP">It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of more than 20 characters (the longer, the better). The maximum possible length is 64 characters.</string>
+ <string lang="en" key="PASSWORD_HELP">It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of 20 or more characters (the longer, the better). The maximum possible length is 64 characters.</string>
<string lang="en" key="PASSWORD_HIDDENVOL_HELP">Please choose a password for the hidden volume. </string>
<string lang="en" key="PASSWORD_HIDDEN_OS_HELP">Please choose a password for the hidden operating system (i.e. for the hidden volume). </string>
<string lang="en" key="PASSWORD_HIDDEN_OS_NOTE">IMPORTANT: The password that you choose for the hidden operating system in this step must be substantially different from the other two passwords (i.e. from the password for the outer volume and from the password for the decoy operating system).</string>
<string lang="en" key="PASSWORD_HIDDENVOL_HOST_DIRECT_HELP">Please enter the password for the volume within which you wish to create a hidden volume.\n\nAfter you click Next, VeraCrypt will attempt to mount the volume. As soon as the volume is mounted, its cluster bitmap will be scanned to determine the size of the uninterrupted area of free space (if there is any) whose end is aligned with the end of the volume. This area will accommodate the hidden volume and therefore will limit its maximum possible size. Cluster map scanning is necessary to ensure that no data on the outer volume will be overwritten by the hidden volume.</string>
<string lang="en" key="PASSWORD_HIDDENVOL_HOST_HELP">\nPlease choose a password for the outer volume. This will be the password that you will be able to reveal to an adversary if you are asked or forced to do so.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume.\n\nNote: The maximum possible password length is 64 characters.</string>
<string lang="en" key="PASSWORD_SYSENC_OUTERVOL_HELP">Please choose a password for the outer volume. This will be the password you will be able to reveal to anyone forcing you to disclose the password for the first partition behind the system partition, where both the outer volume and the hidden volume (containing the hidden operating system) will reside. The existence of the hidden volume (and of the hidden operating system) will remain secret. Note that this password is not for the decoy operating system.\n\nIMPORTANT: The password must be substantially different from the one you will choose for the hidden volume (i.e. for the hidden operating system).</string>
<string lang="en" key="PASSWORD_HIDVOL_HOST_TITLE">Outer Volume Password</string>
<string lang="en" key="PASSWORD_HIDVOL_TITLE">Hidden Volume Password</string>
<string lang="en" key="PASSWORD_HIDDEN_OS_TITLE">Password for Hidden Operating System</string>
- <string lang="en" key="PASSWORD_LENGTH_WARNING">WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password?</string>
+ <string lang="en" key="PASSWORD_LENGTH_WARNING">WARNING: Short passwords are easy to crack using brute force techniques!\n\nWe recommend choosing a password consisting of 20 or more characters. Are you sure you want to use a short password?</string>
<string lang="en" key="PASSWORD_TITLE">Volume Password</string>
<string lang="en" key="PASSWORD_WRONG">Incorrect password/PRF or not a valid volume.</string>
<string lang="en" key="PASSWORD_OR_KEYFILE_WRONG">Incorrect keyfile(s) and/or password/PRF or not a valid volume.</string>
<string lang="en" key="PASSWORD_OR_MODE_WRONG">Wrong mount mode, incorrect password/PRF, or not a valid volume.</string>
<string lang="en" key="PASSWORD_OR_KEYFILE_OR_MODE_WRONG">Wrong mount mode, incorrect keyfile(s) and/or password/PRF, or not a valid volume.</string>
<string lang="en" key="PASSWORD_WRONG_AUTOMOUNT">Incorrect password/PRF or no valid volume found.</string>
<string lang="en" key="PASSWORD_OR_KEYFILE_WRONG_AUTOMOUNT">Incorrect keyfile(s)/password/PRF or no valid volume found.</string>
<string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
+ <string lang="en" key="PIN_CHANGE_WARNING">Remember Number to Mount Volume</string>
+ <string lang="en" key="PIN_SYSENC_CHANGE_WARNING">Remember Number to Boot System</string>
<string lang="en" key="PIN_SMALL_WARNING">You have chosen a Personal Iteration Number (PIN) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password?</string>
<string lang="en" key="PIN_SYSENC_TOO_BIG">Personal Iteration Number (PIN) maximum value for system encryption is 65535.</string>
<string lang="en" key="HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH">\n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View).</string>
<string lang="en" key="HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT">If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available.</string>
<string lang="en" key="FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC">VeraCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software).</string>
<string lang="en" key="SELECTED_PARTITION_ALREADY_INPLACE_ENC">The selected partition/device is already fully encrypted.\nHeader Flags = 0x%.8X</string>
<string lang="en" key="SELECTED_PARTITION_NOT_INPLACE_ENC">The selected partition/device is not using in-place encryption.\nHeader Flags = 0x%.8X</string>
<string lang="en" key="SYSENC_MOUNT_WITHOUT_PBA_NOTE">\n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'.</string>
@@ -1063,19 +1065,19 @@ <string lang="en" key="LEAKS_OUTSIDE_SYSPART_UNIVERSAL_EXPLANATION"> Otherwise, plausible deniability of the hidden operating system might be adversely affected.\n\nNote: If an adversary analyzed the content of such files (residing on a non-system partition), he might find out that you used this wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer). Also note that any such files stored on the system partition will be securely erased by VeraCrypt during the process of creation of the hidden operating system.</string>
<string lang="en" key="DECOY_OS_REINSTALL_WARNING">WARNING: During the process of creation of the hidden operating system, you will be required to fully reinstall the currently running system (in order to create a decoy system securely).\n\nNote: The currently running operating system and the entire content of the system partition will be copied to the hidden volume (in order to create the hidden system).\n\n\nAre you sure you will be able to install Windows using a Windows Setup medium (or using a service partition)?</string>
<string lang="en" key="DECOY_OS_REQUIREMENTS">For security reasons, if the currently running operating system requires activation, it must be activated before proceeding. Note that the hidden operating system will be created by copying the content of the system partition to a hidden volume (so if this operating system is not activated, the hidden operating system will not be activated either). For more information, see the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\nImportant: Before proceeding, please make sure you have read the section "Security Requirements and Precautions Pertaining to Hidden Volumes" in the VeraCrypt User's Guide.\n\n\nDoes the currently running operating system meet the above condition?</string>
<string lang="en" key="CONFIRM_HIDDEN_OS_EXTRA_BOOT_PARTITION">Your system uses an extra boot partition. VeraCrypt does not support hibernation on hidden operating systems that use an extra boot partition (decoy systems can be hibernated without any problems).\n\nPlease note that the boot partition would be shared by both the decoy and the hidden system. Therefore, in order to prevent data leaks and problems while resuming from hibernation, VeraCrypt has to prevent the hidden system from writing to the shared boot partition and from hibernating.\n\n\nDo you want to continue? If you select 'No', instructions for removing the extra boot partition will be displayed.</string>
<string lang="en" key="EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS">\nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).</string>
<string lang="en" key="GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION">Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions).</string>
<string lang="en" key="ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">This algorithm is currently not supported for system encryption.</string>
<string lang="en" key="ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">This algorithm is not supported for TrueCrypt mode.</string>
- <string lang="en" key="PIN_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">PIN (Personal Iteration Count) not supported for TrueCrypt mode.</string>
- <string lang="en" key="PIN_REQUIRE_LONG_PASSWORD">Password must contain more than 20 characters in order to use the specified PIN.\nShorter passwords can only be used if the PIN is greater than 485.</string>
- <string lang="en" key="BOOT_PIN_REQUIRE_LONG_PASSWORD">Pre-boot authentication Password must contain more than 20 characters in order to use the specified PIN.\nShorter passwords can only be used if the PIN is greater than 98.</string>
+ <string lang="en" key="PIN_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">PIN (Personal Iteration Number) not supported for TrueCrypt mode.</string>
+ <string lang="en" key="PIN_REQUIRE_LONG_PASSWORD">Password must contain 20 or more characters in order to use the specified PIN.\nShorter passwords can only be used if the PIN is 485 or greater.</string>
+ <string lang="en" key="BOOT_PIN_REQUIRE_LONG_PASSWORD">Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIN.\nShorter passwords can only be used if the PIN is 98 or greater.</string>
<string lang="en" key="KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">Keyfiles are currently not supported for system encryption.</string>
<string lang="en" key="CANNOT_RESTORE_KEYBOARD_LAYOUT">Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly.</string>
<string lang="en" key="CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION">Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout.</string>
<string lang="en" key="ALT_KEY_CHARS_NOT_FOR_SYS_ENCRYPTION">As VeraCrypt temporarily changed the keyboard layout to the standard US keyboard layout, it is not possible to type characters by pressing keys while the right Alt key is held down. However, you can type most of such characters by pressing appropriate keys while the Shift key is held down.</string>
<string lang="en" key="KEYB_LAYOUT_CHANGE_PREVENTED">VeraCrypt prevented change of keyboard layout.</string>
<string lang="en" key="KEYB_LAYOUT_SYS_ENC_EXPLANATION">Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard.</string>
<string lang="en" key="RESCUE_DISK_INFO">Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (TRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the TRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the TRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The TRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below.</string>
<string lang="en" key="RESCUE_DISK_WIN_ISOBURN_PRELAUNCH_NOTE">After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions.</string>
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c index 567df7ee..283be2ea 100644 --- a/src/Common/Volumes.c +++ b/src/Common/Volumes.c @@ -489,16 +489,17 @@ KeyReady: ; // Preserve scheduled header keys if requested
if (retHeaderCryptoInfo)
{
if (retInfo == NULL)
{
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations;
cryptoInfo->bTrueCryptMode = truecryptMode;
+ cryptoInfo->volumePin = pin;
goto ret;
}
cryptoInfo = *retInfo = crypto_open ();
if (cryptoInfo == NULL)
{
status = ERR_OUTOFMEMORY;
goto err;
@@ -511,16 +512,17 @@ KeyReady: ; memcpy (keyInfo.master_keydata, header + HEADER_MASTER_KEYDATA_OFFSET, MASTER_KEYDATA_SIZE);
memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
// PKCS #5
memcpy (cryptoInfo->salt, keyInfo.salt, PKCS5_SALT_SIZE);
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->noIterations = keyInfo.noIterations;
cryptoInfo->bTrueCryptMode = truecryptMode;
+ cryptoInfo->volumePin = pin;
// Init the cipher with the decrypted master key
status = EAInit (cryptoInfo->ea, keyInfo.master_keydata + primaryKeyOffset, cryptoInfo->ks);
if (status == ERR_CIPHER_INIT_FAILURE)
goto err;
switch (cryptoInfo->mode)
{
@@ -800,16 +802,18 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea, keyInfo.noIterations = get_pkcs5_iteration_count (pkcs5_prf, pin, FALSE, bBoot);
// User selected encryption algorithm
cryptoInfo->ea = ea;
// User selected PRF
cryptoInfo->pkcs5 = pkcs5_prf;
cryptoInfo->bTrueCryptMode = FALSE;
+ cryptoInfo->noIterations = keyInfo.noIterations;
+ cryptoInfo->volumePin = pin;
// Mode of operation
cryptoInfo->mode = mode;
// Salt for header key derivation
if (!RandgetBytes (hwndDlg, keyInfo.salt, PKCS5_SALT_SIZE, !bWipeMode))
return ERR_CIPHER_INIT_WEAK_KEY;
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index 9330f179..007d9d21 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -806,16 +806,17 @@ void ReopenBootVolumeHeader (PIRP irp, PIO_STACK_LOCATION irpSp) if (ReadVolumeHeader (!BootDriveFilterExtension->HiddenSystem, header, &request->VolumePassword, request->pkcs5_prf, request->pin, FALSE, NULL, BootDriveFilterExtension->HeaderCryptoInfo) == 0)
{
Dump ("Header reopened\n");
BootDriveFilterExtension->Queue.CryptoInfo->header_creation_time = BootDriveFilterExtension->HeaderCryptoInfo->header_creation_time;
BootDriveFilterExtension->Queue.CryptoInfo->pkcs5 = BootDriveFilterExtension->HeaderCryptoInfo->pkcs5;
BootDriveFilterExtension->Queue.CryptoInfo->noIterations = BootDriveFilterExtension->HeaderCryptoInfo->noIterations;
+ BootDriveFilterExtension->Queue.CryptoInfo->volumePin = BootDriveFilterExtension->HeaderCryptoInfo->volumePin;
irp->IoStatus.Status = STATUS_SUCCESS;
}
else
{
crypto_close (BootDriveFilterExtension->HeaderCryptoInfo);
BootDriveFilterExtension->HeaderCryptoInfo = NULL;
@@ -1579,16 +1580,17 @@ void GetBootDriveVolumeProperties (PIRP irp, PIO_STACK_LOCATION irpSp) else
{
prop->hiddenVolume = Extension->Queue.CryptoInfo->hiddenVolume;
prop->diskLength = Extension->ConfiguredEncryptedAreaEnd + 1 - Extension->ConfiguredEncryptedAreaStart;
prop->ea = Extension->Queue.CryptoInfo->ea;
prop->mode = Extension->Queue.CryptoInfo->mode;
prop->pkcs5 = Extension->Queue.CryptoInfo->pkcs5;
prop->pkcs5Iterations = Extension->Queue.CryptoInfo->noIterations;
+ prop->volumePin = Extension->Queue.CryptoInfo->volumePin;
#if 0
prop->volumeCreationTime = Extension->Queue.CryptoInfo->volume_creation_time;
prop->headerCreationTime = Extension->Queue.CryptoInfo->header_creation_time;
#endif
prop->volFormatVersion = Extension->Queue.CryptoInfo->LegacyVolume ? TC_VOLUME_FORMAT_VERSION_PRE_6_0 : TC_VOLUME_FORMAT_VERSION;
prop->totalBytesRead = Extension->Queue.TotalBytesRead;
prop->totalBytesWritten = Extension->Queue.TotalBytesWritten;
diff --git a/src/Driver/Ntdriver.c b/src/Driver/Ntdriver.c index 1d29b52f..c3a220e1 100644 --- a/src/Driver/Ntdriver.c +++ b/src/Driver/Ntdriver.c @@ -1222,16 +1222,17 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex {
prop->uniqueId = ListExtension->UniqueVolumeId;
RtlStringCbCopyW (prop->wszVolume, sizeof(prop->wszVolume),ListExtension->wszVolume);
prop->diskLength = ListExtension->DiskLength;
prop->ea = ListExtension->cryptoInfo->ea;
prop->mode = ListExtension->cryptoInfo->mode;
prop->pkcs5 = ListExtension->cryptoInfo->pkcs5;
prop->pkcs5Iterations = ListExtension->cryptoInfo->noIterations;
+ prop->volumePin = ListExtension->cryptoInfo->volumePin;
#if 0
prop->volumeCreationTime = ListExtension->cryptoInfo->volume_creation_time;
prop->headerCreationTime = ListExtension->cryptoInfo->header_creation_time;
#endif
prop->volumeHeaderFlags = ListExtension->cryptoInfo->HeaderFlags;
prop->readOnly = ListExtension->bReadOnly;
prop->removable = ListExtension->bRemovable;
prop->partitionInInactiveSysEncScope = ListExtension->PartitionInInactiveSysEncScope;
@@ -1419,16 +1420,17 @@ NTSTATUS ProcessMainDeviceControlIrp (PDEVICE_OBJECT DeviceObject, PEXTENSION Ex Irp->IoStatus.Status = MountDevice (DeviceObject, mount);
burn (&mount->VolumePassword, sizeof (mount->VolumePassword));
burn (&mount->ProtectedHidVolPassword, sizeof (mount->ProtectedHidVolPassword));
burn (&mount->pkcs5_prf, sizeof (mount->pkcs5_prf));
burn (&mount->VolumePin, sizeof (mount->VolumePin));
burn (&mount->bTrueCryptMode, sizeof (mount->bTrueCryptMode));
burn (&mount->ProtectedHidVolPkcs5Prf, sizeof (mount->ProtectedHidVolPkcs5Prf));
+ burn (&mount->ProtectedHidVolPin, sizeof (mount->ProtectedHidVolPin));
}
break;
case TC_IOCTL_DISMOUNT_VOLUME:
if (ValidateIOBufferSize (Irp, sizeof (UNMOUNT_STRUCT), ValidateInputOutput))
{
UNMOUNT_STRUCT *unmount = (UNMOUNT_STRUCT *) Irp->AssociatedIrp.SystemBuffer;
PDEVICE_OBJECT ListDevice = GetVirtualVolumeDeviceObject (unmount->nDosDriveNo);
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index 574d61eb..a59ec4a4 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -3474,22 +3474,24 @@ static BOOL FileSize4GBLimitQuestionNeeded (void) /* Except in response to the WM_INITDIALOG message, the dialog box procedure
should return nonzero if it processes the message, and zero if it does
not. - see DialogProc */
BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
WORD lw = LOWORD (wParam);
WORD hw = HIWORD (wParam);
+ static BOOL PinValueChangedWarning = FALSE;
hCurPage = hwndDlg;
switch (uMsg)
{
case WM_INITDIALOG:
+ PinValueChangedWarning = FALSE;
LocalizeDialog (hwndDlg, "IDD_VOL_CREATION_WIZARD_DLG");
UpdateLastDialogId ();
switch (nCurPageNo)
{
case INTRO_PAGE:
@@ -4149,16 +4151,19 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD));
SendMessage (GetDlgItem (hwndDlg, IDC_PIN), EM_LIMITTEXT, SysEncInEffect()? MAX_BOOT_PIN: MAX_PIN, 0);
if (volumePin > 0)
{
char szTmp[MAX_PIN + 1];
StringCbPrintfA(szTmp, sizeof(szTmp), "%d", volumePin);
SetWindowText (GetDlgItem (hwndDlg, IDC_PIN), szTmp);
+
+ PinValueChangedWarning = TRUE;
+ SetDlgItemTextW (hwndDlg, IDC_PIN_HELP, GetString (SysEncInEffect ()? "PIN_SYSENC_CHANGE_WARNING" : "PIN_CHANGE_WARNING"));
}
SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, KeyFilesEnable && !SysEncInEffect());
EnableWindow (GetDlgItem (hwndDlg, IDC_KEY_FILES), KeyFilesEnable);
SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str);
if (CreatingHiddenSysVol())
@@ -4908,16 +4913,30 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa case WM_HELP:
OpenPageHelp (GetParent (hwndDlg), nCurPageNo);
return 1;
case TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS:
AfterSysEncProgressWMInitTasks (hwndDlg);
return 1;
+ case WM_CTLCOLORSTATIC:
+ {
+ if (PinValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIN_HELP)) )
+ {
+ // we're about to draw the static
+ // set the text colour in (HDC)lParam
+ SetBkMode((HDC)wParam,TRANSPARENT);
+ SetTextColor((HDC)wParam, RGB(255,0,0));
+ // NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle.
+ return (BOOL)GetSysColorBrush(COLOR_MENU);
+ }
+ }
+ return 0;
+
case WM_COMMAND:
if (nCurPageNo == INTRO_PAGE)
{
switch (lw)
{
case IDC_FILE_CONTAINER:
UpdateWizardModeControls (hwndDlg, WIZARD_MODE_FILE_CONTAINER);
@@ -5288,16 +5307,30 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT),
GetDlgItem (hwndDlg, IDC_PASSWORD),
GetDlgItem (hwndDlg, IDC_VERIFY),
NULL,
NULL,
KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());
volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
+ if (lw == IDC_PIN)
+ {
+ if(GetPin (hwndDlg, IDC_PIN) != 0)
+ {
+ PinValueChangedWarning = TRUE;
+ SetDlgItemTextW (hwndDlg, IDC_PIN_HELP, GetString (SysEncInEffect ()? "PIN_SYSENC_CHANGE_WARNING" : "PIN_CHANGE_WARNING"));
+ }
+ else
+ {
+ PinValueChangedWarning = FALSE;
+ SetDlgItemTextW (hwndDlg, IDC_PIN_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIN_HELP));
+ }
+ }
+
return 1;
}
if (lw == IDC_SHOW_PASSWORD && nCurPageNo == PASSWORD_PAGE)
{
SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD),
EM_SETPASSWORDCHAR,
GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD) ? 0 : '*',
diff --git a/src/Mount/Favorites.cpp b/src/Mount/Favorites.cpp index a1a469bc..6fe871a0 100644 --- a/src/Mount/Favorites.cpp +++ b/src/Mount/Favorites.cpp @@ -8,16 +8,17 @@ #include "Tcdefs.h"
#include "Platform/Finally.h"
#include "Platform/ForEach.h"
#include "BootEncryption.h"
#include "Dlgcode.h"
#include "Language.h"
#include "Mount.h"
+#include "Common/Resource.h"
#include "Resource.h"
#include "Xml.h"
#include "Favorites.h"
using namespace std;
namespace VeraCrypt
{
@@ -81,16 +82,17 @@ namespace VeraCrypt FindVolumeClose (find);
}
}
favorite.ReadOnly = prop.readOnly ? true : false;
favorite.Removable = prop.removable ? true : false;
favorite.SystemEncryption = prop.partitionInInactiveSysEncScope ? true : false;
favorite.OpenExplorerWindow = (bExplore == TRUE);
+ favorite.Pin = prop.volumePin;
if (favorite.VolumePathId.empty()
&& IsVolumeDeviceHosted (favorite.Path.c_str())
&& favorite.Path.find ("\\\\?\\Volume{") != 0)
{
Warning (favorite.Path.find ("\\Partition0") == string::npos ? "FAVORITE_ADD_PARTITION_TYPE_WARNING" : "FAVORITE_ADD_DRIVE_DEV_WARNING", hwndDlg);
}
@@ -542,16 +544,21 @@ namespace VeraCrypt XmlGetNodeText (xml, volume, sizeof (volume));
favorite.Path = WideToSingleString (Utf8StringToWide (volume));
char label[1024];
XmlGetAttributeText (xml, "label", label, sizeof (label));
favorite.Label = Utf8StringToWide (label);
+ XmlGetAttributeText (xml, "pin", label, sizeof (label));
+ favorite.Pin = strtol (label, NULL, 10);
+ if (favorite.Pin < 0)
+ favorite.Pin = 0;
+
char boolVal[2];
XmlGetAttributeText (xml, "readonly", boolVal, sizeof (boolVal));
if (boolVal[0])
favorite.ReadOnly = (boolVal[0] == '1');
XmlGetAttributeText (xml, "removable", boolVal, sizeof (boolVal));
if (boolVal[0])
favorite.Removable = (boolVal[0] == '1');
@@ -671,16 +678,19 @@ namespace VeraCrypt XmlQuoteText (!favorite.VolumePathId.empty() ? favorite.VolumePathId.c_str() : favorite.Path.c_str(), tq, sizeof (tq));
wstring s = L"\n\t\t<volume mountpoint=\"" + SingleStringToWide (favorite.MountPoint) + L"\"";
if (!favorite.Label.empty())
s += L" label=\"" + favorite.Label + L"\"";
+ if (favorite.Pin > 0)
+ s += L" pin=\"" + IntToWideString(favorite.Pin) + L"\"";
+
if (favorite.ReadOnly)
s += L" readonly=\"1\"";
if (favorite.Removable)
s += L" removable=\"1\"";
if (favorite.SystemEncryption)
s += L" system=\"1\"";
@@ -758,16 +768,24 @@ namespace VeraCrypt }
return true;
}
static void SetControls (HWND hwndDlg, const FavoriteVolume &favorite, bool systemFavoritesMode, bool enable)
{
+ if (favorite.Pin > 0)
+ {
+ char szTmp[MAX_PIN + 1];
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%d", favorite.Pin);
+ SetDlgItemText (hwndDlg, IDC_PIN, szTmp);
+ }
+ else
+ SetDlgItemText (hwndDlg, IDC_PIN, "");
SetDlgItemTextW (hwndDlg, IDC_FAVORITE_LABEL, favorite.Label.c_str());
SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON, favorite.MountOnLogOn);
SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL, favorite.MountOnArrival);
SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_READONLY, favorite.ReadOnly);
SetCheckBox (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE, favorite.Removable);
if (systemFavoritesMode)
{
@@ -783,16 +801,19 @@ namespace VeraCrypt {
SetCheckBox (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT, favorite.OpenExplorerWindow);
SetCheckBox (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY, favorite.DisableHotkeyMount);
}
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_UP), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOVE_DOWN), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_REMOVE), enable);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PIN), enable);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), enable);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN_HELP), enable);
EnableWindow (GetDlgItem (hwndDlg, IDT_FAVORITE_LABEL), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_LABEL), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON), enable && !systemFavoritesMode);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL), enable && !systemFavoritesMode);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_READONLY), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE), enable);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT), enable || systemFavoritesMode);
EnableWindow (GetDlgItem (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY), enable || systemFavoritesMode);
@@ -810,16 +831,18 @@ namespace VeraCrypt {
if (favorite.Label[i] == L'"')
favorite.Label.at (i) = L'\'';
}
}
else
favorite.Label.clear();
+ favorite.Pin = GetPin (hwndDlg, IDC_PIN);
+
favorite.ReadOnly = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_READONLY) != 0);
favorite.Removable = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_REMOVABLE) != 0);
if (!systemFavoritesMode)
{
favorite.MountOnLogOn = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_ON_LOGON) != 0);
favorite.MountOnArrival = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_MOUNT_ON_ARRIVAL) != 0);
favorite.DisableHotkeyMount = (IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY) != 0);
diff --git a/src/Mount/Favorites.h b/src/Mount/Favorites.h index f91905d8..3a0a771b 100644 --- a/src/Mount/Favorites.h +++ b/src/Mount/Favorites.h @@ -12,31 +12,33 @@ #include <Tcdefs.h>
namespace VeraCrypt
{
struct FavoriteVolume
{
FavoriteVolume()
:
+ Pin (0),
DisableHotkeyMount (false),
DisconnectedDevice (false),
MountOnLogOn (false),
MountOnArrival (false),
OpenExplorerWindow (false),
ReadOnly (false),
Removable (false),
SystemEncryption (false)
{
}
string Path;
string MountPoint;
string VolumePathId;
wstring Label;
+ int Pin;
bool DisableHotkeyMount;
bool DisconnectedDevice;
bool MountOnLogOn;
bool MountOnArrival;
bool OpenExplorerWindow;
bool ReadOnly;
bool Removable;
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index df9ecb58..ba3ee861 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -1780,37 +1780,42 @@ void CALLBACK RestoreHeaderWaitThreadProc(void* pArg, HWND hwndDlg) }
/* Except in response to the WM_INITDIALOG message, the dialog box procedure
should return nonzero if it processes the message, and zero if it does
not. - see DialogProc */
BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam)
{
static KeyFilesDlgParam newKeyFilesParam;
+ static BOOL PinValueChangedWarning = FALSE;
WORD lw = LOWORD (wParam);
WORD hw = HIWORD (wParam);
switch (msg)
{
case WM_INITDIALOG:
{
LPARAM nIndex;
HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_OLD_PRF_ID);
int i;
WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220;
+ PinValueChangedWarning = FALSE;
+
ZeroMemory (&newKeyFilesParam, sizeof (newKeyFilesParam));
SetWindowTextW (hwndDlg, GetString ("IDD_PASSWORDCHANGE_DLG"));
LocalizeDialog (hwndDlg, "IDD_PASSWORDCHANGE_DLG");
SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);
SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD), EM_LIMITTEXT, MAX_PASSWORD, 0);
SendMessage (GetDlgItem (hwndDlg, IDC_VERIFY), EM_LIMITTEXT, MAX_PASSWORD, 0);
+ SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PIN), EM_LIMITTEXT, MAX_PIN, 0);
+ SendMessage (GetDlgItem (hwndDlg, IDC_PIN), EM_LIMITTEXT, MAX_PIN, 0);
EnableWindow (GetDlgItem (hwndDlg, IDOK), FALSE);
SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, KeyFilesEnable);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), TRUE);
/* Add PRF algorithm list for current password */
SendMessage (hComboBox, CB_RESETCONTENT, 0, 0);
@@ -1849,31 +1854,35 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR switch (pwdChangeDlgMode)
{
case PCDM_CHANGE_PKCS5_PRF:
SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_CHANGE_PKCS5_PRF"));
LocalizeDialog (hwndDlg, "IDD_PCDM_CHANGE_PKCS5_PRF");
EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PIN), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN_HELP), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);
break;
case PCDM_ADD_REMOVE_VOL_KEYFILES:
SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_ADD_REMOVE_VOL_KEYFILES"));
LocalizeDialog (hwndDlg, "IDD_PCDM_ADD_REMOVE_VOL_KEYFILES");
newKeyFilesParam.EnableKeyFiles = TRUE;
EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PIN), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN_HELP), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE);
break;
case PCDM_REMOVE_ALL_KEYFILES_FROM_VOL:
@@ -1881,17 +1890,19 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR SetWindowTextW (hwndDlg, GetString ("IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL"));
LocalizeDialog (hwndDlg, "IDD_PCDM_REMOVE_ALL_KEYFILES_FROM_VOL");
KeyFilesEnable = TRUE;
SetCheckBox (hwndDlg, IDC_ENABLE_KEYFILES, TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_KEYFILES), TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_KEYFILES), TRUE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_VERIFY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PIN), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN_HELP), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_NEW_KEYFILES), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_NEW), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_NEW_KEYFILES), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_NEW_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_CONFIRM_PASSWORD), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDT_PKCS5_PRF), FALSE);
EnableWindow (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), FALSE);
break;
@@ -2013,16 +2024,30 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONINFORMATION | MB_SETFOREGROUND | MB_TOPMOST);
}
}
}
return 1;
}
return 0;
+ case WM_CTLCOLORSTATIC:
+ {
+ if (PinValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIN_HELP)) )
+ {
+ // we're about to draw the static
+ // set the text colour in (HDC)lParam
+ SetBkMode((HDC)wParam,TRANSPARENT);
+ SetTextColor((HDC)wParam, RGB(255,0,0));
+ // NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle.
+ return (BOOL)GetSysColorBrush(COLOR_MENU);
+ }
+ }
+ return 0;
+
case WM_COMMAND:
if (lw == IDCANCEL)
{
// Attempt to wipe passwords stored in the input field buffers
char tmp[MAX_PASSWORD+1];
memset (tmp, 'X', MAX_PASSWORD);
tmp[MAX_PASSWORD] = 0;
SetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), tmp);
@@ -2035,17 +2060,38 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR }
if (hw == EN_CHANGE)
{
PasswordChangeEnable (hwndDlg, IDOK,
IDC_OLD_PASSWORD,
KeyFilesEnable && FirstKeyFile != NULL,
IDC_PASSWORD, IDC_VERIFY,
- newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL);
+ newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL);
+
+ if ((lw == IDC_OLD_PIN) && IsWindowEnabled (GetDlgItem (hwndDlg, IDC_PIN)))
+ {
+ char tmp[MAX_PIN+1] = {0};
+ GetDlgItemText (hwndDlg, IDC_OLD_PIN, tmp, MAX_PIN + 1);
+ SetDlgItemText (hwndDlg, IDC_PIN, tmp);
+ }
+
+ if (lw == IDC_PIN)
+ {
+ if(GetPin (hwndDlg, IDC_OLD_PIN) != GetPin (hwndDlg, IDC_PIN))
+ {
+ PinValueChangedWarning = TRUE;
+ SetDlgItemTextW (hwndDlg, IDC_PIN_HELP, GetString (bSysEncPwdChangeDlgMode? "PIN_SYSENC_CHANGE_WARNING" : "PIN_CHANGE_WARNING"));
+ }
+ else
+ {
+ PinValueChangedWarning = FALSE;
+ SetDlgItemTextW (hwndDlg, IDC_PIN_HELP, (wchar_t *) GetDictionaryValueByInt (IDC_PIN_HELP));
+ }
+ }
return 1;
}
if (lw == IDC_KEYFILES)
{
if (bSysEncPwdChangeDlgMode)
{
@@ -2149,16 +2195,24 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR }
}
break;
}
return 1;
}
+ if (lw == IDC_TRUECRYPT_MODE)
+ {
+ BOOL bEnablePin = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE;
+ EnableWindow (GetDlgItem (hwndDlg, IDT_OLD_PIN), bEnablePin);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIN), bEnablePin);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_OLD_PIN_HELP), bEnablePin);
+ }
+
if (lw == IDC_SHOW_PASSWORD_CHPWD_ORI)
{
SendMessage (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD),
EM_SETPASSWORDCHAR,
GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD_CHPWD_ORI) ? 0 : '*',
0);
InvalidateRect (GetDlgItem (hwndDlg, IDC_OLD_PASSWORD), NULL, TRUE);
return 1;
@@ -2562,16 +2616,24 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa SendMessage (GetDlgItem (hwndDlg, IDC_PASSWORD),
EM_SETPASSWORDCHAR,
GetCheckBox (hwndDlg, IDC_SHOW_PASSWORD) ? 0 : '*',
0);
InvalidateRect (GetDlgItem (hwndDlg, IDC_PASSWORD), NULL, TRUE);
return 1;
}
+ if (lw == IDC_TRUECRYPT_MODE)
+ {
+ BOOL bEnablePin = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE) ? FALSE: TRUE;
+ EnableWindow (GetDlgItem (hwndDlg, IDT_PIN), bEnablePin);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN), bEnablePin);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_PIN_HELP), bEnablePin);
+ }
+
if (lw == IDC_KEY_FILES)
{
KeyFilesDlgParam param;
param.EnableKeyFiles = KeyFilesEnable;
param.FirstKeyFile = FirstKeyFile;
if (IDOK == DialogBoxParamW (hInst,
MAKEINTRESOURCEW (IDD_KEYFILES), hwndDlg,
@@ -2604,21 +2666,17 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa GetWindowText (GetDlgItem (hwndDlg, IDC_PASSWORD), (LPSTR) szXPwd->Text, MAX_PASSWORD + 1);
szXPwd->Length = (unsigned __int32) strlen ((char *) szXPwd->Text);
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
*truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
- GetWindowText (GetDlgItem (hwndDlg, IDC_PIN), tmp, MAX_PIN + 1);
- if (strlen(tmp))
- *pin = (int) strtol(tmp, NULL, 10); /* IDC_PIN is configured to accept only numbers */
- else
- *pin = 0;
+ *pin = GetPin (hwndDlg, IDC_PIN);
/* SHA-256 is not supported by TrueCrypt */
if ( (*truecryptMode)
&& ((*pkcs5 == SHA256) || (mountOptions.ProtectHiddenVolume && mountOptions.ProtectedHidVolPkcs5Prf == SHA256))
)
{
Error ("ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE", hwndDlg);
return 1;
@@ -3438,17 +3496,23 @@ BOOL CALLBACK VolumePropertiesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LP ListSubItemSetW (list, i++, 1, sw);
// Mode
ListItemAddW (list, i, GetString ("MODE_OF_OPERATION"));
ListSubItemSet (list, i++, 1, EAGetModeName (prop.ea, prop.mode, TRUE));
// PKCS 5 PRF
ListItemAddW (list, i, GetString ("PKCS5_PRF"));
- ListSubItemSet (list, i++, 1, get_pkcs5_prf_name (prop.pkcs5));
+ if (prop.volumePin == 0)
+ ListSubItemSet (list, i++, 1, get_pkcs5_prf_name (prop.pkcs5));
+ else
+ {
+ StringCbPrintfA (szTmp, sizeof(szTmp), "%s (Dynamic)", get_pkcs5_prf_name (prop.pkcs5));
+ ListSubItemSet (list, i++, 1, szTmp);
+ }
#if 0
// PCKS 5 iterations
ListItemAddW (list, i, GetString ("PKCS5_ITERATIONS"));
sprintf (szTmp, "%d", prop.pkcs5Iterations);
ListSubItemSet (list, i++, 1, szTmp);
#endif
@@ -3961,22 +4025,23 @@ static int AskVolumePassword (HWND hwndDlg, Password *password, int *pkcs5, int burn (&mountOptions.ProtectedHidVolPkcs5Prf, sizeof (mountOptions.ProtectedHidVolPkcs5Prf));
}
return result == IDOK;
}
// GUI actions
-static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName)
+static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName, int pin)
{
BOOL status = FALSE;
char fileName[MAX_PATH];
int mounted = 0, EffectiveVolumePkcs5 = CmdVolumePkcs5;
BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;
+ int EffectiveVolumePin = (pin < 0)? CmdVolumePin : pin;
/* Priority is given to command line parameters
* Default values used only when nothing specified in command line
*/
if (EffectiveVolumePkcs5 == 0)
EffectiveVolumePkcs5 = DefaultVolumePkcs5;
if (!EffectiveVolumeTrueCryptMode)
EffectiveVolumeTrueCryptMode = DefaultVolumeTrueCryptMode;
@@ -4022,43 +4087,46 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) goto ret;
}
ResetWrongPwdRetryCount ();
// First try cached passwords and if they fail ask user for a new one
WaitCursor ();
- // try TrueCrypt mode first since it is quick
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ // try TrueCrypt mode first since it is quick, only if pin = 0
+ if (EffectiveVolumePin == 0)
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePin, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
// If keyfiles are enabled, test empty password first
if (!mounted && KeyFilesEnable && FirstKeyFile)
{
Password emptyPassword;
emptyPassword.Length = 0;
KeyFilesApply (hwndDlg, &emptyPassword, FirstKeyFile);
- // try TrueCrypt mode first since it is quick
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ // try TrueCrypt mode first since it is quick, only if pin = 0
+ if (EffectiveVolumePin == 0)
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &emptyPassword, 0, EffectiveVolumePin, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
burn (&emptyPassword, sizeof (emptyPassword));
}
// Test password and/or keyfiles used for the previous volume
if (!mounted && bCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0)
{
- // try TrueCrypt mode first as it is quick
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ // try TrueCrypt mode first as it is quick, only if pin = 0
+ if (EffectiveVolumePin == 0)
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
if (!mounted)
- mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, 0, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
+ mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, &VolumePassword, 0, EffectiveVolumePin, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
}
NormalCursor ();
if (mounted)
{
// Check for problematic file extensions (exe, dll, sys)
@@ -4068,23 +4136,23 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName) while (mounted == 0)
{
if (CmdVolumePassword.Length > 0)
{
VolumePassword = CmdVolumePassword;
VolumePkcs5 = EffectiveVolumePkcs5;
VolumeTrueCryptMode = EffectiveVolumeTrueCryptMode;
- VolumePin = CmdVolumePin;
+ VolumePin = EffectiveVolumePin;
}
else if (!Silent)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
- int GuiPin = CmdVolumePin;
+ int GuiPin = EffectiveVolumePin;
StringCbCopyA (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
if (!AskVolumePassword (hwndDlg, &VolumePassword, &GuiPkcs5, &GuiPin, &GuiTrueCryptMode, NULL, TRUE))
goto ret;
else
{
VolumePkcs5 = GuiPkcs5;
VolumeTrueCryptMode = GuiTrueCryptMode;
@@ -4201,17 +4269,17 @@ static BOOL Dismount (HWND hwndDlg, int nDosDriveNo) void __cdecl mountThreadFunction (void *hwndDlgArg)
{
HWND hwndDlg =(HWND) hwndDlgArg;
// Disable parent dialog during processing to avoid user interaction
EnableWindow(hwndDlg, FALSE);
finally_do_arg (HWND, hwndDlg, { EnableWindow(finally_arg, TRUE); });
- Mount (hwndDlg, 0, 0);
+ Mount (hwndDlg, 0, 0, -1);
}
static BOOL DismountAll (HWND hwndDlg, BOOL forceUnmount, BOOL interact, int dismountMaxRetries, int dismountAutoRetryDelay)
{
BOOL status = TRUE;
MOUNT_LIST_STRUCT mountList = {0};
DWORD dwResult;
UNMOUNT_STRUCT unmount = {0};
@@ -8092,16 +8160,17 @@ void DismountIdleVolumes () if ( bResult
&& ( (prop.driveNo == i) && prop.uniqueId >= 0
&& prop.ea >= EAGetFirst() && prop.ea <= EAGetCount()
&& prop.mode >= FIRST_MODE_OF_OPERATION_ID && prop.mode <= LAST_MODE_OF_OPERATION
&& prop.pkcs5 >= FIRST_PRF_ID && prop.pkcs5 <= LAST_PRF_ID
&& prop.pkcs5Iterations > 0
&& prop.hiddenVolProtection >= 0 && prop.volFormatVersion >= 0
+ && prop.volumePin >= 0
)
)
{
if (LastRead[i] == prop.totalBytesRead
&& LastWritten[i] == prop.totalBytesWritten
&& LastId[i] == prop.uniqueId)
{
if (++InactivityTime[i] >= MaxVolumeIdleTime)
@@ -8232,17 +8301,17 @@ BOOL MountFavoriteVolumes (BOOL systemFavorites, BOOL logOnMount, BOOL hotKeyMou {
status = FALSE;
goto skipMount;
}
}
BOOL prevReadOnly = mountOptions.ReadOnly;
- if (!Mount (MainDlg, drive, (char *) favorite.Path.c_str()))
+ if (!Mount (MainDlg, drive, (char *) favorite.Path.c_str(), favorite.Pin))
status = FALSE;
if (status && mountOptions.ReadOnly != prevReadOnly)
userForcedReadOnly = mountOptions.ReadOnly;
skipMount:
bExplore = lastbExplore;
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index d40eb805..135cdd77 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -307,44 +307,47 @@ BEGIN DEFPUSHBUTTON "OK",IDOK,257,185,50,14
PUSHBUTTON "Cancel",IDCANCEL,313,185,50,14
LTEXT "Processor (CPU) in this computer supports hardware acceleration for AES:",IDT_HW_AES_SUPPORTED_BY_CPU,18,23,273,9
GROUPBOX "Hardware Acceleration",IDT_ACCELERATION_OPTIONS,7,6,355,74
GROUPBOX "Thread-Based Parallelization",IDT_PARALLELIZATION_OPTIONS,7,84,355,93
LTEXT "",IDT_LIMIT_ENC_THREAD_POOL_NOTE,18,126,334,33
END
-IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 276
+IDD_FAVORITE_VOLUMES DIALOGEX 0, 0, 380, 315
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Favorite Volumes"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
CONTROL "",IDC_FAVORITE_VOLUMES_LIST,"SysListView32",LVS_REPORT | LVS_SINGLESEL | LVS_SHOWSELALWAYS | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,7,366,92
PUSHBUTTON "Move &Up",IDC_FAVORITE_MOVE_UP,7,104,63,14
PUSHBUTTON "Move &Down",IDC_FAVORITE_MOVE_DOWN,74,104,63,14
PUSHBUTTON "&Remove",IDC_FAVORITE_REMOVE,310,104,63,14
- EDITTEXT IDC_FAVORITE_LABEL,16,142,204,13,ES_AUTOHSCROLL
+ EDITTEXT IDC_FAVORITE_LABEL,16,173,204,13,ES_AUTOHSCROLL
CONTROL "Mount selected volume as read-o&nly",IDC_FAVORITE_MOUNT_READONLY,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,162,349,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,193,349,10
CONTROL "Mount selected volume as remo&vable medium",IDC_FAVORITE_MOUNT_REMOVABLE,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,176,349,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,207,349,10
CONTROL "Mount selected volume upon log&on",IDC_FAVORITE_MOUNT_ON_LOGON,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,190,349,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,221,349,10
CONTROL "Mount selected volume when its host device gets &connected",IDC_FAVORITE_MOUNT_ON_ARRIVAL,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,204,349,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,235,349,10
CONTROL "Open &Explorer window for selected volume when successfully mounted",IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,218,349,11
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,249,349,11
CONTROL "Do not mount selected volume when 'Mount Favorite Volumes' &hot key is pressed",IDC_FAVORITE_DISABLE_HOTKEY,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,232,349,11
- LTEXT "Help on favorite volumes",IDC_FAVORITES_HELP_LINK,17,259,237,10,SS_NOTIFY
- DEFPUSHBUTTON "OK",IDOK,269,257,50,14
- PUSHBUTTON "Cancel",IDCANCEL,323,257,50,14
- GROUPBOX "",IDC_FAV_VOL_OPTIONS_GROUP_BOX,7,121,366,130
- LTEXT "Label of selected favorite volume:",IDT_FAVORITE_LABEL,18,132,202,8
- GROUPBOX "Global Settings",IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX,7,202,366,49
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,264,349,11
+ LTEXT "Help on favorite volumes",IDC_FAVORITES_HELP_LINK,17,298,237,10,SS_NOTIFY
+ DEFPUSHBUTTON "OK",IDOK,269,296,50,14
+ PUSHBUTTON "Cancel",IDCANCEL,323,296,50,14
+ GROUPBOX "",IDC_FAV_VOL_OPTIONS_GROUP_BOX,7,122,366,159
+ LTEXT "Label of selected favorite volume:",IDT_FAVORITE_LABEL,18,163,202,8
+ GROUPBOX "Global Settings",IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX,7,230,366,57
+ EDITTEXT IDC_PIN,16,143,42,14,ES_RIGHT | ES_AUTOHSCROLL | ES_NUMBER
+ LTEXT "(Empty or 0 for default iterations)",IDC_PIN_HELP,64,145,189,8
+ LTEXT "Volume PIN:",IDT_PIN,18,133,65,8
END
IDD_DEFAULT_MOUNT_PARAMETERS DIALOGEX 0, 0, 167, 65
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - Mount Parameters"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
DEFPUSHBUTTON "OK",IDOK,57,44,50,14
@@ -438,17 +441,17 @@ BEGIN BOTTOMMARGIN, 199
END
IDD_FAVORITE_VOLUMES, DIALOG
BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 373
TOPMARGIN, 7
- BOTTOMMARGIN, 269
+ BOTTOMMARGIN, 308
END
IDD_DEFAULT_MOUNT_PARAMETERS, DIALOG
BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 160
TOPMARGIN, 7
BOTTOMMARGIN, 58
|