<entry lang="de" key="IDCANCEL">Abbrechen</entry>

<entry lang="de" key="IDC_ALL_USERS">Für &amp;alle Benutzer installieren</entry>

<entry lang="de" key="IDC_BROWSE">Su&amp;chen ...</entry>

<entry lang="de" key="IDC_DESKTOP_ICON">VeraCrypt-Symbol auf dem &amp;Desktop erstellen</entry>

<entry lang="de" key="IDC_DONATE">Jetzt spenden ...</entry>

<entry lang="de" key="IDC_FILE_TYPE">Verknüpft die &amp;Dateierweiterung .hc mit VeraCrypt</entry>

<entry lang="de" key="IDC_OPEN_CONTAINING_FOLDER">&amp;Den Speicherort nach dem Beenden öffnen</entry>

<entry lang="de" key="IDC_PROG_GROUP">VeraCrypt ins &amp;Startmenü eintragen</entry>

<entry lang="de" key="IDC_SYSTEM_RESTORE">&amp;Wiederherstellungspunkt erstellen</entry>

<entry lang="de" key="IDC_UNINSTALL">&amp;Deinstallieren</entry>

<entry lang="de" key="IDC_MB">&amp;MB</entry>

<entry lang="de" key="IDC_MORE_INFO_ON_CONTAINERS">Mehr Informationen</entry>

<entry lang="de" key="IDC_MORE_INFO_ON_SYS_ENCRYPTION">Mehr Informationen über die Systemverschlüsselung</entry>

<entry lang="de" key="IDC_MORE_INFO_SYS_ENCRYPTION">Mehr Informationen</entry>

<entry lang="de" key="IDC_MULTI_BOOT">Mehrere Betriebssysteme</entry>

<entry lang="de" key="IDC_NONSYS_DEVICE">Partition bzw. Laufwerk verschlüsseln</entry>

<entry lang="de" key="IDC_NO_HISTORY">Verlauf &amp;nicht speichern</entry>

<entry lang="de" key="IDC_OPEN_OUTER_VOLUME">Äußeres Volume öffnen</entry>

<entry lang="de" key="IDC_PAUSE">&amp;Pause</entry>

<entry lang="de" key="IDC_PIM_ENABLE">P&amp;IM verwenden</entry>

<entry lang="de" key="IDC_QUICKFORMAT">Schnell-Formatierung</entry>

<entry lang="de" key="IDC_SHOW_PASSWORD">Passwort an&amp;zeigen</entry>

<entry lang="de" key="IDC_SHOW_PASSWORD_SINGLE">&amp;Passwort anzeigen</entry>

<entry lang="de" key="IDC_SHOW_PIM">PIM &amp;anzeigen</entry>

<entry lang="de" key="IDC_SINGLE_BOOT">Ein Betriebssystem</entry>

<entry lang="de" key="IDC_STD_VOL">Standard-VeraCrypt-Volume</entry>

<entry lang="de" key="IDC_SYSENC_HIDDEN">V&amp;ersteckt</entry>

<entry lang="de" key="IDC_SYSENC_NORMAL">Normal</entry>

<entry lang="de" key="IDC_SYS_DEVICE">Systempartition bzw. Systemlaufwerk verschlüsseln</entry>

<entry lang="de" key="IDC_SYS_PARTITION">Die Windows-Systempartition verschlüsseln</entry>

<entry lang="de" key="IDC_WHOLE_SYS_DRIVE">Gesamtes Laufwerk verschlüsseln</entry>

<entry lang="de" key="IDT_CLUSTER">Cluster </entry>

<entry lang="de" key="IDT_COLLECTING_RANDOM_DATA_NOTE">WICHTIG: Bewegen Sie den Mauszeiger in diesem Fenster mindestens 30 Sekunden zufällig hin und her. Je länger Sie die Maus bewegen, desto besser ist die Verschlüsselung. Klicken Sie dann auf „Weiter“, um fortzufahren.</entry>

<entry lang="de" key="IDT_CONFIRM">&amp;Bestätigung:</entry>

<entry lang="de" key="IDT_DONE">Fertig</entry>

<entry lang="de" key="IDT_DRIVE_LETTER">Laufwerksbuchstabe:</entry>

<entry lang="de" key="IDT_ENCRYPTION_ALGO">Verschlüsselungsalgorithmus</entry>

<entry lang="de" key="IDT_FILESYSTEM">Dateisystem </entry>

<entry lang="de" key="IDT_FILE_CONTAINER">Erstellt ein verschlüsseltes virtuelles Laufwerk, das als Datei gespeichert wird. Für Anfänger empfohlen.</entry>

<entry lang="de" key="IDT_FORMAT_OPTIONS">Optionen</entry>

<entry lang="de" key="IDT_HASH_ALGO">Hash-Algorithmus</entry>

<entry lang="de" key="IDT_PARTIAL_POOL_CONTENTS">Aktueller Inhalte-Pool (teilweise)</entry>

<entry lang="de" key="IDT_PASS">Durchgang</entry>

<entry lang="de" key="IDT_PASSWORD">&amp;Passwort:</entry>

<entry lang="de" key="IDT_PIM">Volume-PIM:</entry>

<entry lang="de" key="IDT_OLD_PIM">Volume-PIM:</entry>

<entry lang="de" key="IDT_PROGRESS">Fortschritt:</entry>

<entry lang="de" key="IDT_RANDOM_POOL">Zufallswerte: </entry>

<entry lang="de" key="IDT_SINGLE_BOOT">Diese Option wählen, wenn sich nur ein Betriebssystem auf dem Computer befindet (auch bei mehreren Benutzern).</entry>

<entry lang="de" key="IDT_SPEED">Geschw.</entry>

<entry lang="de" key="IDT_STATUS">Status</entry>

<entry lang="de" key="IDT_SYS_DEVICE">Partition/Laufwerk verschlüsseln, auf dem Windows installiert ist. Jeder, der Zugang zum System erlangen möchte, muss das korrekte Passwort bei jedem Start von Windows eingeben. Eine Alternative dazu ist das Erstellen eines versteckten Systems.</entry>

<entry lang="de" key="IDT_SYS_PARTITION">Die Partition verschlüsseln, auf der das derzeit laufende Windows installiert ist.</entry>

<entry lang="de" key="IDT_VOLUME_LABEL">Volume-Bezeichnung in Windows:</entry>

<entry lang="de" key="IDT_WIPE_MODE">Löschmodus:</entry>

<entry lang="de" key="IDCLOSE">Schließen</entry>

<entry lang="de" key="IDC_ALLOW_ESC_PBA_BYPASS">Erlauben, die Pre-Boot-&amp;Authentifikation durch Drücken von Esc zu überspringen (aktiviert Bootmanager)</entry>

<entry lang="de" key="IDC_AUTORUN_DISABLE">Nichts machen</entry>

<entry lang="de" key="IDC_AUTORUN_MOUNT">&amp;VeraCrypt-Volume automatisch einhängen (wie unten angegeben)</entry>

<entry lang="de" key="IDC_AUTORUN_START">&amp;VeraCrypt starten</entry>

<entry lang="de" key="IDC_AUTO_DETECT_PKCS11_MODULE">Bibliothek auto&amp;matisch erkennen</entry>

<entry lang="de" key="FILESYS_PAGE_TITLE">Große Dateien</entry>

<entry lang="de" key="FILESYS_PAGE_HELP_QUESTION">Beabsichtigen Sie, Dateien größer als 4 GB in diesem VeraCrypt-Volume zu speichern?</entry>

<entry lang="de" key="FILESYS_PAGE_HELP_EXPLANATION">Je nach Auswahl wird VeraCrypt ein geeignetes Dateisystem für das Volume wählen (im nächsten Schritt änderbar).</entry>

<entry lang="de" key="FILESYS_PAGE_HELP_EXPLANATION_HIDVOL">Da Sie ein äußeres Volume erstellen, sollten Sie „Nein“ wählen. Wenn Sie „Ja“ wählen, wird NTFS als Standard-Dateisystem gewählt. Es ist für äußere Volumes weniger geeignet als FAT/exFAT (z. B. wird die maximal mögliche Größe des versteckten Volumes erheblich größer sein, wenn das äußere Volume mit FAT/exFAT formatiert ist). Normalerweise ist FAT die Standardeinstellung für versteckte und normale Volumes (somit sind FAT-Volumes nicht verdächtig). Wenn Sie allerdings die Absicht haben, Dateien &gt; 4 GB auf dem äußeren Volume zu speichern (was FAT nicht zulässt), dann sollte NTFS gewählt werden.</entry>

<entry lang="de" key="FILESYS_PAGE_HELP_EXPLANATION_HIDVOL_CONFIRM">Sind Sie sicher, dass Sie „Ja“ wählen möchten?</entry>

<entry lang="de" key="DEVICE_TRANSFORM_MODE_PAGE_TITLE">Volume-Erstellungsmodus</entry>

<entry lang="de" key="DEVICE_TRANSFORM_MODE_PAGE_FORMAT_HELP">Dies ist der schnellste Weg, um ein partitionsbasiertes oder laufwerksbasiertes VeraCrypt-Volume zu erstellen. Die „in-place“-Verschlüsselung ist langsamer, da die Inhalte von jedem Sektor zuerst gelesen, verschlüsselt und dann geschrieben werden müssen. Alle Daten, die zurzeit auf der ausgewählten Partition/dem Laufwerk sind, gehen verloren. Die Daten werden NICHT verschlüsselt, sondern mit Zufallsdaten überschrieben. Wenn Sie vorhandene Daten auf einer Partition verschlüsseln möchten, dann wählen Sie die andere Option.</entry>

<entry lang="de" key="DEVICE_TRANSFORM_MODE_PAGE_INPLACE_HELP">Die gesamte ausgewählte Partition und alle darauf gespeicherten Daten werden „in-place“ verschlüsselt. Wenn die Partition leer ist, dann sollten Sie die andere Option wählen (das Volume wird dann viel schneller erstellt).</entry>

<entry lang="de" key="NOTE_BEGINNING">Hinweis: </entry>

<entry lang="de" key="RESUME">&amp;Weiter</entry>

<entry lang="de" key="START">&amp;Start</entry>

<entry lang="de" key="CONTINUE">&amp;Fortsetzen</entry>

<entry lang="de" key="FORMAT">&amp;Formatieren</entry>

<entry lang="de" key="WIPE">&amp;Löschen</entry>

<entry lang="de" key="FORMAT_ABORT">Formatierung abbrechen?</entry>

<entry lang="de" key="SHOW_MORE_INFORMATION">Zeige mehr Informat.</entry>

<entry lang="de" key="DO_NOT_SHOW_THIS_AGAIN">Nicht noch einmal anzeigen</entry>

<entry lang="de" key="WIPE_FINISHED">Der Inhalt der Partition/des Laufwerks wurde erfolgreich gelöscht.</entry>

<entry lang="de" key="WIPE_FINISHED_DECOY_SYSTEM_PARTITION">Der Inhalt der Partition, auf der das ursprüngliche System lag (eine Kopie des versteckten Systems), wurde erfolgreich gelöscht.</entry>

<entry lang="de" key="DECOY_OS_VERSION_WARNING">Bitte stellen Sie sicher, dass die Windows-Version, die Sie installieren werden, die gleiche ist wie die Version, die sie gerade laufen haben. Dies ist notwendig, da beide Systeme dieselbe Bootpartition verwenden werden.</entry>

<entry lang="de" key="WDE_UNSUPPORTED_FOR_MULTIPLE_SYSTEMS_ON_ONE_DRIVE">VeraCrypt unterstützt derzeit nicht die Verschlüsselung eines ganzen Laufwerks, auf dem mehrere Betriebssysteme sind.\n\nMögliche Lösungen:\n\n- Sie können eines der Systeme verschlüsseln, wenn Sie zurückgehen und sich für das Verschlüsseln einer einzelnen Partition entscheiden (im Gegensatz zur Auswahl für das Verschlüsseln des gesamten Systemlaufwerks).\n\n- Alternativ können Sie das ganze Laufwerk verschlüsseln, wenn Sie einige der Systeme, bis auf das, welches Sie verschlüsseln möchten, auf ein anderes Laufwerk verschieben.</entry>

<entry lang="de" key="SYSENC_MULTI_BOOT_ADJACENT_SYS_TITLE">Mehrere Systeme auf einem Laufwerk</entry>

<entry lang="de" key="SYSENC_MULTI_BOOT_ADJACENT_SYS_HELP">Sind noch andere Betriebssysteme auf dem Laufwerk installiert, auf dem das z. Z. laufende Betriebssystem installiert ist?\n\nHinweis: Wenn beispielsweise das aktuell laufende Betriebssystem auf dem Laufwerk #0 installiert ist, das mehrere Partitionen enthält und eine dieser Partitionen enthält Windows, eine andere Partition enthält ein weiteres Betriebssystem (z. B. Windows, Mac OS X, Linux), dann wählen Sie „Ja“.</entry>

<entry lang="de" key="SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_TITLE">Nicht-Windows-Bootloader</entry>

<entry lang="de" key="SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_HELP">Ist statt des Windows-Bootloaders ein anderer Bootloader (oder Bootmanager) im Master Boot Record (MBR) installiert?\n\nHinweis: Beispielsweise, wenn die erste Spur des Startlaufwerks GRUB, LILO, XOSL oder einen anderen Nicht-Windows-Bootmanager (oder -Bootloader) enthält, dann wählen Sie „Ja“.</entry>

<entry lang="de" key="SYSENC_MULTI_BOOT_OUTCOME_TITLE">Multiboot</entry>

<entry lang="de" key="CUSTOM_BOOT_MANAGERS_IN_MBR_UNSUPPORTED">VeraCrypt unterstützt momentan keine Multiboot-Konfigurationen, auf dem ein Nicht-Windows-Bootloader im Master Boot Record installiert ist.\n\nMögliche Lösungen:\n\n- Wenn Sie einen Bootmanager nutzen, um Windows und Linux zu booten, dann verschieben Sie den Bootmanager (normalerweise GRUB) vom Master Boot Record auf eine Partition. Dann starten Sie diesen Assistenten erneut und verschlüsseln die Systempartition/das Laufwerk. Hinweis: Der VeraCrypt-Bootloader wird Ihr primärer Bootmanager werden, der es Ihnen erlaubt, den originalen Bootmanager (z. B. GRUB) als sekundären Bootmanager zu starten (Esc im VeraCrypt-Bootloader-Bildschirm drücken), was es Ihnen ermöglicht, Linux zu booten.</entry>

<entry lang="de" key="WINDOWS_BOOT_LOADER_HINTS">Wenn das aktuell ausgeführte Betriebssystem auf der Startpartition installiert ist, dann müssen Sie, nachdem Sie es verschlüsselt haben, immer das richtige Passwort eingeben, auch wenn Sie ein anderes unverschlüsseltes Windows-System starten möchten (da diese sich einen einzigen verschlüsselten Windows-Bootloader/Bootmanager teilen).\n\nWenn im Gegensatz dazu das derzeit laufende Betriebssystem nicht auf der Startpartition installiert ist (oder wenn der Windows-Bootloader/Bootmanager nicht von allen anderen Systemen verwendet wird), dann müssen Sie nicht das korrekte Passwort zum Starten der anderen unverschlüsselten Systeme eingeben, nachdem Sie dieses System verschlüsselt haben -- Sie müssen nur die Esc-Taste drücken, um das unverschlüsselte System zu starten (wenn es mehrere unverschlüsselte Systeme gibt, dann müssen Sie im VeraCrypt-Bootmanager wählen, welches der Systeme gestartet werden soll).\n(Hinweis: Normalerweise ist das erste installierte Windows-System auf der Startpartition installiert.)</entry>

<entry lang="de" key="SYSENC_PRE_DRIVE_ANALYSIS_TITLE">Verschlüsselung des geschützten Bereichs des Hosts</entry>

<entry lang="de" key="SYSENC_PRE_DRIVE_ANALYSIS_HELP">Am Ende vieler Laufwerke gibt es einen Bereich, der normalerweise vom Betriebssystem versteckt wird (solche Bereiche werden als host-geschützte Bereiche bezeichnet). Allerdings können manche Programme von/auf solche(n) Bereiche(n) lesen und schreiben.\n\nWARNUNG: Einige Computerhersteller verwenden möglicherweise solche Bereiche, um Werkzeuge und Daten für RAID, Systemwiederherstellung, Systeminstallation, Diagnose oder andere Zwecke zu speichern. Wenn solche Tools oder Daten vor dem Starten zugänglich sein müssen, dann sollte der versteckte Bereich nicht verschlüsselt werden (wählen Sie oben „Nein“).\n\nMöchten Sie, dass VeraCrypt einen solchen Bereich (falls vorhanden) am Ende des Systemlaufwerks ermittelt und verschlüsselt?</entry>

<entry lang="de" key="SYSENC_HIDDEN_TYPE_HELP">Es kann vorkommen, dass Sie gezwungen werden, das Betriebssystem zu entschlüsseln. Es gibt viele Situationen (z. B. Erpressung), in denen Sie sich nicht weigern können. Bei Auswahl dieser Option erstellen Sie ein verstecktes Betriebssystem, dessen Existenz unmöglich zu beweisen sein sollte (wenn gewisse Richtlinien eingehalten werden). Daher müssen Sie das versteckte Betriebssystem nicht entschlüsseln oder das Passwort dafür herausgeben.</entry>

<entry lang="de" key="HIDDEN_OS_PREINFO">Es kann vorkommen, dass Sie gezwungen werden, das Betriebssystem zu entschlüsseln. Es gibt viele Situationen (z. B. Erpressung), in denen Sie sich nicht weigern können, das Passwort herauszugeben.\n\nMit diesem Assistenten können Sie ein verstecktes Betriebssystem erstellen, dessen Existenz unmöglich zu beweisen ist (wenn bestimmte Richtlinien eingehalten werden). Daher müssen Sie das versteckte Betriebssystem nicht entschlüsseln oder das Passwort dafür herausgeben.</entry>

<entry lang="de" key="SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_TITLE">Verstecktes Betriebssystem</entry>

<entry lang="de" key="SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_HELP">In den folgenden Schritten erstellen Sie 2 VeraCrypt-Volumes (äußeres und verstecktes) innerhalb der ersten Partition hinter der Systempartition. Das versteckte Volume enthält das versteckte Betriebssystem. VeraCrypt erstellt dieses durch Kopieren des Inhalts der Systempartition (des gerade laufenden Betriebssystems). Auf das äußere Volume kopieren Sie einige wichtig wirkende Dateien, die Sie NICHT verstecken möchten. Diese sind für Personen bestimmt, die Sie zwingen, das Passwort für die versteckte Betriebssystempartition preiszugeben. Sie können das Passwort für das äußere Volume innerhalb des versteckten Betriebssystems verraten (das versteckte Betriebssystem bleibt geheim).\n\nAbschließend installieren Sie auf der Systempartition des gerade laufenden Betriebssystems ein neues sogenanntes Köder-Betriebssystem und verschlüsseln es. Es darf keine sensiblen Daten enthalten und ist für Personen, die Sie zwingen, das Pre-Boot-Authentifikationspasswort zu verraten. Es wird 3 Passwörter geben, 2 davon können Sie verraten (für das Köder-Betriebssystem und das äußere Volume). Bei Verwendung des dritten wird das versteckte Betriebssystem gestartet.</entry>

<entry lang="de" key="SYSENC_DRIVE_ANALYSIS_TITLE">Versteckte Sektoren ermitteln</entry>

<entry lang="de" key="SYSENC_DRIVE_ANALYSIS_INFO">Bitte warten Sie, während VeraCrypt am Ende des Systemlaufwerks mögliche versteckte Sektoren sucht. Beachten Sie, dass es lange dauern kann, bis dies beendet ist.\n\nHinweis: In sehr seltenen Fällen wird auf einigen Computern das System während dieses Erkennungsvorganges möglicherweise nicht mehr reagieren. Wenn dies geschieht, dann starten Sie den Computer neu, Starten Sie VeraCrypt und wiederholen Sie die vorherigen Schritte, überspringen Sie aber diesen Erkennungsvorgang. Beachten Sie, dass dieses Problem nicht durch einen Fehler in VeraCrypt verursacht wird.</entry>

<entry lang="de" key="SYS_ENCRYPTION_SPAN_TITLE">Bereich der Verschlüsselung</entry>

<entry lang="de" key="SYS_ENCRYPTION_SPAN_WHOLE_SYS_DRIVE_HELP">Die gesamte Festplatte verschlüsseln, auf der das derzeit laufende Windows installiert ist. Das gesamte Laufwerk mit allen Partitionen wird verschlüsselt, mit Ausnahme des ersten Datenblocks (Kopfdaten), auf dem der VeraCrypt-Bootloader installiert wird. Um auf das Betriebssystem oder Dateien auf diesem Laufwerk zuzugreifen, muss das korrekte Passwort vor jedem Start eingegeben werden. Diese Option kann NICHT dazu benutzt werden, eine zweite oder externe Festplatte zu verschlüsseln, wenn dort kein Windows installiert ist und es nicht von der Festplatte startet.</entry>

<entry lang="de" key="COLLECTING_RANDOM_DATA_TITLE">Zufällige Daten sammeln</entry>

<entry lang="de" key="KEYS_GEN_TITLE">Schlüssel erstellen</entry>

<entry lang="de" key="SYS_ENCRYPTION_PRETEST_TITLE">Systemverschlüsselungsvortest</entry>

<entry lang="de" key="RESCUE_DISK_DISK_VERIFIED_TITLE">Rettungsdatenträger überprüfen</entry>

<entry lang="de" key="RESCUE_DISK_VERIFIED_INFO">\nDer VeraCrypt-Rettungsdatenträger wurde erfolgreich überprüft. Bitte entfernen Sie diesen aus dem Laufwerk und bewahren Sie ihn an einem sicheren Ort auf.\n\nKlicken Sie „Weiter“, um fortzufahren.</entry>

<entry lang="de" key="REMOVE_RESCUE_DISK_FROM_DRIVE">WARNUNG: Der VeraCrypt-Rettungsdatenträger darf sich während der nächsten Schritte nicht im Laufwerk befinden. Anderenfalls wird es nicht möglich sein, die Schritte erfolgreich zu beenden.\n\nEntfernen Sie ihn nun aus dem Laufwerk und bewahren Sie ihn an einem sicheren Ort auf. Klicken Sie dann auf „OK“.</entry>

<entry lang="de" key="PREBOOT_NOT_LOCALIZED">WARNUNG: Aufgrund von technischen Einschränkungen in der Pre-Boot-Umgebung können Texte durch VeraCrypt in der Pre-Boot-Umgebung (d. h., bevor Windows gestartet wird) nicht übersetzt angezeigt werden. Die Oberfläche des VeraCrypt-Bootloaders ist vollständig in Englisch.\n\nFortfahren?</entry>

<entry lang="de" key="SYS_ENCRYPTION_PRETEST_INFO">Bevor das Verschlüsseln Ihrer Systempartition oder Ihres Laufwerks beginnen kann, muss VeraCrypt überprüfen, ob alles ordnungsgemäß funktioniert.\n\nNachdem Sie auf „Test“ klicken, werden alle notwendigen Komponenten (z. B. die Pre-Boot-Authentifikationskomponente, d. h. der VeraCrypt-Bootloader) installiert und Ihr Computer wird dann neu gestartet. Anschließend müssen Sie Ihr Passwort im VeraCrypt-Bootloader-Bildschirm eingeben, der vor dem Windows-Start angezeigt wird. Nachdem Windows gestartet wurde, werden Sie automatisch über das Ergebnis dieses Vortests informiert.\n\nDas folgende Laufwerk wird bearbeitet: Laufwerk #%d\n\n\nWenn Sie jetzt auf „Abbrechen“ klicken, wird der Vortest nicht ausgeführt.</entry>

<entry lang="de" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_1">WICHTIGE HINWEISE: BITTE LESEN UND GGF. AUSDRUCKEN („Drucken“ klicken):\n\nBitte beachten Sie, dass Ihre Daten nicht verschlüsselt werden, bevor Sie Ihren Computer und Windows erfolgreich neu gestartet haben. Dadurch gehen Ihre Daten nicht verloren, wenn ein Fehler auftritt. Allerdings kann es in Folge von Fehlern zu Startproblemen von Windows kommen. Lesen (und drucken) Sie deshalb bitte die folgenden Richtlinien für den Fall, dass Windows nach dem Neustart nicht mehr hochfährt.\n\n</entry>

<entry lang="de" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_2">Vorgehensweise, wenn Windows nicht startet\n------------------------------------------------\n\nHinweis: Diese Anweisungen gelten nur, wenn Sie den Verschlüsselungsprozess noch nicht begonnen haben.\n\n- Wenn Windows nicht startet, nachdem Sie das korrekte Passwort eingegeben haben (oder wenn Sie wiederholt das korrekte Passwort eingeben, aber VeraCrypt sagt, dass es falsch ist), bleiben Sie ruhig. Starten Sie den Computer neu (Strom ausschalten und wieder anschalten) und drücken Sie nach dem Erscheinen des VeraCrypt-Ladebildschirms die Esc-Taste (und wählen Sie eines zum Starten aus, falls Sie mehrere Systeme haben). Windows sollte dann starten (wenn es nicht verschlüsselt ist) und VeraCrypt wird automatisch fragen, ob Sie die Pre-Boot-Authentifikation deinstallieren möchten. Bitte beachten Sie, dass die genannten Schritte NICHT funktionieren, wenn die Systempartition/das Systemlaufwerk verschlüsselt ist. Es ist unmöglich, ein verschlüsseltes Windows zu starten oder auf verschlüsselte Daten zuzugreifen, ohne das korrekte Passwort einzugeben, auch wenn die vorherigen Schritte befolgt werden.\n\n</entry>

<entry lang="de" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_3">- Wenn die vorherigen Schritte nicht helfen oder der VeraCrypt-Ladebildschirm vor dem Start von Windows nicht erscheint, legen Sie den VeraCrypt-Rettungsdatenträger in Ihr CD/DVD-Laufwerk ein und starten Sie Ihren Computer neu. Wenn der VeraCrypt-Rettungsdatenträger-Bildschirm nicht erscheint (oder wenn „Repair Options“ nicht im Abschnitt „Keyboard Controls“ des VeraCrypt-Rettungsdatenträger-Bildschirms verfügbar ist), ist Ihr BIOS wahrscheinlich so konfiguriert, dass es zuerst von Festplatte und dann von CD startet. In diesem Fall müssen Sie den Computer neu starten und die F2-Taste oder Entf-Taste drücken (sobald Sie einen BIOS-Startbildschirm sehen), bis der BIOS-Einstellungsbildschirm erscheint. Stellen Sie Ihr BIOS so ein, dass es zuerst von CD/DVD bootet (für genauere Informationen lesen Sie bitte in der Bedienungsanleitung Ihres BIOS/Motherboards nach oder kontaktieren Sie den Support Ihres Computerherstellers). Danach starten Sie Ihren Computer neu. Der VeraCrypt-Rettungsdatenträger-Bildschirm sollte jetzt erscheinen. Hier wählen Sie nun „Repair Options“, indem Sie die F8-Taste drücken. Aus dem Menü „Repair Options“ wählen Sie „Restore original system loader“. Entfernen Sie jetzt die Rettungs-CD aus dem CD/DVD-Laufwerk und starten Sie den Computer neu. Windows sollte jetzt normal starten (wenn es nicht verschlüsselt ist).\n\n</entry>

<entry lang="de" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_4">Bitte beachten Sie, dass die genannten Schritte NICHT funktionieren, wenn die Systempartition/das Systemlaufwerk verschlüsselt ist. Es ist unmöglich, ein verschlüsseltes Windows zu starten oder auf verschlüsselte Daten zuzugreifen, ohne das korrekte Passwort einzugeben, auch wenn die vorherigen Schritte befolgt wurden.\n\n\nBitte beachten Sie, dass es einem Angreifer unmöglich sein wird, die Systempartition ohne das korrekte Passwort zu entschlüsseln, selbst wenn er den VeraCrypt-Rettungsdatenträger findet.</entry>

<entry lang="de" key="NONSYS_INPLACE_ENC_ENCRYPTION_PAGE_INFO">\nSie können jederzeit „Pause“ oder „Später“ klicken, um den Verschlüsselungsprozess zu unterbrechen, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und dann den Prozess wieder fortsetzen. Beachten Sie, dass das Volume nicht eingehängt werden kann, bis es vollständig verschlüsselt wurde.</entry>

<entry lang="de" key="NONSYS_INPLACE_DEC_DECRYPTION_PAGE_INFO">\nSie können jederzeit „Pause“ oder „Später“ klicken, um den Entschlüsselungsprozess zu unterbrechen, diesen Assistenten verlassen, den Computer neu starten oder herunterfahren und dann den Prozess wieder fortsetzen. Es wird an dem Punkt fortgesetzt, an dem Sie gestoppt haben. Bitte beachten Sie, dass das Volume nicht eingehängt werden kann, bis es vollständig entschlüsselt wurde.</entry>

<entry lang="de" key="SYSENC_HIDDEN_OS_INITIAL_INFO_TITLE">Verstecktes System gestartet</entry>

<entry lang="de" key="SYSENC_HIDDEN_OS_WIPE_INFO_TITLE">Originales System</entry>

<entry lang="de" key="SYSENC_HIDDEN_OS_WIPE_INFO">Windows erstellt (typischerweise ohne Ihr Wissen oder Ihre Zustimmung) verschiedene Logdateien, temporäre Dateien usw. auf der Systempartition. Es speichert auch den Inhalt des RAMs für den Ruhezustand und beherbergt die Auslagerungsdateien auf der Systempartition. Wenn ein Angreifer auf der Partition, auf der sich auch das originale System (von dem das versteckte System eine Kopie ist) befindet, gespeicherte Dateien analysiert, könnte er z. B. herausfinden, dass Sie den VeraCrypt-Assistenten im Modus „Verstecktes System erstellen“ verwendet haben. Das könnte auf die Existenz eines versteckten Betriebssystems auf Ihrem Computer hinweisen.\n\nUm solche Probleme zu vermeiden, wird VeraCrypt in den nächsten Schritten den gesamten Inhalt der Partition (auf der das originale System ist) sicher löschen. Danach müssen Sie, um die glaubhafte Leugnung zu erhalten, ein neues System auf der Partition installieren und es verschlüsseln. Dadurch werden Sie das Ködersystem erstellen und der gesamte Prozess für die Erstellung des versteckten Betriebssystems wird beendet sein.</entry>

<entry lang="de" key="OS_WIPING_NOT_FINISHED_ASK">Das versteckte Betriebssystem wurde erfolgreich erstellt. Allerdings, bevor Sie es verwenden können (und glaubhafte Leugnung erreichen), müssen Sie (mit VeraCrypt) den gesamten Inhalt der Partition (auf der das aktuell ausgeführte Betriebssystem installiert ist) sicher löschen. Sie müssen, bevor Sie dies tun können, den Computer neu starten und im VeraCrypt-Bootloader-Bildschirm (der vor dem Starten von Windows erscheint) das Pre-Boot-Authentifikationspasswort für das versteckte Betriebssystem eingeben. Nachdem das versteckte System gestartet ist, wird der VeraCrypt-Assistent automatisch gestartet.\n\nHinweis: Wenn Sie den Erstellungsvorgang für das versteckte Betriebssystem jetzt beenden, dann werden Sie den Vorgang NICHT fortsetzen können und das System wird NICHT zugänglich sein (weil der VeraCrypt-Bootloader entfernt wird).</entry>

<entry lang="de" key="HIDDEN_OS_CREATION_NOT_FINISHED_ASK">Sie haben den Vorgang zum Erstellen eines versteckten Betriebssystems geplant. Der Vorgang ist noch nicht abgeschlossen. Sie müssen den Computer neu starten, um ihn abzuschließen und im VeraCrypt-Bootloader-Bildschirm (der erscheint, bevor Windows startet) das Passwort für das versteckte Betriebssystem eingeben.\n\nHinweis: Wenn Sie den Erstellungsvorgang des versteckten Betriebssystems jetzt beenden, dann werden Sie den Vorgang NICHT fortsetzen können.</entry>

<entry lang="de" key="HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_RETRY">Starten Sie den Computer neu und setzen Sie fort.</entry>

<entry lang="de" key="HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_TERMINATE">Den Vorgang für die Erstellung des versteckten Betriebssystems dauerhaft abbrechen</entry>

<entry lang="de" key="HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_ASK_LATER">Jetzt nichts machen und später wieder fragen</entry>

<entry lang="de" key="DISABLE_BOOT_LOADER_PIM_PROMPT">WARNUNG: Sie sollten nicht vergessen, dass der PIM-Wert unverschlüsselt auf der Festplatte gespeichert wird, wenn Sie diese Option aktivieren.\n\nSind Sie sicher, dass Sie diese Option aktivieren möchten?</entry>

<entry lang="de" key="PIM_TOO_BIG">Der größtmögliche Wert für den PIM (Persönlicher Iterationsmultiplikator) ist 2147468.</entry>

<entry lang="de" key="IDC_SKIP_RESCUE_VERIFICATION">Rettungsdatenträgerüberprüfung überspringen</entry>

<entry lang="de" key="IDC_HIDE_WAITING_DIALOG">Wartemitteilungsdialog nicht anzeigen, wenn Vorgänge ausgeführt werden</entry>

<entry lang="de" key="IDC_DISABLE_BOOT_LOADER_HASH_PROMPT">Im Pre-Boot-Authentifikationsbildschirm keinen Hash-Algorithmus abfragen</entry>

<entry lang="de" key="KUZNYECHIK_HELP">Kuznyechik ist eine Blockverschlüsselung, zuerst veröffentlicht im Jahr 2015 und definiert im Nationalen Standard der Russischen Föderation GOST R 34.12-2015 und ebenfalls in RFC 7801. 256 Bit Schlüssellänge, 128 Bit Blockgröße. Arbeitet im XTS-Modus.</entry>

<entry lang="de" key="CAMELLIA_HELP">Von Mitsubishi Electric und NTT aus Japan gemeinsam entwickelt. Im Jahr 2000 zuerst veröffentlicht. 256 Bit Schlüssellänge, 128 Bit Blockgröße.\nArbeitet im XTS-Modus. Von der ISO/IEC, dem Projekt NESSIE der Europäischen Union und dem japanischen Projekt CRYPTREC zur Nutzung zugelassen.</entry>

<entry lang="de" key="TIME">Zeit</entry>

<entry lang="de" key="ITERATIONS">Iterationen</entry>

<entry lang="de" key="PRE-BOOT">Pre-Boot</entry>

<entry lang="de" key="RESCUE_DISK_EFI_EXTRACT_INFO">Das Rettungsdatenträger-ZIP-Abbild wurde erstellt und in dieser Datei gespeichert:\n%s\n\nJetzt müssen Sie es auf einen mit FAT-/FAT32-formatierten USB-Stick entpacken.\n\n%lsNachdem Sie den Rettungsdatenträger erstellt haben, klicken Sie auf „Weiter“, um zu bestätigen, dass er korrekt erstellt wurde.</entry>

<entry lang="de" key="RESCUE_DISK_EFI_EXTRACT_INFO_NO_CHECK">Das Rettungsdatenträger-ZIP-Abbild wurde erstellt und in dieser Datei gespeichert\n%s\n\nJetzt sollten Sie es entweder auf einen mit FAT-/FAT32-formatierten USB-Stick entpacken oder an einen sicheren Ort für die spätere Verwendung verschieben.\n\n%ls„Weiter“ klicken, um fortzufahren.</entry>

<entry lang="de" key="RESCUE_DISK_EFI_EXTRACT_INFO_NOTE">WICHTIG: Beachten Sie, dass die ZIP-Datei direkt in das Stammverzeichnis des USB-Sticks entpackt werden muss. Zum Beispiel, wenn der Laufwerksbuchstabe des USB-Sticks E: ist, sollte das Entpacken der ZIP-Datei einen Ordner E:\\EFI auf dem USB-Stick erstellen.\n\n</entry>

<entry lang="de" key="RESCUE_DISK_EFI_CHECK_FAILED">Kann nicht bestätigen, ob der Rettungsdatenträger korrekt entpackt wurde.\n\nWenn Sie den Rettungsdatenträger entpackt haben, werfen Sie den USB-Stick bitte aus und stecken Sie ihn wieder ein; anschließend klicken Sie auf „Weiter“ und versuchen es erneut. Wenn dies nicht hilft, versuchen Sie es bitte mit einem anderen USB-Stick und/oder einer anderen ZIP-Software.\n\nWenn Sie den Rettungsdatenträger noch nicht entpackt haben, machen Sie dies bitte und klicken Sie anschließend auf „Weiter“.\n\nWenn Sie vor dem Start dieses Assistenten versucht haben, den VeraCrypt-Rettungsdatenträger zu bestätigen, beachten Sie bitte, dass ein solcher Rettungsdatenträger nicht verwendet werden kann, da er für einen anderen Hauptschlüssel erstellt wurde. Sie müssen das neu generierte Rettungsdatenträger-ZIP-Abbild entpacken.</entry>

<entry lang="de" key="RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED">Kann nicht bestätigen, ob der Rettungsdatenträger korrekt entpackt wurde.\n\nWenn Sie das Rettungsdatenträger-Abbild auf einen USB-Stick entpackt haben, werfen Sie ihn bitte aus und stecken Sie ihn wieder ein; anschließend versuchen Sie es erneut. Wenn dies nicht hilft, versuchen Sie es bitte mit einer anderen ZIP-Software und/oder Medium.\n\nWenn Sie für einen anderen Hauptschlüssel, Passwort, Salt usw. versucht haben, den VeraCrypt-Rettungsdatenträger zu bestätigen, beachten Sie bitte, dass ein solcher Rettungsdatenträger immer durch diese Überprüfung fallen wird. Um einen neuen, mit Ihrer aktuellen Konfiguration vollständig kompatiblen Rettungsdatenträger zu erstellen, wählen Sie „System“ > „Rettungsdatenträger erstellen“ aus.</entry>

<entry lang="de" key="RESCUE_DISK_EFI_NON_WIZARD_CREATION">Das Rettungsdatenträger-Abbild wurde erstellt und in dieser Datei gespeichert:\n%s\n\nJetzt müssen Sie das Rettungsdatenträger-Abbild auf einen mit FAT-/FAT32-formatierten USB-Stick entpacken.\n\nWICHTIG: Beachten Sie, dass die ZIP-Datei direkt in das Stammverzeichnis des USB-Sticks entpackt werden muss. Zum Beispiel, wenn der Laufwerksbuchstabe des USB-Sticks E: ist, sollte das Entpacken der ZIP-Datei einen Ordner E:\\EFI auf dem USB-Stick erstellen.\n\nNachdem Sie den Rettungsdatenträger erstellt haben, wählen Sie „System“ > „Rettungsdatenträger überprüfen“ aus, um zu bestätigen, dass er korrekt erstellt wurde.</entry>

<entry lang="de" key="IDC_SECURE_DESKTOP_PASSWORD_ENTRY">Sicheren Desktop für die Passworteingabe verwenden</entry>

<entry lang="de" key="ERR_REFS_INVALID_VOLUME_SIZE">Die in der Befehlszeile angegebene Größe der Volume-Datei ist mit dem ausgewählten ReFS-Dateisystem nicht kompatibel.</entry>

<entry lang="de" key="IDC_EDIT_DCSPROP">Bootloader-Konfiguration bearbeiten</entry>

<entry lang="de" key="IDC_SHOW_PLATFORMINFO">EFI-Plattforminformationen anzeigen</entry>

<entry lang="de" key="OPEN_NEW_VOLUME">Neues VeraCrypt-Volume erstellen</entry>

<entry lang="de" key="PARAMETER_INCORRECT">Parameter falsch</entry>

<entry lang="de" key="SELECT_KEYFILES">Schlüsseldatei auswählen</entry>

<entry lang="de" key="START_TC">VeraCrypt starten</entry>

<entry lang="de" key="VOLUME_ALREADY_MOUNTED">Das Volume {0} ist bereits eingehängt.</entry>

<entry lang="de" key="UNKNOWN_OPTION">Unbekannte Option</entry>

<entry lang="de" key="VOLUME_LOCATION">Volume-Speicherort</entry>

<entry lang="de" key="VOLUME_HOST_IN_USE">WARNUNG: Die Datei/das Laufwerk {0} ist bereits in Verwendung!\n\nWenn Sie diese Warnung ignorieren, können nicht vorhersehbare Probleme einschließlich Systemabstürze auftreten. Alle Programme, die die Datei/das Laufwerk verwenden (z. B. Virenscanner oder Backup-Software), sollten geschlossen werden, bevor das Volume eingehängt wird.\n\nTrotzdem fortfahren?</entry>

<entry lang="de" key="CANT_INSTALL_WITH_EXE_OVER_MSI">VeraCrypt wurde zuvor mit einem MSI-Paket installiert und kann daher nicht mit dem Standard-Installationsprogramm aktualisiert werden.\n\nBitte verwenden Sie das MSI-Paket, um Ihre VeraCrypt-Installation zu aktualisieren.</entry>

<entry lang="de" key="IDC_USE_ALL_FREE_SPACE">Gesamten verfügbaren freien Speicherplatz nutzen</entry>

</localization>

<!-- XML-Schema -->

<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">

<xs:element name="VeraCrypt">

<xs:complexType>

<xs:sequence>

<xs:element name="localization">

<xs:complexType>

<xs:sequence>

<xs:element name="language">

SendMessage(hwnd, EM_SHOWBALLOONTIP, 0, (LPARAM)&ebt);

MessageBeep (0xFFFFFFFF);

free (szErrorText);

}

else

SendMessage(hwnd, EM_HIDEBALLOONTIP, 0, 0);

}

static LRESULT CALLBACK BootPwdFieldProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam)

{

WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA);

switch (message)

{

case WM_PASTE:

return 1;

case WM_CHAR:

HandlePasswordEditWmChar (hwnd, wParam);

break;

}

return CallWindowProcW (wp, hwnd, message, wParam, lParam);

}

// Protects an input field from having its content updated by a Paste action. Used for pre-boot password

// input fields (only the US keyboard layout is supported in pre-boot environment so we must prevent the

// user from pasting a password typed using a non-US keyboard layout).

void ToBootPwdField (HWND hwndDlg, UINT ctrlId)

{

HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId);

WNDPROC originalwp = (WNDPROC) GetWindowLongPtrW (hwndCtrl, GWLP_USERDATA);

SendMessage (hwndCtrl, EM_LIMITTEXT, MAX_LEGACY_PASSWORD, 0);

// if ToNormalPwdField has been called before, GWLP_USERDATA already contains original WNDPROC

if (!originalwp)

{

SetWindowLongPtrW (hwndCtrl, GWLP_USERDATA, (LONG_PTR) GetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC));

}

SetWindowLongPtrW (hwndCtrl, GWLP_WNDPROC, (LONG_PTR) BootPwdFieldProc);

}

// Ensures that a warning is displayed when user is pasting a password longer than the maximum

// length which is set to 64 characters

static LRESULT CALLBACK NormalPwdFieldProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam)

{

WNDPROC wp = (WNDPROC) GetWindowLongPtrW (hwnd, GWLP_USERDATA);

switch (message)

{

case WM_PASTE:

{

x = SendMessage (hComboBox, CB_GETITEMDATA, i, 0);

if (x == (LPARAM) *algo_id)

{

SendMessage (hComboBox, CB_SETCURSEL, i, 0);

return;

}

}

/* Something went wrong ; couldn't find the requested algo id so we drop

back to a default */

*algo_id = (int) SendMessage (hComboBox, CB_GETITEMDATA, 0, 0);

SendMessage (hComboBox, CB_SETCURSEL, 0, 0);

}

void PopulateWipeModeCombo (HWND hComboBox, BOOL bNA, BOOL bInPlaceEncryption, BOOL bHeaderWipe)

{

if (bNA)

{

SetCurrentDirectory (p);

}

}

BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter)

{

return BrowseFilesInDir (hwndDlg, stringId, NULL, lpszFileName, keepHistory, saveMode, browseFilter);

}

BOOL BrowseFilesInDir (HWND hwndDlg, char *stringId, wchar_t *initialDir, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter, const wchar_t *initialFileName, const wchar_t *defaultExtension)

{

OPENFILENAMEW ofn;

wchar_t file[TC_MAX_PATH] = { 0 };

wchar_t filter[1024];

BOOL status = FALSE;

CoInitialize (NULL);

WaitCursor ();

ShellExecute (NULL, L"open", filename, cl, NULL, SW_HIDE);

Sleep (6000);

NormalCursor();

_wremove (path);

return TRUE;

}

BOOL IsNonInstallMode ()

{

HKEY hkey, hkeybis;

DWORD dw;

WCHAR szBuffer[512];

DWORD dwBufferSize = sizeof(szBuffer);

std::wstring msiProductGUID;

if (bPortableModeConfirmed)

return TRUE;

// Configuration" from the Windows boot menu).

if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\VeraCrypt", 0, KEY_READ | KEY_WOW64_32KEY, &hkey) == ERROR_SUCCESS)

{

RegCloseKey (hkey);

return FALSE;

}

else

return TRUE;

}

LRESULT SetCheckBox (HWND hwndDlg, int dlgItem, BOOL state)

{

return SendDlgItemMessage (hwndDlg, dlgItem, BM_SETCHECK, state ? BST_CHECKED : BST_UNCHECKED, 0);

}

BOOL GetCheckBox (HWND hwndDlg, int dlgItem)

{

return IsButtonChecked (GetDlgItem (hwndDlg, dlgItem));

}

}

}

return TRUE;

}

BYTE *MapResource (wchar_t *resourceType, int resourceId, PDWORD size)

{

HGLOBAL hResL;

HRSRC hRes;

#ifdef SETUP_DLL

// In case we're being called from the SetupDLL project, FindResource()

// and LoadResource() with NULL will fail since we're in a DLL. We need

// to call them with the HINSTANCE of the DLL instead, which we set in

// Setup.c of SetupDLL, DllMain() function.

hResInst = hInst;

#endif

hRes = FindResource (hResInst, MAKEINTRESOURCE(resourceId), resourceType);

hResL = LoadResource (hResInst, hRes);

if (size != NULL)

*size = SizeofResource (hResInst, hRes);

return (BYTE *) LockResource (hResL);

}

void InconsistencyResolved (char *techInfo)

{

wchar_t finalMsg[8024];

#define DEFAULT_VOL_CREATION_WIZARD_MODE WIZARD_MODE_FILE_CONTAINER

#define ICON_HAND MB_ICONHAND

#define YES_NO MB_YESNO

#define ISO_BURNER_TOOL L"isoburn.exe"

#define PRINT_TOOL L"notepad.exe"

void InitGlobalLocks ();

void FinalizeGlobalLocks ();

void cleanup ( void );

void LowerCaseCopy ( wchar_t *lpszDest , const wchar_t *lpszSource );

void UpperCaseCopy ( wchar_t *lpszDest , size_t cbDest, const wchar_t *lpszSource );

BOOL IsNullTerminateString (const wchar_t* str, size_t cbSize);

void CreateFullVolumePath ( wchar_t *lpszDiskFile , size_t cbDiskFile, const wchar_t *lpszFileName , BOOL *bDevice );

int FakeDosNameForDevice ( const wchar_t *lpszDiskFile , wchar_t *lpszDosDevice , size_t cbDosDevice, wchar_t *lpszCFDevice , size_t cbCFDevice, BOOL bNameOnly );

int RemoveFakeDosName ( wchar_t *lpszDiskFile , wchar_t *lpszDosDevice );

void AbortProcessDirect ( wchar_t *abortMsg );

char * GetLegalNotices ();

BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam);

void UserEnrichRandomPool (HWND hwndDlg);

BOOL CALLBACK KeyfileGeneratorDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam);

BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam);

int DriverAttach ( void );

BOOL CALLBACK CipherTestDialogProc ( HWND hwndDlg , UINT uMsg , WPARAM wParam , LPARAM lParam );

void ResetCipherTest ( HWND hwndDlg , int idTestCipher );

void ResetCurrentDirectory ();

BOOL BrowseFiles (HWND hwndDlg, char *stringId, wchar_t *lpszFileName, BOOL keepHistory, BOOL saveMode, wchar_t *browseFilter);

BOOL BrowseDirectories (HWND hWnd, char *lpszTitle, wchar_t *dirName);

void handleError ( HWND hwndDlg , int code, const char* srcPos );

BOOL CheckFileStreamWriteErrors (HWND hwndDlg, FILE *file, const wchar_t *fileName);

void LocalizeDialog ( HWND hwnd, char *stringId );

void OpenVolumeExplorerWindow (int driveNo);

static BOOL CALLBACK CloseVolumeExplorerWindowsEnum( HWND hwnd, LPARAM driveNo);

BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo);

BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue);

BOOL CheckCapsLock (HWND hwnd, BOOL quiet);

BOOL CheckFileExtension (wchar_t *fileName);

<?xml version="1.0" encoding="utf-8"?>

<VeraCrypt>

<localization prog-version="1.24-Update8">

<language langid="en" name="English" en-name="English" version="0.0.0" translators="TrueCrypt/VeraCrypt Teams" />

<font lang="en" class="normal" size="11" face="default" />

<font lang="en" class="bold" size="13" face="Arial" />

<font lang="en" class="fixed" size="12" face="Lucida Console" />

<font lang="en" class="title" size="21" face="Times New Roman" />

<entry lang="en" key="IDCANCEL">Cancel</entry>

<entry lang="en" key="IDC_ALL_USERS">Install &amp;for all users</entry>

<entry lang="en" key="IDC_BROWSE">Bro&amp;wse...</entry>

<entry lang="en" key="IDC_DESKTOP_ICON">Add VeraCrypt icon to &amp;desktop</entry>

<entry lang="en" key="IDC_DONATE">Donate now...</entry>

<entry lang="en" key="IDC_FILE_TYPE">Associate the .hc file &amp;extension with VeraCrypt</entry>

<entry lang="en" key="IDC_OPEN_CONTAINING_FOLDER">&amp;Open the destination location when finished</entry>

<entry lang="en" key="IDC_PROG_GROUP">Add VeraCrypt to &amp;Start menu</entry>

<entry lang="en" key="IDC_SYSTEM_RESTORE">Create System &amp;Restore point</entry>

<entry lang="en" key="IDC_UNINSTALL">&amp;Uninstall</entry>

<entry lang="en" key="IDC_MB">&amp;MiB</entry>

<entry lang="en" key="IDC_MORE_INFO_ON_CONTAINERS">More information</entry>

<entry lang="en" key="IDC_MORE_INFO_ON_SYS_ENCRYPTION">More information about system encryption</entry>

<entry lang="en" key="IDC_MORE_INFO_SYS_ENCRYPTION">More information</entry>

<entry lang="en" key="IDC_MULTI_BOOT">Multi-Boot</entry>

<entry lang="en" key="IDC_NONSYS_DEVICE">Encrypt a non-system partition/drive</entry>

<entry lang="en" key="IDC_NO_HISTORY">&amp;Never save history</entry>

<entry lang="en" key="IDC_OPEN_OUTER_VOLUME">Open Outer Volume</entry>

<entry lang="en" key="IDC_PAUSE">&amp;Pause</entry>

<entry lang="en" key="IDC_PIM_ENABLE">Use P&amp;IM</entry>

<entry lang="en" key="IDC_QUICKFORMAT">Quick Format</entry>

<entry lang="en" key="IDC_SHOW_PASSWORD">&amp;Display password</entry>

<entry lang="en" key="IDC_SHOW_PASSWORD_SINGLE">&amp;Display password</entry>

<entry lang="en" key="IDC_SHOW_PIM">&amp;Display PIM</entry>

<entry lang="en" key="IDC_SINGLE_BOOT">Single-boot</entry>

<entry lang="en" key="IDC_STD_VOL">Standard VeraCrypt volume</entry>

<entry lang="en" key="IDC_SYSENC_HIDDEN">Hi&amp;dden</entry>

<entry lang="en" key="IDC_SYSENC_NORMAL">Normal</entry>

<entry lang="en" key="IDC_SYS_DEVICE">Encrypt the system partition or entire system drive</entry>

<entry lang="en" key="IDC_SYS_PARTITION">Encrypt the Windows system partition</entry>

<entry lang="en" key="IDC_WHOLE_SYS_DRIVE">Encrypt the whole drive</entry>

<entry lang="en" key="IDT_CLUSTER">Cluster </entry>

<entry lang="en" key="IDT_COLLECTING_RANDOM_DATA_NOTE">IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue.</entry>

<entry lang="en" key="IDT_CONFIRM">&amp;Confirm:</entry>

<entry lang="en" key="IDT_DONE">Done</entry>

<entry lang="en" key="IDT_DRIVE_LETTER">Drive letter:</entry>

<entry lang="en" key="IDT_ENCRYPTION_ALGO">Encryption Algorithm</entry>

<entry lang="en" key="IDT_FILESYSTEM">Filesystem </entry>

<entry lang="en" key="IDT_FILE_CONTAINER">Creates a virtual encrypted disk within a file. Recommended for inexperienced users.</entry>

<entry lang="en" key="IDT_FORMAT_OPTIONS">Options</entry>

<entry lang="en" key="IDT_HASH_ALGO">Hash Algorithm</entry>

<entry lang="en" key="IDT_OLD_PIM">Volume PIM:</entry>

<entry lang="en" key="IDT_PROGRESS">Progress:</entry>

<entry lang="en" key="IDT_RANDOM_POOL">Random Pool: </entry>

<entry lang="en" key="IDT_SINGLE_BOOT">Select this option if there is only one operating system installed on this computer (even if it has multiple users).</entry>

<entry lang="en" key="IDT_SPEED">Speed</entry>

<entry lang="en" key="IDT_STATUS">Status</entry>

<entry lang="en" key="IDT_SYSENC_KEYS_GEN_INFO">The keys, salt, and other data have been successfully generated. If you want to generate new keys, click Back and then Next. Otherwise, click Next to continue.</entry>

<entry lang="en" key="IDT_SYS_DEVICE">Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system.</entry>

<entry lang="en" key="IDT_SYS_PARTITION">Select this option to encrypt the partition where the currently running Windows operating system is installed.</entry>

<entry lang="en" key="IDT_VOLUME_LABEL">Volume Label in Windows:</entry>

<entry lang="en" key="IDCLOSE">Close</entry>

<entry lang="en" key="IDC_ALLOW_ESC_PBA_BYPASS">Allow pre-boot &amp;authentication to be bypassed by pressing the Esc key (enables boot manager)</entry>

<entry lang="en" key="IDC_AUTORUN_DISABLE">Do nothing</entry>

<entry lang="en" key="IDC_AUTORUN_MOUNT">&amp;Auto-mount VeraCrypt volume (specified below)</entry>

<entry lang="en" key="IDC_AUTORUN_START">&amp;Start VeraCrypt</entry>

<entry lang="en" key="IDC_AUTO_DETECT_PKCS11_MODULE">Auto-&amp;Detect Library</entry>

<entry lang="en" key="IDC_BOOT_LOADER_CACHE_PASSWORD">&amp;Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)</entry>

<entry lang="en" key="IDC_BROWSE_DIRS">Browse...</entry>

<entry lang="en" key="IDC_BROWSE_FILES">Browse...</entry>

<entry lang="en" key="IDC_CACHE">Cache passwords and keyfil&amp;es in memory</entry>

<entry lang="en" key="FILESYS_PAGE_TITLE">Large Files</entry>

<entry lang="en" key="FILESYS_PAGE_HELP_QUESTION">Do you intend to store files larger than 4 GiB in this VeraCrypt volume?</entry>

<entry lang="en" key="FILESYS_PAGE_HELP_EXPLANATION">Depending on your choice above, VeraCrypt will choose a suitable default file system for the VeraCrypt volume (you will be able to select a file system in the next step).</entry>

<entry lang="en" key="FILESYS_PAGE_HELP_EXPLANATION_HIDVOL">As you are creating an outer volume, you should consider choosing 'No'. If you choose 'Yes', the default filesystem will be NTFS, which is not as suitable for outer volumes as FAT/exFAT (for example, the maximum possible size of the hidden volume will be significantly greater if the outer volume is formatted as FAT/exFAT). Normally, FAT is the default for both hidden and normal volumes (so FAT volumes are not suspicious). However, if the user indicates intent to store files larger than 4 GiB (which the FAT file system does not allow), then FAT is not the default.</entry>

<entry lang="en" key="FILESYS_PAGE_HELP_EXPLANATION_HIDVOL_CONFIRM">Are you sure you want to choose 'Yes'?</entry>

<entry lang="en" key="DEVICE_TRANSFORM_MODE_PAGE_TITLE">Volume Creation Mode</entry>

<entry lang="en" key="DEVICE_TRANSFORM_MODE_PAGE_FORMAT_HELP">This is the fastest way to create a partition-hosted or device-hosted VeraCrypt volume (in-place encryption, which is the other option, is slower because content of each sector has to be first read, encrypted, and then written). Any data currently stored on the selected partition/device will be lost (the data will NOT be encrypted; it will be overwritten with random data). If you want to encrypt existing data on a partition, choose the other option.</entry>

<entry lang="en" key="DEVICE_TRANSFORM_MODE_PAGE_INPLACE_HELP">The entire selected partition and all data stored on it will be encrypted in place. If the partition is empty, you should choose the other option (the volume will be created much faster).</entry>

<entry lang="en" key="NOTE_BEGINNING">Note: </entry>

<entry lang="en" key="RESUME">&amp;Resume</entry>

<entry lang="en" key="START">&amp;Start</entry>

<entry lang="en" key="CONTINUE">&amp;Continue</entry>

<entry lang="en" key="FORMAT">&amp;Format</entry>

<entry lang="en" key="WIPE">&amp;Wipe</entry>

<entry lang="en" key="FORMAT_ABORT">Abort format?</entry>

<entry lang="en" key="SHOW_MORE_INFORMATION">Show more information</entry>

<entry lang="en" key="DO_NOT_SHOW_THIS_AGAIN">Do not show this again</entry>

<entry lang="en" key="WIPE_FINISHED">The content of the partition/device has been successfully erased.</entry>

<entry lang="en" key="WIPE_FINISHED_DECOY_SYSTEM_PARTITION">The content of the partition where the original system (of which the hidden system is a clone) resided has been successfully erased.</entry>

<entry lang="en" key="DECOY_OS_VERSION_WARNING">Please make sure the version of Windows you are going to install (on the wiped partition) is the same as the version of Windows you are currently running. This is required due to the fact that both systems will share a common boot partition.</entry>

<entry lang="en" key="EXTRA_BOOT_PARTITION_REMOVAL_INSTRUCTIONS">\nThe extra boot partition can be removed before installing Windows. To do so, follow these steps:\n\n1) Boot your Windows installation disc.\n\n2) In the Windows installer screen, click 'Install now' > 'Custom (advanced)'.\n\n3) Click 'Drive Options'.\n\n4) Select the main system partition and delete it by clicking 'Delete' and 'OK'.\n\n5) Select the 'System Reserved' partition, click 'Extend', and increase its size so that the operating system can be installed to it.\n\n6) Click 'Apply' and 'OK'.\n\n7) Install Windows on the 'System Reserved' partition.\n\n\nShould an attacker ask why you removed the extra boot partition, you can answer that you wanted to prevent any possible data leaks to the unencrypted boot partition.\n\nNote: You can print this text by clicking the 'Print' button below. If you save a copy of this text or print it (strongly recommended, unless your printer stores copies of documents it prints on its internal drive), you should destroy any copies of it after removing the extra boot partition (otherwise, if such a copy was found, it might indicate that there is a hidden operating system on this computer).</entry>

<entry lang="en" key="GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION">Warning: There is unallocated space between the system partition and the first partition behind it. After you create the hidden operating system, you must not create any new partitions in that unallocated space. Otherwise, the hidden operating system will be impossible to boot (until you delete such newly created partitions).</entry>

<entry lang="en" key="ALGO_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">This algorithm is currently not supported for system encryption.</entry>

<entry lang="en" key="ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">This algorithm is not supported for TrueCrypt mode.</entry>

<entry lang="en" key="PIM_NOT_SUPPORTED_FOR_TRUECRYPT_MODE">PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode.</entry>

<entry lang="en" key="PIM_REQUIRE_LONG_PASSWORD">Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater.</entry>

<entry lang="en" key="BOOT_PIM_REQUIRE_LONG_PASSWORD">Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater.</entry>

<entry lang="en" key="KEYFILES_NOT_SUPPORTED_FOR_SYS_ENCRYPTION">Keyfiles are currently not supported for system encryption.</entry>

<entry lang="en" key="CANNOT_RESTORE_KEYBOARD_LAYOUT">Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly.</entry>

<entry lang="en" key="CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION">Error: Cannot set the keyboard layout for VeraCrypt to the standard US keyboard layout.\n\nNote that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout.</entry>

<entry lang="en" key="KEYB_LAYOUT_CHANGE_PREVENTED">VeraCrypt prevented change of keyboard layout.</entry>

<entry lang="en" key="KEYB_LAYOUT_SYS_ENC_EXPLANATION">Note: The password will need to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available. Therefore, the password must always be typed using the standard US keyboard layout. However, it is important to note that you do NOT need a real US keyboard. VeraCrypt automatically ensures that you can safely type the password (right now and in the pre-boot environment) even if you do NOT have a real US keyboard.</entry>

<entry lang="en" key="RESCUE_DISK_INFO">Before you can encrypt the partition/drive, you must create a VeraCrypt Rescue Disk (VRD), which serves the following purposes:\n\n- If the VeraCrypt Boot Loader, master key, or other critical data gets damaged, the VRD allows you to restore it (note, however, that you will still have to enter the correct password then).\n\n- If Windows gets damaged and cannot start, the VRD allows you to permanently decrypt the partition/drive before Windows starts.\n\n- The VRD will contain a backup of the present content of the first drive track (which typically contains a system loader or boot manager) and will allow you to restore it if necessary.\n\nThe VeraCrypt Rescue Disk ISO image will be created in the location specified below.</entry>

<entry lang="en" key="RESCUE_DISK_WIN_ISOBURN_PRELAUNCH_NOTE">After you click OK, Microsoft Windows Disc Image Burner will be launched. Please use it to burn the VeraCrypt Rescue Disk ISO image to a CD or DVD.\n\nAfter you do so, return to the VeraCrypt Volume Creation Wizard and follow its instructions.</entry>

<entry lang="en" key="RESCUE_DISK_BURN_INFO">The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to burn it to a CD or DVD.\n\n%lsAfter you burn the Rescue Disk, click Next to verify that it has been correctly burned.</entry>

<entry lang="en" key="RESCUE_DISK_BURN_INFO_NO_CHECK">The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you should either burn the image to a CD/DVD or move it to a safe location for later use.\n\n%lsClick Next to continue.</entry>

<entry lang="en" key="RESCUE_DISK_BURN_INFO_NONWIN_ISO_BURNER">IMPORTANT: Note that the file must be written to the CD/DVD as an ISO disk image (not as an individual file). For information on how to do so, please refer to the documentation of your CD/DVD recording software. If you do not have any CD/DVD recording software that can write the ISO disk image to a CD/DVD, click the link below to download such free software.\n\n</entry>

<entry lang="en" key="LAUNCH_WIN_ISOBURN">Launch Microsoft Windows Disc Image Burner</entry>

<entry lang="en" key="RESCUE_DISK_BURN_NO_CHECK_WARN">WARNING: If you already created a VeraCrypt Rescue Disk in the past, it cannot be reused for this system partition/drive because it was created for a different master key! Every time you encrypt a system partition/drive, you must create a new VeraCrypt Rescue Disk for it even if you use the same password.</entry>

<entry lang="en" key="CANNOT_SAVE_SYS_ENCRYPTION_SETTINGS">Error: Cannot save system encryption settings.</entry>

<entry lang="en" key="WDE_UNSUPPORTED_FOR_MULTIPLE_SYSTEMS_ON_ONE_DRIVE">VeraCrypt currently does not support encrypting a whole drive that contains multiple operating systems.\n\nPossible Solutions:\n\n- You can still encrypt one of the systems if you go back and choose to encrypt only a single system partition (as opposed to choosing to encrypt the entire system drive).\n\n- Alternatively, you will be able to encrypt the entire drive if you move some of the systems to other drives leaving only one system on the drive you want to encrypt.</entry>

<entry lang="en" key="SYSENC_MULTI_BOOT_ADJACENT_SYS_TITLE">Multiple Systems on Single Drive</entry>

<entry lang="en" key="SYSENC_MULTI_BOOT_ADJACENT_SYS_HELP">Are there any other operating systems installed on the drive on which the currently running operating system is installed?\n\nNote: For example, if the currently running operating system is installed on the drive #0, which contains several partitions, and if one of the partitions contains Windows and another partition contains any additional operating system (e.g. Windows, Mac OS X, Linux, etc.), select 'Yes'.</entry>

<entry lang="en" key="SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_TITLE">Non-Windows Boot Loader</entry>

<entry lang="en" key="SYSENC_MULTI_BOOT_NONWIN_BOOT_LOADER_HELP">Is a non-Windows boot loader (or boot manager) installed in the master boot record (MBR)?\n\nNote: For example, if the first track of the boot drive contains GRUB, LILO, XOSL, or some other non-Windows boot manager (or boot loader), select 'Yes'.</entry>

<entry lang="en" key="SYSENC_MULTI_BOOT_OUTCOME_TITLE">Multi-Boot</entry>

<entry lang="en" key="CUSTOM_BOOT_MANAGERS_IN_MBR_UNSUPPORTED">VeraCrypt currently does not support multi-boot configurations where a non-Windows boot loader is installed in the Master Boot Record.\n\nPossible Solutions:\n\n- If you use a boot manager to boot Windows and Linux, move the boot manager (typically, GRUB) from the Master Boot Record to a partition. Then start this wizard again and encrypt the system partition/drive. Note that the VeraCrypt Boot Loader will become your primary boot manager and it will allow you to launch the original boot manager (e.g. GRUB) as your secondary boot manager (by pressing Esc in the VeraCrypt Boot Loader screen) and thus you will be able boot Linux.</entry>

<entry lang="en" key="WINDOWS_BOOT_LOADER_HINTS">If the currently running operating system is installed on the boot partition, then, after you encrypt it, you will need to enter the correct password even if you want to start any other unencrypted Windows system(s) (as they will share a single encrypted Windows boot loader/manager).\n\nIn contrast, if the currently running operating system is not installed on the boot partition (or if the Windows boot loader/manager is not used by any other system), then, after you encrypt this system, you will not need to enter the correct password to boot the other unencrypted system(s) -- you will only need to press the Esc key to start the unencrypted system (if there are multiple unencrypted systems, you will also need to choose which system to start in the VeraCrypt Boot Manager menu).\n\nNote: Typically, the earliest installed Windows system is installed on the boot partition.</entry>

<entry lang="en" key="SYSENC_PRE_DRIVE_ANALYSIS_TITLE">Encryption of Host Protected Area</entry>

<entry lang="en" key="SYSENC_PRE_DRIVE_ANALYSIS_HELP">At the end of many drives, there is an area that is normally hidden from the operating system (such areas are usually referred to as Host Protected Areas). However, some programs can read and write data from/to such areas.\n\nWARNING: Some computer manufacturers may use such areas to store tools and data for RAID, system recovery, system setup, diagnostic, or other purposes. If such tools or data must be accessible before booting, the hidden area should NOT be encrypted (choose 'No' above).\n\nDo you want VeraCrypt to detect and encrypt such a hidden area (if any) at the end of the system drive?</entry>

<entry lang="en" key="SYSENC_NORMAL_TYPE_HELP">Select this option if you merely want to encrypt the system partition or the entire system drive.</entry>

<entry lang="en" key="SYSENC_HIDDEN_TYPE_HELP">It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion). If you select this option, you will create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password to the hidden operating system. For a detailed explanation, please click the link below.</entry>

<entry lang="en" key="HIDDEN_OS_PREINFO">It may happen that you are forced by somebody to decrypt the operating system. There are many situations where you cannot refuse to do so (for example, due to extortion).\n\nUsing this wizard, you can create a hidden operating system whose existence should be impossible to prove (provided that certain guidelines are followed). Thus, you will not have to decrypt or reveal the password for the hidden operating system.</entry>

<entry lang="en" key="SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_TITLE">Hidden Operating System</entry>

<entry lang="en" key="SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_HELP">In the following steps, you will create two VeraCrypt volumes (outer and hidden) within the first partition behind the system partition. The hidden volume will contain the hidden operating system (OS). VeraCrypt will create the hidden OS by copying the content of the system partition (where the currently running OS is installed) to the hidden volume. To the outer volume, you will copy some sensitive looking files that you actually do NOT want to hide. They will be there for anyone forcing you to disclose the password for the hidden OS partition. You can reveal the password for the outer volume within the hidden OS partition (the existence of the hidden OS remains secret).\n\nFinally, on the system partition of the currently running OS, you will install a new OS, so-called decoy OS, and encrypt it. It must not contain sensitive data and will be there for anyone forcing you to reveal your pre-boot authentication password. In total, there will be three passwords. Two of them can be disclosed (for the decoy OS and outer volume). If you use the third one, the hidden OS will start.</entry>

<entry lang="en" key="SYSENC_DRIVE_ANALYSIS_TITLE">Detecting Hidden Sectors</entry>

<entry lang="en" key="SYSENC_DRIVE_ANALYSIS_INFO">Please wait while VeraCrypt is detecting possible hidden sectors at the end of the system drive. Note that it may take a long time to complete.\n\nNote: In very rare cases, on some computers, the system may become unresponsive during this detection process. If it happens, restart the computer, start VeraCrypt, repeat the previous steps but skip this detection process. Note that this issue is not caused by a bug in VeraCrypt.</entry>

<entry lang="en" key="SYS_ENCRYPTION_SPAN_TITLE">Area to Encrypt</entry>

<entry lang="en" key="SYS_ENCRYPTION_SPAN_WHOLE_SYS_DRIVE_HELP">Select this option if you want to encrypt the entire drive on which the currently running Windows system is installed. The whole drive, including all its partitions, will be encrypted except the first track where the VeraCrypt Boot Loader will reside. Anyone who wants to access a system installed on the drive, or files stored on the drive, will need to enter the correct password each time before the system starts. This option cannot be used to encrypt a secondary or external drive if Windows is not installed on it and does not boot from it.</entry>

<entry lang="en" key="COLLECTING_RANDOM_DATA_TITLE">Collecting Random Data</entry>

<entry lang="en" key="KEYS_GEN_TITLE">Keys Generated</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT">VeraCrypt has found no CD/DVD burner connected to your computer. VeraCrypt needs a CD/DVD burner to burn a bootable VeraCrypt Rescue Disk containing a backup of the encryption keys, VeraCrypt boot loader, original system loader, etc.\n\nWe strongly recommend that you burn the VeraCrypt Rescue Disk.</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT_WILL_STORE_ISO">I have no CD/DVD burner but I will store the Rescue Disk ISO image on a removable drive (e.g. USB flash drive).</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT_WILL_CONNECT_LATER">I will connect a CD/DVD burner to my computer later. Terminate the process now.</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT_CONNECTED_NOW">A CD/DVD burner is connected to my computer now. Continue and write the Rescue Disk.</entry>

<entry lang="en" key="CD_BURNER_NOT_PRESENT_WILL_STORE_ISO_INFO">Please follow these steps:\n\n1) Connect a removable drive, such as a USB flash drive, to your computer now.\n\n2) Copy the VeraCrypt Rescue Disk image file (%s) to the removable drive.\n\nIn case you need to use the VeraCrypt Rescue Disk in the future, you will be able to connect your removable drive (containing the VeraCrypt Rescue Disk image) to a computer with a CD/DVD burner and create a bootable VeraCrypt Rescue Disk by burning the image to a CD or DVD. IMPORTANT: Note that the VeraCrypt Rescue Disk image file must be written to the CD/DVD as an ISO disk image (not as an individual file).</entry>

<entry lang="en" key="RESCUE_DISK_RECORDING_TITLE">Rescue Disk Recording</entry>

<entry lang="en" key="RESCUE_DISK_CREATED_TITLE">Rescue Disk Created</entry>

<entry lang="en" key="RESCUE_DISK_DISK_VERIFIED_TITLE">Rescue Disk Verified</entry>

<entry lang="en" key="RESCUE_DISK_VERIFIED_INFO">\nThe VeraCrypt Rescue Disk has been successfully verified. Please remove it from the drive now and store it in a safe place.\n\nClick Next to continue.</entry>

<entry lang="en" key="REMOVE_RESCUE_DISK_FROM_DRIVE">WARNING: During the next steps, the VeraCrypt Rescue Disk must not be in the drive. Otherwise, it will not be possible to complete the steps correctly.\n\nPlease remove it from the drive now and store it in a safe place. Then click OK.</entry>

<entry lang="en" key="PREBOOT_NOT_LOCALIZED">Warning: Due to technical limitations of the pre-boot environment, texts displayed by VeraCrypt in the pre-boot environment (i.e. before Windows starts) cannot be localized. The VeraCrypt Boot Loader user interface is completely in English.\n\nContinue?</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO">Before encrypting your system partition or drive, VeraCrypt needs to verify that everything works correctly.\n\nAfter you click Test, all the necessary components (for example, the pre-boot authentication component, i.e. the VeraCrypt Boot Loader) will be installed and your computer will be restarted. Then you will have to enter your password in the VeraCrypt Boot Loader screen that will appear before Windows starts. After Windows starts, you will be automatically informed about the result of this pretest.\n\nThe following device will be modified: Drive #%d\n\n\nIf you click Cancel now, nothing will be installed and the pretest will not be performed.</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_1">IMPORTANT NOTES -- PLEASE READ OR PRINT (click 'Print'):\n\nNote that none of your files will be encrypted before you successfully restart your computer and start Windows. Thus, if anything fails, your data will NOT be lost. However, if something does go wrong, you might encounter difficulties in starting Windows. Therefore, please read (and, if possible, print) the following guidelines on what to do if Windows cannot start after you restart the computer.\n\n</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_2">What to Do If Windows Cannot Start\n------------------------------------------------\n\nNote: These instructions are valid only if you have not started encrypting.\n\n- If Windows does not start after you enter the correct password (or if you repeatedly enter the correct password but VeraCrypt says that the password is incorrect), do not panic. Restart (power off and on) the computer, and in the VeraCrypt Boot Loader screen, press the Esc key on your keyboard (and if you have multiple systems, choose which to start). Then Windows should start (provided that it is not encrypted) and VeraCrypt will automatically ask whether you want to uninstall the pre-boot authentication component. Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_3">- If the previous steps do not help or if the VeraCrypt Boot Loader screen does not appear (before Windows starts), insert the VeraCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the VeraCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the VeraCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. In the VeraCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n</entry>

<entry lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_4">Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your VeraCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password.</entry>

<entry lang="en" key="NONSYS_INPLACE_ENC_ENCRYPTION_PAGE_INFO">\n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted.</entry>

<entry lang="en" key="NONSYS_INPLACE_DEC_DECRYPTION_PAGE_INFO">\n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted.</entry>

<entry lang="en" key="SYSENC_HIDDEN_OS_INITIAL_INFO_TITLE">Hidden System Started</entry>

<entry lang="en" key="SYSENC_HIDDEN_OS_WIPE_INFO_TITLE">Original System</entry>

<entry lang="en" key="SYSENC_HIDDEN_OS_WIPE_INFO">Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the VeraCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, VeraCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed.</entry>

<entry lang="en" key="OS_WIPING_NOT_FINISHED_ASK">The hidden operating system has been successfully created. However, before you can start using it (and achieve plausible deniability), you need to securely erase (using VeraCrypt) the entire content of the partition where the currently running operating system is installed. Before you can do that, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the pre-boot authentication password for the hidden operating system. Then, after the hidden system starts, the VeraCrypt wizard will be launched automatically.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process and the hidden system will NOT be accessible (because the VeraCrypt Boot Loader will be removed).</entry>

<entry lang="en" key="HIDDEN_OS_CREATION_NOT_FINISHED_ASK">You have scheduled the process of creation of a hidden operating system. The process has not been completed yet. To complete it, you need to restart the computer and, in the VeraCrypt Boot Loader screen (which appears before Windows starts), enter the password for the hidden operating system.\n\nNote: If you choose to terminate the process of creation of the hidden operating system now, you will NOT be able to resume the process.</entry>

<entry lang="en" key="HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_RETRY">Restart the computer and proceed</entry>

<entry lang="en" key="HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_TERMINATE">Permanently terminate the process of creation of the hidden operating system</entry>

<entry lang="en" key="HIDDEN_OS_CREATION_NOT_FINISHED_CHOICE_ASK_LATER">Do nothing now and ask again later</entry>

<entry lang="en" key="MOUNTED_DEVICE_FORCED_READ_ONLY_WRITE_PROTECTION">Volume '%s' has been mounted as read-only because the operating system reported the host device to be write-protected.\n\nPlease note that some custom chipset drivers have been reported to cause writable media to falsely appear write-protected. This problem is not caused by VeraCrypt. It may be solved by updating or uninstalling any custom (non-Microsoft) chipset drivers that are currently installed on this system.</entry>

<entry lang="en" key="LIMIT_ENC_THREAD_POOL_NOTE">Note that the Hyper-Threading technology provides multiple logical cores per a single physical core. When Hyper Threading is enabled, the number selected above represents the number of logical processors/cores.</entry>

<entry lang="en" key="NUMBER_OF_THREADS">%d threads</entry>

<entry lang="en" key="DISABLED_HW_AES_AFFECTS_PERFORMANCE">Note that hardware-accelerated AES is disabled, which will affect benchmark results (worse performance).\n\nTo enable hardware acceleration, select 'Settings' > 'Performance' and enable the corresponding option.</entry>

<entry lang="en" key="LIMITED_THREAD_COUNT_AFFECTS_PERFORMANCE">Note that the number of threads is currently limited, which will affect benchmark results (worse performance).\n\nTo utilize the full potential of the processor(s), select 'Settings' > 'Performance' and disable the corresponding option.</entry>

<entry lang="en" key="ASK_REMOVE_DEVICE_WRITE_PROTECTION">Do you want VeraCrypt to attempt to disable write protection of the partition/drive?</entry>

<entry lang="en" key="CONFIRM_SETTING_DEGRADES_PERFORMANCE">WARNING: This setting may degrade performance.\n\nAre you sure you want to use this setting?</entry>

<entry lang="en" key="HOST_DEVICE_REMOVAL_DISMOUNT_WARN_TITLE">Warning: VeraCrypt volume auto-dismounted</entry>

<entry lang="en" key="HOST_DEVICE_REMOVAL_DISMOUNT_WARN">Before you physically remove or turn off a device containing a mounted volume, you should always dismount the volume in VeraCrypt first.\n\nUnexpected spontaneous dismount is usually caused by an intermittently failing cable, drive (enclosure), etc.</entry>

<entry lang="en" key="UNSUPPORTED_TRUECRYPT_FORMAT">This volume was created with TrueCrypt %x.%x but VeraCrypt supports only TrueCrypt volumes created with TrueCrypt 6.x/7.x series</entry>

<entry lang="en" key="KEYFILE">Keyfile</entry>

<entry lang="en" key="VKEY_08">Backspace</entry>

<entry lang="en" key="VKEY_09">Tab</entry>

<entry lang="en" key="VKEY_0C">Clear</entry>

<entry lang="en" key="VKEY_0D">Enter</entry>

<entry lang="en" key="VKEY_13">Pause</entry>

<entry lang="en" key="VKEY_14">Caps Lock</entry>

<entry lang="en" key="VKEY_20">Spacebar</entry>

<entry lang="en" key="VKEY_21">Page Up</entry>

<entry lang="en" key="VKEY_22">Page Down</entry>

<entry lang="en" key="DISABLE_BOOT_LOADER_PIM_PROMPT">WARNING: Please keep in mind that if you enable this option, the PIM value will be stored unencrypted on the disk.\n\nAre you sure you want to enable this option?</entry>

<entry lang="en" key="PIM_TOO_BIG">Personal Iterations Multiplier (PIM) maximum value is 2147468.</entry>

<entry lang="en" key="IDC_SKIP_RESCUE_VERIFICATION">Skip Rescue Disk verification</entry>

<entry lang="en" key="IDC_HIDE_WAITING_DIALOG">Don't show wait message dialog when performing operations</entry>

<entry lang="en" key="IDC_DISABLE_BOOT_LOADER_HASH_PROMPT">Do not request Hash algorithm in the pre-boot authentication screen</entry>

<entry lang="en" key="KUZNYECHIK_HELP">Kuznyechik is a block cipher first published in 2015 and defined in the National Standard of the Russian Federation GOST R 34.12-2015 and also in RFC 7801. 256-bit key, 128-bit block. Mode of operation is XTS.</entry>

<entry lang="en" key="CAMELLIA_HELP">Jointly developed by Mitsubishi Electric and NTT of Japan. First published on 2000. 256-bit key, 128-bit block. Mode of operation is XTS. It has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project.</entry>

<entry lang="en" key="TIME">Time</entry>

<entry lang="en" key="ITERATIONS">Iterations</entry>

<entry lang="en" key="PRE-BOOT">Pre-Boot</entry>

<entry lang="en" key="RESCUE_DISK_EFI_EXTRACT_INFO">The Rescue Disk ZIP image has been created and stored in this file:\n%s\n\nNow you need to extract it to a USB stick that is formatted as FAT/FAT32.\n\n%lsAfter you create the Rescue Disk, click Next to verify that it has been correctly created.</entry>

<entry lang="en" key="RESCUE_DISK_EFI_EXTRACT_INFO_NOTE">IMPORTANT: Note that the zip file must be extracted directly to the root of the USB stick. For example, if the drive letter of the USB stick is E: then extracting the zip file should create a folder E:\\EFI on the USB stick.\n\n</entry>

<entry lang="en" key="RESCUE_DISK_EFI_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly extracted.\n\nIf you have extracted the Rescue Disk, please eject and reinsert the USB stick; then click Next to try again. If this does not help, please try another USB stick and/or another ZIP software.\n\nIf you have not extracted the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to extract the newly generated Rescue Disk ZIP image.</entry>

<entry lang="en" key="RESCUE_DISK_EFI_NON_WIZARD_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly extracted.\n\nIf you have extracted the Rescue Disk image to a USB stick, please eject it and reinsert it; then try again. If this does not help, please try other ZIP software and/or medium.\n\nIf you attempted to verify a VeraCrypt Rescue Disk created for a different master key, password, salt, etc., please note that such Rescue Disk will always fail this verification. To create a new Rescue Disk fully compatible with your current configuration, select 'System' > 'Create Rescue Disk'.</entry>

<entry lang="en" key="RESCUE_DISK_EFI_NON_WIZARD_CREATION">The Rescue Disk image has been created and stored in this file:\n%s\n\nNow you need to extract the Rescue Disk image to a USB stick that is formatted as FAT/FAT32.\n\nIMPORTANT: Note that the zip file must be extracted directly to the root of the USB stick. For example, if the drive letter of the USB stick is E: then extracting the zip file should create a folder E:\\EFI on the USB stick.\n\nAfter you create the Rescue Disk, select 'System' > 'Verify Rescue Disk' to verify that it has been correctly created.</entry>

<entry lang="en" key="IDC_SECURE_DESKTOP_PASSWORD_ENTRY">Use Secure Desktop for password entry</entry>

<entry lang="en" key="ERR_REFS_INVALID_VOLUME_SIZE">The volume file size specified in the command line is incompatible with selected ReFS filesystem.</entry>

<entry lang="en" key="IDC_EDIT_DCSPROP">Edit Boot Loader Configuration</entry>

<entry lang="en" key="IDC_SHOW_PLATFORMINFO">Display EFI Platform Information</entry>

<entry lang="en" key="BOOT_LOADER_CONFIGURATION_FILE">Boot Loader Configuration File</entry>

<entry lang="en" key="EFI_PLATFORM_INFORMATION">EFI Platform Information</entry>

<entry lang="en" key="IDT_ADVANCED_OPTIONS">Advanced Options</entry>

<entry lang="en" key="AFTER_UPGRADE_RESCUE_DISK">It is strongly recommended that you create a new VeraCrypt Rescue Disk (which will contain the new version of the VeraCrypt Boot Loader) by selecting 'System' > 'Create Rescue Disk'.\nDo you want to do it now?</entry>

<entry lang="en" key="IDC_ALLOW_TRIM_NONSYS_SSD">Allow TRIM command for non-system SSD partition/drive</entry>

<entry lang="en" key="IDC_BLOCK_SYSENC_TRIM">Block TRIM command on system partition/drive</entry>

<entry lang="en" key="WINDOWS_EFI_BOOT_LOADER_MISSING">ERROR: Windows EFI system loader could not be located on the disk. Operation will be aborted.</entry>

<entry lang="en" key="SYSENC_EFI_UNSUPPORTED_SECUREBOOT">It is currently not possible to encrypt a system if SecureBoot is enabled and if VeraCrypt custom keys are not loaded into the machine firmware. SecureBoot needs to be disabled in the BIOS configuration in order to allow system encryption to proceed.</entry>

<entry lang="en" key="PASSWORD_PASTED_TRUNCATED">Pasted text truncated because the password maximum length is %d characters</entry>

<entry lang="en" key="PASSWORD_MAXLENGTH_REACHED">Password already reached its maximum length of %d characters.\nNo additional character is allowed.</entry>

<entry lang="en" key="IDC_SELECT_LANGUAGE_LABEL">Select the language to use during the installation:</entry>

<entry lang="en" key="VOLUME_TOO_LARGE_FOR_HOST">ERROR: The size of the file container is larger than the available free space on disk.</entry>

<entry lang="en" key="CONFIRM_ALLOW_WINDOWS_DEFRAG">WARNING: Defragmenting non-system partitions/drives may leak metadata about their content or cause issues with hidden volumes they may contain.\n\nContinue?</entry>

<entry lang="en" key="VIRTUAL_DEVICE">Virtual Device</entry>

<entry lang="en" key="MOUNTED_VOLUME_NOT_ASSOCIATED">The selected mounted volume is not associated with its drive letter in Windows and so it can not be opened in Windows Explorer.</entry>

<entry lang="en" key="IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION">Clear encryption keys from memory if a new device is inserted</entry>

<entry lang="en" key="CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING">IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n</entry>

<entry lang="en" key="STARTING">Starting</entry>

<entry lang="en" key="IDC_ENABLE_CPU_RNG">Use CPU hardware random generator as an additional source of entropy</entry>

<entry lang="en" key="IDC_USE_LEGACY_MAX_PASSWORD_LENGTH">Use legacy maximum password length (64 characters)</entry>

<entry lang="en" key="IDC_ENABLE_RAM_ENCRYPTION">Activate encryption of keys and passwords stored in RAM</entry>

<entry lang="en" key="IDT_BENCHMARK">Benchmark:</entry>

<entry lang="en" key="PARAMETER_INCORRECT">Parameter incorrect</entry>

<entry lang="en" key="SELECT_KEYFILES">Select Keyfiles</entry>

<entry lang="en" key="START_TC">Start VeraCrypt</entry>

<entry lang="en" key="VOLUME_ALREADY_MOUNTED">The volume {0} is already mounted.</entry>

<entry lang="en" key="UNKNOWN_OPTION">Unknown option</entry>

<entry lang="en" key="VOLUME_LOCATION">Volume Location</entry>

<entry lang="en" key="VOLUME_HOST_IN_USE">WARNING: The host file/device {0} is already in use!\n\nIgnoring this can cause undesired results including system instability. All applications that might be using the host file/device should be closed before mounting the volume.\n\nContinue mounting?</entry>

<entry lang="en" key="CANT_INSTALL_WITH_EXE_OVER_MSI">VeraCrypt was previously installed using an MSI package and so it can't be updated using the standard installer.\n\nPlease use the MSI package to update your VeraCrypt installation.</entry>

<entry lang="en" key="IDC_USE_ALL_FREE_SPACE">Use all available free space</entry>

<entry lang="en" key="SYS_ENCRYPTION_UPGRADE_UNSUPPORTED_ALGORITHM">VeraCrypt cannot be upgraded because the system partition/drive was encrypted using an algorithm that is not supported anymore.\nPlease decrypt your system before upgrading VeraCrypt and then encrypt it again.</entry>

</localization>

<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">

<xs:element name="VeraCrypt">

<xs:complexType>

<xs:sequence>

<xs:element name="localization">

<xs:complexType>

<xs:sequence>

<xs:element name="language">

<xs:complexType>

void VerifyPasswordAndUpdate (HWND hwndDlg, HWND hButton, HWND hPassword,

HWND hVerify, unsigned char *szPassword,

char *szVerify,

BOOL keyFilesEnabled)

{

wchar_t szTmp1[MAX_PASSWORD + 1];

wchar_t szTmp2[MAX_PASSWORD + 1];

char szTmp1Utf8[MAX_PASSWORD + 1];

char szTmp2Utf8[MAX_PASSWORD + 1];

int k = GetWindowTextLength (hPassword);

BOOL bEnable = FALSE;

int utf8Len1, utf8Len2;

UNREFERENCED_PARAMETER (hwndDlg); /* Remove warning */

GetWindowText (hPassword, szTmp1, ARRAYSIZE (szTmp1));

GetWindowText (hVerify, szTmp2, ARRAYSIZE (szTmp2));

utf8Len1 = WideCharToMultiByte (CP_UTF8, 0, szTmp1, -1, szTmp1Utf8, MAX_PASSWORD + 1, NULL, NULL);

utf8Len2 = WideCharToMultiByte (CP_UTF8, 0, szTmp2, -1, szTmp2Utf8, MAX_PASSWORD + 1, NULL, NULL);

if (wcscmp (szTmp1, szTmp2) != 0)

bEnable = FALSE;

else if (utf8Len1 <= 0)

bEnable = FALSE;

else

{

if (k >= MIN_PASSWORD || keyFilesEnabled)

bEnable = TRUE;

else

bEnable = FALSE;

}

{

BOOL bootPimCondition = (bForBoot && (bootPRF != SHA512 && bootPRF != WHIRLPOOL))? TRUE : FALSE;

BOOL bCustomPimSmall = ((pim != 0) && (pim < (bootPimCondition? 98 : 485)))? TRUE : FALSE;

if (passwordLength < PASSWORD_LEN_WARNING)

{

if (bCustomPimSmall)

{

Error (bootPimCondition? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg);

return FALSE;

}

}

#ifndef _DEBUG

else if (bCustomPimSmall)

{

if (!bSkipPimWarning && AskWarnNoYes ("PIM_SMALL_WARNING", hwndDlg) != IDYES)

return FALSE;

}

#endif

if ((pim != 0) && (pim > (bootPimCondition? 98 : 485)))

&& bDevice

&& !UacElevated

&& IsUacSupported ())

return nStatus;

if (nStatus != 0)

handleError (hwndDlg, nStatus, SRC_POS);

return nStatus;

}

//

// Dialog

//

IDD_VOL_CREATION_WIZARD_DLG DIALOGEX 0, 0, 450, 250

STYLE DS_SETFONT | DS_SETFOREGROUND | DS_FIXEDSYS | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU

CAPTION "VeraCrypt Volume Creation Wizard"

CLASS "VeraCryptCustomDlg"

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

PUSHBUTTON "Cancel",IDCANCEL,382,234,60,14

LTEXT "",IDC_POS_BOX,160,24,281,193

END

IDD_CIPHER_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

COMBOBOX IDC_COMBO_BOX,7,23,172,126,CBS_DROPDOWNLIST | WS_VSCROLL | WS_TABSTOP

PUSHBUTTON "&Test",IDC_CIPHER_TEST,191,22,81,14

PUSHBUTTON "&Benchmark",IDC_BENCHMARK,191,122,81,14

GROUPBOX "Encryption Algorithm",IDT_ENCRYPTION_ALGO,0,10,273,131

GROUPBOX "Hash Algorithm",IDT_HASH_ALGO,0,156,273,35

LTEXT "More information",IDC_LINK_MORE_INFO_ABOUT_CIPHER,7,124,176,10,SS_NOTIFY

LTEXT "Information on hash algorithms",IDC_LINK_HASH_INFO,121,171,148,8,SS_NOTIFY

END

IDD_PASSWORD_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

END

IDD_SIZE_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_SIZEBOX,0,22,96,14,ES_AUTOHSCROLL | ES_NUMBER

CONTROL "&KB",IDC_KB,"Button",BS_AUTORADIOBUTTON | WS_GROUP | WS_TABSTOP,105,25,27,10

CONTROL "&MB",IDC_MB,"Button",BS_AUTORADIOBUTTON,140,25,27,10

CONTROL "&GB",IDC_GB,"Button",BS_AUTORADIOBUTTON,175,25,27,10

LTEXT "More information about system encryption",IDC_MORE_INFO_ON_SYS_ENCRYPTION,16,177,253,10,SS_NOTIFY

LTEXT "Creates a virtual encrypted disk within a file. Recommended for inexperienced users.",IDT_FILE_CONTAINER,16,20,253,16

LTEXT "Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume.",IDT_NON_SYS_DEVICE,16,68,253,26

LTEXT "Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system.",IDT_SYS_DEVICE,16,112,253,59

END

IDD_INFO_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

END

IDD_HIDVOL_HOST_FILL_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

LTEXT "",IDC_BOX_HELP,0,6,269,167

PUSHBUTTON "Open Outer Volume",IDC_OPEN_OUTER_VOLUME,0,176,85,14

END

"Button",BS_AUTORADIOBUTTON,0,7,269,10

CONTROL "Encrypt the whole drive",IDC_WHOLE_SYS_DRIVE,"Button",BS_AUTORADIOBUTTON,0,67,269,10

LTEXT "Select this option to encrypt the partition where the currently running Windows operating system is installed.",IDT_SYS_PARTITION,16,20,253,42

LTEXT "",IDT_WHOLE_SYS_DRIVE,16,82,253,104

END

IDD_SYSENC_RESCUE_DISK_CREATION_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

CONTROL "Skip Rescue Disk verification",IDC_SKIP_RESCUE_VERIFICATION,

END

IDD_SYSENC_COLLECTING_RANDOM_DATA_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

CONTROL "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,10,93,266,10

CONTROL "",IDC_SYS_POOL_CONTENTS,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,33,17,209,63,WS_EX_TRANSPARENT

LTEXT "IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue.",IDT_COLLECTING_RANDOM_DATA_NOTE,10,107,265,63

GROUPBOX "Current pool content (partial)",IDT_PARTIAL_POOL_CONTENTS,0,5,276,83

CONTROL "Single-boot",IDC_SINGLE_BOOT,"Button",BS_AUTORADIOBUTTON,0,7,269,10

CONTROL "Multi-boot",IDC_MULTI_BOOT,"Button",BS_AUTORADIOBUTTON,0,75,217,10

LTEXT "Select this option if there is only one operating system installed on this computer (even if it has multiple users).",IDT_SINGLE_BOOT,16,20,253,48

LTEXT "Select this option if there are two or more operating systems installed on this computer.\n\nFor example:\n- Windows XP and Windows XP\n- Windows XP and Windows Vista\n- Windows and Mac OS X\n- Windows and Linux\n- Windows, Linux and Mac OS X",IDT_MULTI_BOOT,16,89,253,90

END

IDD_SYSENC_RESCUE_DISK_BURN_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

END

IDD_SYSENC_WIPE_MODE_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

END

IDD_INPLACE_ENCRYPTION_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

END

IDD_SYSENC_KEYS_GEN_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

CONTROL "Display generated keys (their portions)",IDC_DISPLAY_KEYS,

"Button",BS_AUTOCHECKBOX | WS_TABSTOP,51,110,216,10

CONTROL "",IDC_HEADER_KEY,"Static",SS_LEFTNOWORDWRAP | WS_GROUP,100,87,163,8,WS_EX_TRANSPARENT

LTEXT "",IDC_DISK_KEY,100,95,163,8,0,WS_EX_TRANSPARENT

BEGIN

LTEXT "",IDT_SYSENC_DRIVE_ANALYSIS_INFO,0,10,267,109

CONTROL "",IDC_PROGRESS_BAR,"msctls_progress32",PBS_SMOOTH | WS_BORDER,0,135,267,12

LTEXT "Progress:",IDT_PROGRESS,2,124,172,8

END

IDD_SYSENC_TYPE_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 400, 0, 0x1

BEGIN

END

IDD_SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

LTEXT "More information",IDC_HIDDEN_SYSENC_INFO_LINK,0,172,273,10,SS_NOTIFY

LTEXT "",IDC_BOX_HELP,0,2,273,166

END

IDD_DEVICE_WIPE_PAGE_DLG DIALOGEX 0, 0, 276, 193

STYLE DS_SETFONT | DS_FIXEDSYS | DS_CONTROL | WS_CHILD

FONT 8, "MS Shell Dlg", 0, 0, 0x0

BEGIN

EDITTEXT IDC_PIM,74,0,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER

LTEXT "",IDC_BOX_HELP,0,32,273,142

RTEXT "Volume PIM:",IDT_PIM,1,3,69,8

LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,120,3,153,8

LTEXT "Information on PIM",IDC_LINK_PIM_INFO,0,179,273,8,SS_NOTIFY

CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,74,17,196,10

END

#ifdef APSTUDIO_INVOKED

/////////////////////////////////////////////////////////////////////////////

//

// TEXTINCLUDE

//

1 TEXTINCLUDE

BEGIN

"resource.h\0"

END

IDD_INPLACE_ENCRYPTION_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 267

BOTTOMMARGIN, 187

HORZGUIDE, 80

HORZGUIDE, 96

END

IDD_SYSENC_KEYS_GEN_PAGE_DLG, DIALOG

BEGIN

RIGHTMARGIN, 267

BOTTOMMARGIN, 174

HORZGUIDE, 80

HORZGUIDE, 96

END

IDD_UNIVERSAL_DUAL_CHOICE_PAGE_DLG, DIALOG

BEGIN

#ifndef APSTUDIO_INVOKED

/////////////////////////////////////////////////////////////////////////////

//

// Generated from the TEXTINCLUDE 3 resource.

//

#include "..\\common\\common.rc"

/////////////////////////////////////////////////////////////////////////////

#endif // not APSTUDIO_INVOKED

#define IDC_MORE_INFO 1072

#define IDC_MORE_INFO_ON_SYS_ENCRYPTION 1073

#define IDT_COLLECTING_RANDOM_DATA_NOTE 1074

#define IDC_MORE_INFO_ON_CONTAINERS 1075

#define IDC_SINGLE_BOOT 1076

#define IDC_MULTI_BOOT 1077

#define IDT_MULTI_BOOT 1078

#define IDT_SINGLE_BOOT 1079

#define IDC_SYS_POOL_CONTENTS 1080

#define IDT_PARTIAL_POOL_CONTENTS 1081

#define IDT_RESCUE_DISK_BURN_INFO 1083

#define IDT_WIPE_MODE_INFO 1084

#define IDC_WIPE_MODE 1085

#define IDC_SELECT 1086

#define IDT_SYSENC_KEYS_GEN_INFO 1087

#define IDC_DISPLAY_KEYS 1088

#define IDC_PAUSE 1089

#define IDT_WIPE_MODE 1090

#define IDC_MORE_INFO_SYS_ENCRYPTION 1091

#define IDC_BOX_HELP_NORMAL_VOL 1092

#define IDT_PASS 1100

#define IDC_DEVICE_TRANSFORM_MODE_FORMAT 1101

#define IDC_DEVICE_TRANSFORM_MODE_INPLACE 1102

#define IDC_DRIVE_LETTER_LIST 1103

#define IDT_DRIVE_LETTER 1104

#define IDC_LINK_PIM_INFO 1105

#define IDC_SHOW_PIM 1106

#define IDC_TB 1107

#define IDC_SKIP_RESCUE_VERIFICATION 1108

#define SPARSE_FILE 1109

// Next default values for new objects

//

#ifdef APSTUDIO_INVOKED

#ifndef APSTUDIO_READONLY_SYMBOLS

#define _APS_NO_MFC 1

#define _APS_NEXT_RESOURCE_VALUE 134

#define _APS_NEXT_COMMAND_VALUE 40001

#define _APS_NEXT_CONTROL_VALUE 1110

#define _APS_NEXT_SYMED_VALUE 101

Encryption for the Masses 2.02a, which is Copyright (c) 1998-2000 Paul Le Roux

and which is governed by the 'License Agreement for Encryption for the Masses'

Modifications and additions to the original source code (contained in this file)

and all other portions of this file are Copyright (c) 2013-2017 IDRIX

and are governed by the Apache License 2.0 the full text of which is

contained in the file License.txt included in VeraCrypt binary and source

code distribution packages. */

#include "Tcdefs.h"

#include <stdlib.h>

#include <limits.h>

#include <time.h>

#include <errno.h>

#include <io.h>

#include <sys/stat.h>

#include <shlobj.h>

#include "Crypto.h"

#include "cpu.h"

#include "Apidrvr.h"

#include "Dlgcode.h"

#include "Language.h"

#include "Combo.h"

#include "Registry.h"

#include "Boot/Windows/BootDefs.h"

#include "Common/Common.h"

{

SYSENC_COMMAND_NONE = 0,

SYSENC_COMMAND_RESUME,

SYSENC_COMMAND_STARTUP_SEQ_RESUME,

SYSENC_COMMAND_ENCRYPT,

SYSENC_COMMAND_DECRYPT,

SYSENC_COMMAND_CREATE_HIDDEN_OS,

SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV

};

typedef struct

{

int NumberOfSysDrives; // Number of drives that contain an operating system. -1: unknown, 1: one, 2: two or more

int MultipleSystemsOnDrive; // Multiple systems are installed on the drive where the currently running system resides. -1: unknown, 0: no, 1: yes

int BootLoaderLocation; // Boot loader (boot manager) installed in: 1: MBR/1st cylinder, 0: partition/bootsector: -1: unknown

int BootLoaderBrand; // -1: unknown, 0: Microsoft Windows, 1: any non-Windows boot manager/loader

int SystemOnBootDrive; // If the currently running operating system is installed on the boot drive. -1: unknown, 0: no, 1: yes

} SYSENC_MULTIBOOT_CFG;

#define SYSENC_PAUSE_RETRY_INTERVAL 100

volatile BOOL bHiddenOS = FALSE; /* If TRUE, we are performing or (or supposed to perform) actions relating to an operating system installed in a hidden volume (i.e., encrypting a decoy OS partition or creating the outer/hidden volume for the hidden OS). To determine or set the phase of the process, call ChangeHiddenOSCreationPhase() and DetermineHiddenOSCreationPhase()) */

BOOL bDirectSysEncMode = FALSE;

BOOL bDirectSysEncModeCommand = SYSENC_COMMAND_NONE;

BOOL DirectDeviceEncMode = FALSE;

BOOL DirectNonSysInplaceDecStartMode = FALSE;

BOOL DirectNonSysInplaceEncResumeMode = FALSE;

BOOL DirectNonSysInplaceDecResumeMode = FALSE;

BOOL DirectPromptNonSysInplaceEncResumeMode = FALSE;

BOOL DirectCreationMode = FALSE;

volatile BOOL bInPlaceDecNonSys = FALSE; /* If TRUE, existing data on a non-system partition/volume are to be decrypted in place (for system encryption, this flag is ignored) */

volatile BOOL bInPlaceEncNonSysResumed = FALSE; /* If TRUE, the wizard is supposed to resume (or has resumed) process of non-system in-place encryption/decryption. */

volatile BOOL bFirstNonSysInPlaceEncResumeDone = FALSE;

__int64 NonSysInplaceEncBytesDone = 0;

__int64 NonSysInplaceEncTotalSize = 0;

BOOL bDeviceTransformModeChoiceMade = FALSE; /* TRUE if the user has at least once manually selected the 'in-place' or 'format' option (on the 'device transform mode' page). */

int nNeedToStoreFilesOver4GB = 0; /* Whether the user wants to be able to store files larger than 4GB on the volume: -1 = Undecided or error, 0 = No, 1 = Yes */

int nVolumeEA = 1; /* Default encryption algorithm */

BOOL bSystemEncryptionInProgress = FALSE; /* TRUE when encrypting/decrypting the system partition/drive (FALSE when paused). */

BOOL bWholeSysDrive = FALSE; /* Whether to encrypt the entire system drive or just the system partition. */

#else

BOOL bWarnDeviceFormatAdvanced = FALSE;

#endif

BOOL bWarnOuterVolSuitableFileSys = TRUE;

Password volumePassword; /* User password */

Password outerVolumePassword; /* Outer volume user password */

char szVerify[MAX_PASSWORD + 1]; /* Tmp password buffer */

char szRawPassword[MAX_PASSWORD + 1]; /* Password before keyfile was applied to it */

int volumePim = 0;

int outerVolumePim = 0;

BOOL bHistoryCmdLine = FALSE; /* History control is always disabled */

BOOL ComServerMode = FALSE;

Password CmdVolumePassword = {0}; /* Password passed from command line */

int CmdVolumeEA = 0;

SYSENC_MULTIBOOT_CFG SysEncMultiBootCfg;

wchar_t SysEncMultiBootCfgOutcome [4096] = {L'N',L'/',L'A',0};

volatile int NonSysInplaceEncStatus = NONSYS_INPLACE_ENC_STATUS_NONE;

LONGLONG nAvailableFreeSpace = -1;

BOOL bIsSparseFilesSupportedByHost = FALSE;

vector <HostDevice> DeferredNonSysInPlaceEncDevices;

int iMaxPasswordLength = MAX_PASSWORD;

// specific definitions and implementation for support of resume operation

// in wait dialog mechanism

void CALLBACK ResumeInPlaceEncWaitThreadProc(void* pArg, HWND hwndDlg)

{

wchar_t szDevicePath[MAX_PATH] = {0};

RawDevicesDlgParam param;

param.devices = GetAvailableHostDevices (false, true, false);

{

int nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETCURSEL, 0, 0);

if (nIndex == CB_ERR)

{

SetWindowText (GetDlgItem (hwndDlg, IDC_BOX_HELP), L"");

}

else

{

wchar_t name[100];

nIndex = (int) SendMessage (GetDlgItem (hwndDlg, IDC_COMBO_BOX), CB_GETITEMDATA, nIndex, 0);

EAGetName (name, ARRAYSIZE(name),nIndex, 0);

}

}

static void VerifySizeAndUpdate (HWND hwndDlg, BOOL bUpdate)

{

BOOL bEnable = TRUE;

wchar_t szTmp[50];

__int64 lTmp;

__int64 i;

static unsigned __int64 nLastVolumeSize = 0;

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL"));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE);

UpdateWizardModeControls (hwndDlg, WizardMode);

break;

case SYSENC_TYPE_PAGE:

bHiddenVolHost = bHiddenVol = bHiddenOS;

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bDirectSysEncMode);

SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL"));

break;

case SYSENC_HIDDEN_OS_REQ_CHECK_PAGE:

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_TITLE"));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_HIDDEN_OS_REQ_CHECK_PAGE_HELP"));

SetWindowTextW (GetDlgItem (MainDlg, IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (MainDlg, IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (MainDlg, IDCANCEL), GetString ("CANCEL"));

EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), TRUE);

EnableWindow (GetDlgItem (MainDlg, IDC_PREV), bDirectSysEncModeCommand != SYSENC_COMMAND_CREATE_HIDDEN_OS && bDirectSysEncModeCommand != SYSENC_COMMAND_CREATE_HIDDEN_OS_ELEV);

DisableIfGpt(GetDlgItem(hwndDlg, IDC_WHOLE_SYS_DRIVE));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("CANCEL"));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);

break;

case SYSENC_PRE_DRIVE_ANALYSIS_PAGE:

Init2RadButtonPageYesNo (SysEncDetectHiddenSectors);

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYSENC_PRE_DRIVE_ANALYSIS_TITLE"));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYSENC_PRE_DRIVE_ANALYSIS_HELP"));

break;

case SYSENC_DRIVE_ANALYSIS_PAGE:

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), !bInPlaceEncNonSys);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);

}

break;

case PASSWORD_PAGE:

{

wchar_t str[1000];

hPasswordInputField = GetDlgItem (hwndDlg, IDC_PASSWORD);

hVerifyPasswordInputField = GetDlgItem (hwndDlg, IDC_VERIFY);

ToNormalPwdField (hwndDlg, IDC_PASSWORD);

ToNormalPwdField (hwndDlg, IDC_VERIFY);

if (SysEncInEffect ())

{

ToBootPwdField (hwndDlg, IDC_PASSWORD);

ToBootPwdField (hwndDlg, IDC_VERIFY);

{

if (keybLayout != 0x00000409 && keybLayout != 0x04090409)

{

return 1;

}

bKeyboardLayoutChanged = TRUE;

}

if (SetTimer (MainDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)

{

Error ("CANNOT_SET_TIMER", MainDlg);

EndMainDlg (MainDlg);

return 1;

}

}

if (bHiddenVolHost)

{

StringCbCopyW (str, sizeof(str), GetString (bHiddenOS ? "PASSWORD_SYSENC_OUTERVOL_HELP" : "PASSWORD_HIDDENVOL_HOST_HELP"));

}

else if (bHiddenVol)

{

StringCbPrintfW (str, sizeof str, L"%s%s",

GetString (bHiddenOS ? "PASSWORD_HIDDEN_OS_HELP" : "PASSWORD_HIDDENVOL_HELP"),

GetString ("PASSWORD_HELP"));

}

else

{

}

SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), str);

if (CreatingHiddenSysVol())

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_HIDDEN_OS_TITLE"));

else if (bHiddenVol)

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString (bHiddenVolHost ? "PASSWORD_HIDVOL_HOST_TITLE" : "PASSWORD_HIDVOL_TITLE"));

else if (WizardMode == WIZARD_MODE_SYS_DEVICE)

else

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("PASSWORD_TITLE"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);

VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (GetParent (hwndDlg), IDC_NEXT),

GetDlgItem (hwndDlg, IDC_PASSWORD),

GetDlgItem (hwndDlg, IDC_VERIFY),

NULL,

NULL,

KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

}

break;

case PIM_PAGE:

{

SendMessage (GetDlgItem (hwndDlg, IDC_PIM), EM_LIMITTEXT, SysEncInEffect()? MAX_BOOT_PIM: MAX_PIM, 0);

if (volumePim > 0)

{

SetPim (hwndDlg, IDC_PIM, volumePim);

DisplayPortionsOfKeys (hHeaderKey, hMasterKey, HeaderKeyGUIView, MasterKeyGUIView, !showKeys);

break;

case SYSENC_RESCUE_DISK_CREATION_PAGE:

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_INFO), bSystemIsGPT? GetString ("RESCUE_DISK_EFI_INFO"): GetString ("RESCUE_DISK_INFO"));

SetCheckBox (hwndDlg, IDC_SKIP_RESCUE_VERIFICATION, bDontVerifyRescueDisk);

SetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), TRUE);

break;

case SYSENC_RESCUE_DISK_BURN_PAGE:

{

wchar_t szTmp[8192];

else

{

StringCbPrintfW (szTmp, sizeof szTmp,

GetString (bDontVerifyRescueDisk ? "RESCUE_DISK_BURN_INFO_NO_CHECK" : "RESCUE_DISK_BURN_INFO"),

szRescueDiskISO, IsWindowsIsoBurnerAvailable() ? L"" : GetString ("RESCUE_DISK_BURN_INFO_NONWIN_ISO_BURNER"));

}

SetWindowTextW (GetDlgItem (hwndDlg, IDT_RESCUE_DISK_BURN_INFO), szTmp);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);

}

break;

case SYSENC_RESCUE_DISK_VERIFIED_PAGE:

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("RESCUE_DISK_DISK_VERIFIED_TITLE"));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("RESCUE_DISK_VERIFIED_INFO"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("NEXT"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE);

// Prevent losing the burned rescue disk by inadvertent exit

bConfirmQuit = TRUE;

break;

case SYSENC_WIPE_MODE_PAGE:

case NONSYS_INPLACE_ENC_WIPE_MODE_PAGE:

{

}

break;

case SYSENC_PRETEST_INFO_PAGE:

if (bHiddenOS)

{

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("HIDDEN_OS_CREATION_PREINFO_TITLE"));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("HIDDEN_OS_CREATION_PREINFO_HELP"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("START"));

else

{

wchar_t finalMsg[8024] = {0};

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_TITLE"));

try

{

StringCbPrintfW (finalMsg, sizeof(finalMsg),

GetString ("SYS_ENCRYPTION_PRETEST_INFO"),

}

catch (Exception &e)

{

e.Show (hwndDlg);

EndMainDlg (MainDlg);

return 0;

}

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), finalMsg);

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("TEST"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), TRUE);

break;

case SYSENC_PRETEST_RESULT_PAGE:

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_TITLE"));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString ("SYS_ENCRYPTION_PRETEST_RESULT_INFO"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), GetString ("ENCRYPT"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER"));

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE);

break;

case SYSENC_ENCRYPTION_PAGE:

if (CreateSysEncMutex ())

{

try

{

BootEncStatus = BootEncObj->GetStatus();

bSystemEncryptionInProgress = BootEncStatus.SetupInProgress;

catch (Exception &e)

{

e.Show (hwndDlg);

Error ("ERR_GETTING_SYSTEM_ENCRYPTION_STATUS", MainDlg);

EndMainDlg (MainDlg);

return 0;

}

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_BOX_TITLE),

GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPTION" : "DECRYPTION"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDCANCEL), GetString ("DEFER"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_PREV), GetString ("PREV"));

SetWindowTextW (GetDlgItem (GetParent (hwndDlg), IDC_NEXT),

GetString (SystemEncryptionStatus != SYSENC_STATUS_DECRYPTING ? "ENCRYPT" : "DECRYPT"));

SetWindowTextW (GetDlgItem (hwndDlg, IDC_PAUSE),

GetString (bSystemEncryptionInProgress ? "IDC_PAUSE" : "RESUME"));

EnableWindow (GetDlgItem (hwndDlg, IDC_PAUSE), BootEncStatus.DriveEncrypted);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_PREV), FALSE);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDC_NEXT), !BootEncStatus.SetupInProgress);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDCANCEL), TRUE);

EnableWindow (GetDlgItem (GetParent (hwndDlg), IDHELP), TRUE);

if (SystemEncryptionStatus == SYSENC_STATUS_DECRYPTING)

{

nWipeMode = TC_WIPE_NONE;

EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE);

EnableWindow (GetDlgItem (hwndDlg, IDT_WIPE_MODE), FALSE);

PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), TRUE, TRUE, FALSE);

SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);

}

else

{

EnableWindow (GetDlgItem (hwndDlg, IDC_WIPE_MODE), !bSystemEncryptionInProgress);

PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, TRUE, FALSE);

SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &nWipeMode);

}

PostMessage (hwndDlg, TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS, 0, 0);

}

else

{

Error ("SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE", MainDlg);

EndMainDlg (MainDlg);

return 0;

}

return 0;

case WM_HELP:

OpenPageHelp (GetParent (hwndDlg), nCurPageNo);

return 1;

case TC_APPMSG_PERFORM_POST_SYSENC_WMINIT_TASKS:

AfterSysEncProgressWMInitTasks (hwndDlg);

return 1;

case WM_CTLCOLORSTATIC:

{

if (PimValueChangedWarning && ((HWND)lParam == GetDlgItem(hwndDlg, IDC_PIM_HELP)) )

{

// we're about to draw the static

// set the text colour in (HDC)lParam

SetBkMode((HDC)wParam,TRANSPARENT);

SetTextColor((HDC)wParam, RGB(255,0,0));

// NOTE: per documentation as pointed out by selbie, GetSolidBrush would leak a GDI handle.

return (BOOL)GetSysColorBrush(COLOR_MENU);

}

}

bHiddenVol = FALSE;

bHiddenVolHost = FALSE;

return 1;

case IDC_HIDDEN_SYSENC_INFO_LINK:

Applink ("hiddensysenc");

return 1;

}

}

if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE && lw == IDC_HIDDEN_SYSENC_INFO_LINK)

{

Applink ("hiddensysenc");

return 1;

}

if (nCurPageNo == SYSENC_SPAN_PAGE)

{

switch (lw)

{

}

if (hw == EN_CHANGE && nCurPageNo == SIZE_PAGE)

{

VerifySizeAndUpdate (hwndDlg, FALSE);

return 1;

}

if (hw == EN_CHANGE && nCurPageNo == PASSWORD_PAGE)

{

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

return 1;

}

if (hw == EN_CHANGE && nCurPageNo == PIM_PAGE)

{

if (lw == IDC_PIM)

{

if(GetPim (hwndDlg, IDC_PIM, 0) != 0)

{

PimValueChangedWarning = TRUE;

HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PASSWORD, IDC_PASSWORD, IDC_VERIFY);

return 1;

}

if (lw == IDC_SHOW_PIM && nCurPageNo == PIM_PAGE)

{

HandleShowPasswordFieldAction (hwndDlg, IDC_SHOW_PIM, IDC_PIM, 0);

return 1;

}

if (lw == IDC_PIM_ENABLE)

{

PimEnable = GetCheckBox (hwndDlg, IDC_PIM_ENABLE);

if (!PimEnable)

volumePim = 0;

if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE

|| nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE

)

{

ShowWindow (GetDlgItem( hwndDlg, IDC_PIM_ENABLE), PimEnable? SW_HIDE : SW_SHOW);

}

if ( hw == EN_CHANGE )

{

GetDlgItemText (hwndDlg, IDC_RESCUE_DISK_ISO_PATH, szRescueDiskISO, sizeof(szRescueDiskISO));

EnableWindow (GetDlgItem (MainDlg, IDC_NEXT), (GetWindowTextLength (GetDlgItem (hwndDlg, IDC_RESCUE_DISK_ISO_PATH)) > 1));

return 1;

}

}

{

}

if ((nCurPageNo == SYSENC_WIPE_MODE_PAGE

|| nCurPageNo == NONSYS_INPLACE_ENC_WIPE_MODE_PAGE

|| nCurPageNo == DEVICE_WIPE_MODE_PAGE)

&& hw == CBN_SELCHANGE)

{

nWipeMode = (WipeAlgorithmId) SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE),

CB_GETITEMDATA,

SendMessage (GetDlgItem (hCurPage, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0),

{

exit (1);

}

volTransformThreadFunction (hwndDlg);

exit (bOperationSuccess? 0 : 1);

}

SHGetFolderPath (NULL, CSIDL_MYDOCUMENTS, NULL, 0, szRescueDiskISO);

if (IsOSAtLeast (WIN_VISTA))

{

// Availability of in-place encryption (which is pre-selected by default whenever

// possible) makes partition-hosted volume creation safer.

bWarnDeviceFormatAdvanced = FALSE;

}

#ifdef _DEBUG

// For faster testing

StringCchCopyA (szVerify, ARRAYSIZE(szVerify), "q");

{

// Keyboard layout is not standard US

WipePasswordsAndKeyfiles (true);

SetPassword (hCurPage, IDC_PASSWORD, szRawPassword);

SetPassword (hCurPage, IDC_VERIFY, szVerify);

keybLayout = (DWORD) LoadKeyboardLayout (L"00000409", KLF_ACTIVATE);

if (keybLayout != 0x00000409 && keybLayout != 0x04090409)

{

KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD);

Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", MainDlg);

EndMainDlg (MainDlg);

return 1;

}

bKeyboardLayoutChanged = TRUE;

wchar_t szTmp [4096];

StringCbCopyW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_CHANGE_PREVENTED"));

StringCbCatW (szTmp, sizeof(szTmp), L"\n\n");

StringCbCatW (szTmp, sizeof(szTmp), GetString ("KEYB_LAYOUT_SYS_ENC_EXPLANATION"));

MessageBoxW (MainDlg, szTmp, lpszTitle, MB_ICONWARNING | MB_SETFOREGROUND | MB_TOPMOST);

{

}

}

}

return 1;

case TIMER_ID_SYSENC_DRIVE_ANALYSIS_PROGRESS:

if (bSysEncDriveAnalysisInProgress)

{

UpdateProgressBarProc (GetTickCount() - SysEncDriveAnalysisStart);

if (GetTickCount() - SysEncDriveAnalysisStart > SYSENC_DRIVE_ANALYSIS_ETA)

{

// It's taking longer than expected -- reinit the progress bar

SysEncDriveAnalysisStart = GetTickCount ();

}

EndMainDlg (hwndDlg);

return 1;

case WM_COMMAND:

if (lw == IDHELP)

{

return 1;

}

else if (lw == IDCANCEL)

{

PostMessage (hwndDlg, TC_APPMSG_FORMAT_USER_QUIT, 0, 0);

return 1;

}

else if (lw == IDC_NEXT)

{

if (nCurPageNo == INTRO_PAGE)

}

else if (nCurPageNo == SYSENC_TYPE_PAGE)

{

if (bHiddenOS)

{

bWholeSysDrive = FALSE;

bHiddenVolDirect = FALSE;

}

if (!bHiddenOS)

}

else if (nCurPageNo == SYSENC_HIDDEN_OS_REQ_CHECK_PAGE)

{

WaitCursor ();

try

{

BootEncObj->CheckRequirementsHiddenOS ();

if (CheckGapBetweenSysAndHiddenOS ())

Warning ("GAP_BETWEEN_SYS_AND_HIDDEN_OS_PARTITION", MainDlg);

return 1;

}

}

if (!(bHiddenVolDirect && bHiddenVolHost))

nNewPageNo = PASSWORD_PAGE - 1;

}

else if (nCurPageNo == PASSWORD_PAGE)

{

VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT),

GetDlgItem (hCurPage, IDC_PASSWORD),

GetDlgItem (hCurPage, IDC_VERIFY),

volumePassword.Text,

szVerify,

KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect());

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

if (volumePassword.Length > 0)

{

// Password character encoding

if (SysEncInEffect () && !CheckPasswordCharEncoding (GetDlgItem (hCurPage, IDC_PASSWORD), NULL))

{

Error ("UNSUPPORTED_CHARS_IN_PWD", hwndDlg);

return 1;

}

else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), SysEncInEffect()? hash_algo : 0, FALSE, FALSE))

{

return 1;

}

}

// Store the password in case we need to restore it after keyfile is applied to it

if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, iMaxPasswordLength + 1, FALSE, TRUE))

return 1;

KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD);

if (bKeyboardLayoutChanged)

{

// Restore the original keyboard layout

if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL)

Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg);

else

bKeyboardLayoutChanged = FALSE;

}

}

if (!PimEnable)

{

// PIM not activated. Skip PIM page

nNewPageNo = PIM_PAGE;

volumePim = 0;

if (!CreatingHiddenSysVol() && bHiddenVol && !bHiddenVolHost)

{

if ( (volumePim == outerVolumePim)

&& (volumePassword.Length == outerVolumePassword.Length)

&& (0 == memcmp (volumePassword.Text, outerVolumePassword.Text, volumePassword.Length))

)

{

Warning ("HIDDEN_CREDS_SAME_AS_OUTER", hwndDlg);

return 1;

}

}

if (bInPlaceEncNonSys)

{

nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1; // Skip irrelevant pages

}

else if (WizardMode != WIZARD_MODE_SYS_DEVICE

&& !FileSize4GBLimitQuestionNeeded ()

|| CreatingHiddenSysVol()) // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector).

{

nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages

}

}

}

else if (nCurPageNo == PIM_PAGE)

{

volumePim = GetPim (hCurPage, IDC_PIM, 0);

if (!SysEncInEffect() && (volumePim > MAX_PIM_VALUE))

{

SetFocus (GetDlgItem(hCurPage, IDC_PIM));

Error ("PIM_TOO_BIG", hwndDlg);

if (volumePassword.Length > 0)

{

// Password character encoding

if (SysEncInEffect() && (volumePim > MAX_BOOT_PIM_VALUE))

{

SetFocus (GetDlgItem(hCurPage, IDC_PIM));

Error ("PIM_SYSENC_TOO_BIG", hwndDlg);

return 1;

}

// Check password length (check also done for outer volume which is not the case in TrueCrypt).

{

return 1;

}

}

if (bInPlaceEncNonSys)

{

nNewPageNo = NONSYS_INPLACE_ENC_RAND_DATA_PAGE - 1; // Skip irrelevant pages

}

else if (WizardMode != WIZARD_MODE_SYS_DEVICE

&& !FileSize4GBLimitQuestionNeeded ()

|| CreatingHiddenSysVol()) // If we're creating a hidden volume for a hidden OS, we don't need to format it with any filesystem (the entire OS will be copied to the hidden volume sector by sector).

{

nNewPageNo = FORMAT_PAGE - 1; // Skip irrelevant pages

}

}

else if (nCurPageNo == HIDDEN_VOL_HOST_PASSWORD_PAGE

|| nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE)

{

WaitCursor ();

if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, iMaxPasswordLength + 1, FALSE, TRUE))

{

NormalCursor ();

return 1;

}

else if (lw == IDC_PREV)

{

if (nCurPageNo == SYSENC_SPAN_PAGE)

{

// Skip irrelevant pages when going back

if (!bHiddenOS)

nNewPageNo = SYSENC_TYPE_PAGE + 1;

}

if (nCurPageNo == SYSENC_MULTI_BOOT_MODE_PAGE)

{

// Skip the drive analysis page(s) or other irrelevant pages when going back

if (bHiddenOS)

nNewPageNo = SYSENC_HIDDEN_OS_REQ_CHECK_PAGE + 1;

else if (bWholeSysDrive)

nNewPageNo = SYSENC_PRE_DRIVE_ANALYSIS_PAGE + 1;

else

nNewPageNo = SYSENC_SPAN_PAGE + 1;

}

szVerify,

KeyFilesEnable && FirstKeyFile!=NULL && !SysEncInEffect ());

volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);

nNewPageNo = SIZE_PAGE + 1; // Skip the hidden volume host password page

if (SysEncInEffect ())

{

KillTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD);

if (bKeyboardLayoutChanged)

{

// Restore the original keyboard layout

if (LoadKeyboardLayout (OrigKeyboardLayout, KLF_ACTIVATE | KLF_SUBSTITUTE_OK) == NULL)

Warning ("CANNOT_RESTORE_KEYBOARD_LAYOUT", hwndDlg);

else

bKeyboardLayoutChanged = FALSE;

DISK_GEOMETRY_EX geometry;

if (!GetDriveGeometry (szDiskFile, &geometry))

{

handleWin32Error (MainDlg, SRC_POS);

AbortProcessSilent();

}

return geometry.Geometry.BytesPerSector;

}

extern __int64 NonSysInplaceEncBytesDone;

extern __int64 NonSysInplaceEncTotalSize;

extern int nPbar;

extern volatile int WizardMode;

extern volatile BOOL bInPlaceEncNonSysResumed;

extern wchar_t HeaderKeyGUIView [KEY_GUI_VIEW_SIZE];

extern wchar_t MasterKeyGUIView [KEY_GUI_VIEW_SIZE];

extern volatile int NonSysInplaceEncStatus;

#ifdef __cplusplus

}

#endif

</Component>

<Component Id="cmpB313B00E647A121B2CBE47F3048A18A7" Guid="{5985576D-6F6C-4D96-9B3E-9E0961CF9FAF}">

<File Id="fil2EB5F87C05CCC55D3964D595C85EF19E" KeyPath="yes" Source="$(sys.CURRENTDIR)\docs\html\en\Release Notes.html" DiskId="1" />

</Component>

<Component Id="cmp400428F6494DE58618E3B92539548C39" Guid="{0A1869ED-25F1-4430-97A5-4C6EA8CDA7FC}">

<File Id="filEDEDEF956F04F36B4163989F9AB9285F" KeyPath="yes" Source="$(sys.CURRENTDIR)\docs\html\en\Removable Medium Volume.html" DiskId="1" />

</Component>

<Component Id="cmpFB2313AB16EF2467366ED136C0E61CE6" Guid="{CFEC9559-9F85-46C6-9E98-AEBB573B96FE}">

<File Id="filE496203C4727FDF47F8352CB9722A8C7" KeyPath="yes" Source="$(sys.CURRENTDIR)\docs\html\en\Removing Encryption.html" DiskId="1" />

</Component>

<Component Id="cmpB4C7B1A7A3EC0CB2DE805AC5CC5FC0D7" Guid="{4534E8B2-114E-4173-AE3E-75E0D96EB573}">

<File Id="fil8CFD1CFDCBE261B6F91D9E587F8720C0" KeyPath="yes" Source="$(sys.CURRENTDIR)\docs\html\en\Security Model.html" DiskId="1" />

</Component>

<Component Id="cmp00540BF93A805E0B9996945B61E1BC2F" Guid="{1D5B7A85-87F3-45AF-9C09-BA7E088A835D}">

<File Id="filA7A29851126AC571C090BB0FBEE83CB5" KeyPath="yes" Source="$(sys.CURRENTDIR)\docs\html\en\Security Requirements and Precautions.html" DiskId="1" />

</Component>

<Component Id="cmp4C46C6668AD830D543AFE593D51676B3" Guid="{4CD21E9D-243F-4A58-A535-AA8EF9D2BFD1}">

<File Id="fil440C5158A3CD96689918C976DC917325" KeyPath="yes" Source="$(sys.CURRENTDIR)\docs\html\en\Security Requirements for Hidden Volumes.html" DiskId="1" />

</Component>

<Component Id="cmp6EE914124966E3A0F695359116413DD4" Guid="{724FA79D-49BC-4075-ABF4-0C318AE39855}">

<ComponentRef Id="cmpF36A771DF9B1C4CD8E82C08A6D3D0786" />

<ComponentRef Id="cmp63F6A68C5538B45661168554BC3B93D1" />

<ComponentRef Id="cmp0158A6D8BED6391AC7150B6C6AE2A9F9" />

<ComponentRef Id="cmpDE45667E9E3CD9F800EAC1E02B57AAB7" />

<ComponentRef Id="cmp632453049391BAACDD117A40EC442743" />

<ComponentRef Id="cmpCE16E453CAD75A461B4FEBF451A51B7B" />

<ComponentRef Id="cmpC741D187A28A87BD33866C9AC09A1298" />

<ComponentRef Id="cmpB313B00E647A121B2CBE47F3048A18A7" />

<ComponentRef Id="cmp400428F6494DE58618E3B92539548C39" />

<ComponentRef Id="cmpFB2313AB16EF2467366ED136C0E61CE6" />

<ComponentRef Id="cmpB4C7B1A7A3EC0CB2DE805AC5CC5FC0D7" />

<ComponentRef Id="cmp00540BF93A805E0B9996945B61E1BC2F" />

<ComponentRef Id="cmp4C46C6668AD830D543AFE593D51676B3" />

<ComponentRef Id="cmp6EE914124966E3A0F695359116413DD4" />

<ComponentRef Id="cmp28E29B4CA17AB51913B756CD9397EEFE" />

<ComponentRef Id="cmp5DF24509F284FABC600232197F803DE5" />

<ComponentRef Id="cmp09E31B885345FBEA1F473AF7A10FD88D" />

<ComponentRef Id="cmpAE05C79A35A43ECCAC995A711DC4D60B" />

<ComponentRef Id="cmpB6D91209A93313D08150643F1738DED8" />

<ComponentRef Id="cmpDB66E821EC13977824FB1069DF5DAA69" />

<!-- Set the ARP -->

<Custom Action="SetARPINSTALLLOCATION" After="InstallValidate"></Custom>

<!-- ScheduleReboot only after DoChecks, which sets ISREBOOTREQUIRED -->

<ScheduleReboot After="DoChecks">ISREBOOTREQUIRED = "1"</ScheduleReboot>

</InstallExecuteSequence>

</Product>