Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 19:08:26 -06:00
Code Activity

Add option in select the number of passes for volume header over-writing. By default, it is set to 3 but it can be increased to 256 passes (which can lead to a delay of many hours for a single password change operation).

Browse Source
This commit is contained in:
Mounir IDRASSI
2014-07-27 02:36:23 +02:00
parent 97154aaf51
commit 1c11ee428d
16 changed files with 67 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/Common/Password.c
View File

@@ -119,7 +119,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, HWND hwndItem)
return TRUE;
}
int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg)
int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
{
int nDosLinkCreated = 1, nStatus = ERR_OS_ERROR;
char szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH];
@@ -323,7 +323,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
while (TRUE)
{
/* The header will be re-encrypted PRAND_DISK_WIPE_PASSES times to prevent adversaries from using
/* The header will be re-encrypted wipePassCount times to prevent adversaries from using
techniques such as magnetic force microscopy or magnetic force scanning tunnelling microscopy
to recover the overwritten header. According to Peter Gutmann, data should be overwritten 22
times (ideally, 35 times) using non-random patterns and pseudorandom data. However, as users might
@@ -335,7 +335,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
of the header to differ substantially and in a random manner from the versions written during the
other passes. */
for (wipePass = 0; wipePass < PRAND_DISK_WIPE_PASSES; wipePass++)
for (wipePass = 0; wipePass < wipePassCount; wipePass++)
{
// Prepare new volume header
nStatus = CreateVolumeHeaderInMemory (FALSE,
@@ -353,7 +353,7 @@ int ChangePwd (const char *lpszVolume, Password *oldPassword, Password *newPassw
cryptoInfo->RequiredProgramVersion,
cryptoInfo->HeaderFlags,
cryptoInfo->SectorSize,
wipePass < PRAND_DISK_WIPE_PASSES - 1);
wipePass < wipePassCount - 1);
if (ci != NULL)
crypto_close (ci);