Add option in select the number of passes for volume header over-writing. By default, it is set to 3 but it can be increased to 256 passes (which can lead to a delay of many hours for a single password change operation).

src/Mount/MainCom.cpp

@@ -100,13 +100,13 @@ public:
 		return BaseCom::CallDriver (ioctl, input, output);
 	}
 
-	virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, LONG_PTR hWnd)
+	virtual int STDMETHODCALLTYPE ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd)
 	{
 		USES_CONVERSION;
 		CW2A volumePathA(volumePath);
 		MainDlg = (HWND) hWnd;
 		if (volumePathA.m_psz)
-			return ::ChangePwd (volumePathA.m_psz, oldPassword, newPassword, pkcs5, (HWND) hWnd);
+			return ::ChangePwd (volumePathA.m_psz, oldPassword, newPassword, pkcs5, wipePassCount,(HWND) hWnd);
 		else
 			return ERR_OUTOFMEMORY;
 	}
@@ -261,7 +261,7 @@ extern "C" int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume)
 }
 
 
-extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg)
+extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg)
 {
 	CComPtr<ITrueCryptMainCom> tc;
 	int r;
@@ -269,7 +269,7 @@ extern "C" int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *
 	if (ComGetInstance (hwndDlg, &tc))
 	{
 		WaitCursor ();
-		r = tc->ChangePassword (CComBSTR (lpszVolume), oldPassword, newPassword, pkcs5, (LONG_PTR) hwndDlg);
+		r = tc->ChangePassword (CComBSTR (lpszVolume), oldPassword, newPassword, pkcs5, wipePassCount, (LONG_PTR) hwndDlg);
 		NormalCursor ();
 	}
 	else

src/Mount/MainCom.h

@@ -23,7 +23,7 @@ BOOL ComServerMain ();
 void UacAnalyzeKernelMiniDump (HWND hwndDlg);
 int UacBackupVolumeHeader (HWND hwndDlg, BOOL bRequireConfirmation, char *lpszVolume);
 int UacRestoreVolumeHeader (HWND hwndDlg, char *lpszVolume);
-int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, HWND hwndDlg);
+int UacChangePwd (char *lpszVolume, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, HWND hwndDlg);
 
 #ifdef __cplusplus
 }

src/Mount/MainCom.idl

@@ -27,7 +27,7 @@ library TrueCryptMainCom
 		void AnalyzeKernelMiniDump (LONG_PTR hwndDlg);
 		int BackupVolumeHeader (LONG_PTR hwndDlg, BOOL bRequireConfirmation, BSTR lpszVolume);
 		DWORD CallDriver (DWORD ioctl, BSTR input, BSTR *output);
-		int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, LONG_PTR hWnd);
+		int ChangePassword (BSTR volumePath, Password *oldPassword, Password *newPassword, int pkcs5, int wipePassCount, LONG_PTR hWnd);
 		DWORD CopyFile (BSTR sourceFile, BSTR destinationFile);
 		DWORD DeleteFile (BSTR file);
 		BOOL IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly);

src/Mount/Mount.c

@@ -1396,6 +1396,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
 			LPARAM nIndex;
 			HWND hComboBox = GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID);
 			int i;
+			WipeAlgorithmId headerWipeMode = TC_WIPE_3_DOD_5220;
 
 			ZeroMemory (&newKeyFilesParam, sizeof (newKeyFilesParam));
 
@@ -1427,6 +1428,9 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
 
 			SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
 
+			PopulateWipeModeCombo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), FALSE, FALSE, TRUE);
+			SelectAlgo (GetDlgItem (hwndDlg, IDC_WIPE_MODE), (int *) &headerWipeMode);
+
 			switch (pwdChangeDlgMode)
 			{
 			case PCDM_CHANGE_PKCS5_PRF:
@@ -1751,6 +1755,11 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
 			HWND hParent = GetParent (hwndDlg);
 			Password oldPassword;
 			Password newPassword;
+			WipeAlgorithmId headerWiperMode = (WipeAlgorithmId) SendMessage (
+				GetDlgItem (hwndDlg, IDC_WIPE_MODE), 
+				CB_GETITEMDATA, 
+				SendMessage (GetDlgItem (hwndDlg, IDC_WIPE_MODE), CB_GETCURSEL, 0, 0), 
+				0);
 			int nStatus;
 			int pkcs5 = SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, 
 					SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
@@ -1813,7 +1822,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
 
 				try
 				{
-					nStatus = BootEncObj->ChangePassword (&oldPassword, &newPassword, pkcs5);
+					nStatus = BootEncObj->ChangePassword (&oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode));
 				}
 				catch (Exception &e)
 				{
@@ -1825,14 +1834,14 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
 			{
 				// Non-system
 
-				nStatus = ChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, hwndDlg);
+				nStatus = ChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
 
 				if (nStatus == ERR_OS_ERROR
 					&& GetLastError () == ERROR_ACCESS_DENIED
 					&& IsUacSupported ()
 					&& IsVolumeDeviceHosted (szFileName))
 				{
-					nStatus = UacChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, hwndDlg);
+					nStatus = UacChangePwd (szFileName, &oldPassword, &newPassword, pkcs5, GetWipePassCount(headerWiperMode), hwndDlg);
 				}
 			}
 

src/Mount/Mount.rc

@@ -101,7 +101,7 @@ BEGIN
     CONTROL         "",IDC_VOLUME_PROPERTIES_LIST,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | LVS_NOSORTHEADER | WS_BORDER | WS_TABSTOP,7,6,269,154
 END
 
-IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 162
+IDD_PASSWORDCHANGE_DLG DIALOGEX 0, 0, 316, 183
 STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
 CAPTION "Change Password or Keyfiles"
 CLASS "CustomDlg"
@@ -124,7 +124,9 @@ BEGIN
     RTEXT           "Confirm Password:",IDT_CONFIRM_PASSWORD,9,93,75,16
     RTEXT           "PKCS-5 PRF:",IDT_PKCS5_PRF,9,137,74,10,SS_CENTERIMAGE
     GROUPBOX        "Current",IDT_CURRENT,6,3,238,58
-    GROUPBOX        "New",IDT_NEW,6,63,238,93
+    GROUPBOX        "New",IDT_NEW,6,63,238,113
+    COMBOBOX        IDC_WIPE_MODE,89,155,125,90,CBS_DROPDOWNLIST | WS_TABSTOP
+    RTEXT           "Wipe mode:",IDT_WIPE_MODE,9,157,74,8,0,WS_EX_RIGHT
 END
 
 IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271
@@ -351,7 +353,7 @@ BEGIN
         LEFTMARGIN, 7
         RIGHTMARGIN, 309
         TOPMARGIN, 7
-        BOTTOMMARGIN, 155
+        BOTTOMMARGIN, 176
     END
 
     IDD_MOUNT_DLG, DIALOG
@@ -593,7 +595,7 @@ BEGIN
         MENUITEM "Beginner's Tutorial",         IDM_ONLINE_TUTORIAL
         MENUITEM "Frequently Asked Questions",  IDM_FAQ
         MENUITEM SEPARATOR
-        MENUITEM "VeraCrypt Website",				IDM_WEBSITE
+        MENUITEM "VeraCrypt Website",           IDM_WEBSITE
         MENUITEM "Downloads",                   IDM_TC_DOWNLOADS
         MENUITEM "News",                        IDM_NEWS
         MENUITEM "Version History",             IDM_VERSION_HISTORY

src/Mount/Mount.vcproj

@@ -373,6 +373,10 @@
 					RelativePath="..\Common\Volumes.c"
 					>
 				</File>
+				<File
+					RelativePath="..\Common\Wipe.c"
+					>
+				</File>
 				<File
 					RelativePath="..\Common\Wipe.h"
 					>

src/Mount/Resource.h

@@ -106,11 +106,13 @@
 #define IDC_SHOW_PASSWORD_CHPWD_ORI     1083
 #define IDC_HK_DISMOUNT_PLAY_SOUND      1084
 #define IDC_HOTKEY_ASSIGN               1085
+#define IDC_WIPE_MODE                   1085
 #define IDC_HOTKEY_REMOVE               1086
 #define IDC_HOTKEY_KEY                  1087
 #define IDT_HOTKEY_KEY                  1088
 #define IDC_HOTKEY_LIST                 1089
 #define IDC_RESET_HOTKEYS               1090
+#define IDT_WIPE_MODE                   1090
 #define IDT_DISMOUNT_ACTION             1091
 #define IDT_ASSIGN_HOTKEY               1092
 #define IDC_HK_MOD_SHIFT                1093