Windows: Implement GUI indicator for entropy collected from mouse movements.

2025-11-12 11:28:26 -06:00 · 2016-01-31 20:28:00 +01:00
parent b407512248
commit 77885de85e
10 changed files with 284 additions and 60 deletions
--- a/src/ExpandVolume/DlgExpandVolume.cpp
+++ b/src/ExpandVolume/DlgExpandVolume.cpp
@@ -240,6 +240,14 @@ BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, L
 	static EXPAND_VOL_THREAD_PARAMS *pProgressDlgParam;
 	static BOOL bVolTransformStarted = FALSE;
 	static BOOL showRandPool = TRUE;
+	static unsigned char randPool[16];
+	static unsigned char maskRandPool [16];
+	static BOOL bUseMask = FALSE;
+	static DWORD mouseEntropyGathered = 0xFFFFFFFF;
+	static DWORD mouseEventsInitialCount = 0;
+	/* max value of entropy needed to fill all random pool = 8 * RNG_POOL_SIZE = 2560 bits */
+	static const DWORD maxEntropyLevel = RNG_POOL_SIZE * 8;
+	static HWND hEntropyBar = NULL;

 	WORD lw = LOWORD (wParam);

@@ -248,14 +256,29 @@ BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, L
 	case WM_INITDIALOG:
 		{
 			wchar_t szOldHostSize[512], szNewHostSize[512];
+			HCRYPTPROV hRngProv;

 			pProgressDlgParam = (EXPAND_VOL_THREAD_PARAMS*)lParam;
 			bVolTransformStarted = FALSE;
-			showRandPool = TRUE;
+			showRandPool = FALSE;

 			hCurPage = hwndDlg;
 			nPbar = IDC_PROGRESS_BAR;

+			VirtualLock (randPool, sizeof(randPool));
+			VirtualLock (&mouseEntropyGathered, sizeof(mouseEntropyGathered));
+			VirtualLock (maskRandPool, sizeof(maskRandPool));
+
+			mouseEntropyGathered = 0xFFFFFFFF;
+			mouseEventsInitialCount = 0;
+			bUseMask = FALSE;
+			if (CryptAcquireContext (&hRngProv, NULL, MS_ENHANCED_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT))
+			{
+				if (CryptGenRandom (hRngProv, sizeof (maskRandPool), maskRandPool))
+					bUseMask = TRUE;
+				CryptReleaseContext (hRngProv, 0);
+			}
+
 			GetSpaceString(szOldHostSize,sizeof(szOldHostSize),pProgressDlgParam->oldSize,pProgressDlgParam->bIsDevice);
 			GetSpaceString(szNewHostSize,sizeof(szNewHostSize),pProgressDlgParam->newSize,pProgressDlgParam->bIsDevice);

@@ -283,6 +306,9 @@ BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, L
 			}

 			SendMessage (GetDlgItem (hwndDlg, IDC_DISPLAY_POOL_CONTENTS), BM_SETCHECK, showRandPool ? BST_CHECKED : BST_UNCHECKED, 0);
+			hEntropyBar = GetDlgItem (hwndDlg, IDC_ENTROPY_BAR);
+			SendMessage (hEntropyBar, PBM_SETRANGE32, 0, maxEntropyLevel);
+			SendMessage (hEntropyBar, PBM_SETSTEP, 1, 0);
 			SetTimer (hwndDlg, TIMER_ID_RANDVIEW, TIMER_INTERVAL_RANDVIEW, NULL);
 		}
 		return 0;
@@ -315,20 +341,56 @@ BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, L
 		{
 		case TIMER_ID_RANDVIEW:
 			{
-				unsigned char tmp[16] = {0};
 				wchar_t szRndPool[64] = {0};
+				DWORD mouseEventsCounter;

-				if (!showRandPool)
-					return 1;
+				RandpeekBytes (hwndDlg, randPool, sizeof (randPool),&mouseEventsCounter);

-				RandpeekBytes (hwndDlg, tmp, sizeof (tmp));
+				/* conservative estimate: 1 mouse move event brings 1 bit of entropy
+				 * https://security.stackexchange.com/questions/32844/for-how-much-time-should-i-randomly-move-the-mouse-for-generating-encryption-key/32848#32848
+				 */
+				if (mouseEntropyGathered == 0xFFFFFFFF)
+				{
+					mouseEventsInitialCount = mouseEventsCounter;
+					mouseEntropyGathered = 0;
+				}
+				else
+				{
+					if (	mouseEntropyGathered < maxEntropyLevel 
+						&& (mouseEventsCounter >= mouseEventsInitialCount) 
+						&& (mouseEventsCounter - mouseEventsInitialCount) <= maxEntropyLevel)
+						mouseEntropyGathered = mouseEventsCounter - mouseEventsInitialCount;
+					else
+						mouseEntropyGathered = maxEntropyLevel;

-				StringCbPrintfW (szRndPool, sizeof(szRndPool), L"%08X%08X%08X%08X", 
-					*((DWORD*) (tmp + 12)), *((DWORD*) (tmp + 8)), *((DWORD*) (tmp + 4)), *((DWORD*) (tmp)));
+					SendMessage (hEntropyBar, PBM_SETPOS, 
+					(WPARAM) (mouseEntropyGathered),
+					0);
+				}
+
+				if (showRandPool)
+					StringCbPrintfW (szRndPool, sizeof(szRndPool), L"%08X%08X%08X%08X", 
+						*((DWORD*) (randPool + 12)), *((DWORD*) (randPool + 8)), *((DWORD*) (randPool + 4)), *((DWORD*) (randPool)));
+				else if (bUseMask)
+				{
+					for (int i = 0; i < 16; i++)
+					{
+						wchar_t tmp2[3];
+						unsigned char tmpByte = randPool[i] ^ maskRandPool[i];
+						tmp2[0] = (wchar_t) (((tmpByte >> 4) % 6) + L'*');
+						tmp2[1] = (wchar_t) (((tmpByte & 0x0F) % 6) + L'*');
+						tmp2[2] = 0;
+						StringCbCatW (szRndPool, sizeof(szRndPool), tmp2);
+					}
+				}
+				else
+				{
+					wmemset (szRndPool, L'*', 32);
+				}

 				SetWindowText (GetDlgItem (hwndDlg, IDC_RANDOM_BYTES), szRndPool);

-				burn (tmp, sizeof(tmp));
+				burn (randPool, sizeof(randPool));
 				burn (szRndPool, sizeof(szRndPool));
 			}
 			return 1;
@@ -382,6 +444,13 @@ BOOL CALLBACK ExpandVolProgressDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, L
 		}

 		return 0;
+
+	case WM_NCDESTROY:
+		burn (randPool, sizeof (randPool));
+		burn (&mouseEventsInitialCount, sizeof(mouseEventsInitialCount));
+		burn (&mouseEntropyGathered, sizeof(mouseEntropyGathered));
+		burn (maskRandPool, sizeof(maskRandPool));
+		return 0;
 	}

 	return 0;
--- a/src/ExpandVolume/ExpandVolume.rc
+++ b/src/ExpandVolume/ExpandVolume.rc
@@ -100,7 +100,7 @@ BEGIN
    LTEXT           "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,189,8,NOT WS_VISIBLE
 END

-IDD_EXPAND_PROGRESS_DLG DIALOGEX 0, 0, 376, 271
+IDD_EXPAND_PROGRESS_DLG DIALOGEX 0, 0, 376, 283
 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | WS_POPUP | WS_CAPTION | WS_SYSMENU
 CAPTION "VeraCrypt Expander"
 FONT 8, "MS Shell Dlg", 0, 0, 0x0
@@ -120,16 +120,18 @@ BEGIN
    RTEXT           "Volume: ",IDT_VOL_NAME,31,16,42,8
    GROUPBOX        "",IDC_STATIC,15,7,346,72
    CONTROL         "",IDC_EXPAND_VOLUME_NAME,"Static",SS_SIMPLE | WS_GROUP,80,16,275,8,WS_EX_TRANSPARENT
-    DEFPUSHBUTTON   "Continue",IDOK,15,238,84,18
-    PUSHBUTTON      "Cancel",IDCANCEL,277,238,84,18
-    EDITTEXT        IDC_BOX_STATUS,15,162,346,66,ES_MULTILINE | ES_AUTOVSCROLL | ES_READONLY | ES_WANTRETURN | WS_VSCROLL
+    DEFPUSHBUTTON   "Continue",IDOK,15,247,84,18
+    PUSHBUTTON      "Cancel",IDCANCEL,277,247,84,18
+    EDITTEXT        IDC_BOX_STATUS,15,176,346,66,ES_MULTILINE | ES_AUTOVSCROLL | ES_READONLY | ES_WANTRETURN | WS_VSCROLL
    CONTROL         "",IDC_EXPAND_VOLUME_INITSPACE,"Static",SS_SIMPLE | WS_GROUP,80,64,275,8,WS_EX_TRANSPARENT
    RTEXT           "Fill new space: ",IDT_INIT_SPACE,20,64,53,8
    RTEXT           "File system: ",IDT_FILE_SYS,31,28,42,8
    CONTROL         "",IDC_EXPAND_FILE_SYSTEM,"Static",SS_SIMPLE | WS_GROUP,80,28,275,8,WS_EX_TRANSPARENT
    RTEXT           "Random Pool: ",IDT_RANDOM_POOL2,20,144,53,8
    CONTROL         "",IDC_RANDOM_BYTES,"Static",SS_SIMPLE | WS_GROUP,80,144,149,8,WS_EX_TRANSPARENT
-    CONTROL         "",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,236,142,14,12
+    CONTROL         "Display pool content",IDC_DISPLAY_POOL_CONTENTS,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,236,142,125,12
+    GROUPBOX        "Randomness Collected From Mouse Movements",IDT_ENTROPY_BAR,20,156,214,18
+    CONTROL         "",IDC_ENTROPY_BAR,"msctls_progress32",WS_BORDER,31,165,193,6
 END


@@ -170,8 +172,8 @@ BEGIN
        VERTGUIDE, 80
        VERTGUIDE, 355
        TOPMARGIN, 9
-        BOTTOMMARGIN, 256
-        HORZGUIDE, 162
+        BOTTOMMARGIN, 268
+        HORZGUIDE, 176
    END
 END
 #endif    // APSTUDIO_INVOKED