Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 19:08:26 -06:00
Code Activity

Windows: fix documentation and UI messages about the PIM constraints and calculation formula when EFI system encryption is using SHA-512 or Whirlpool. For historical reasons, if SHA-512 or Whirlpool is selected for EFI system encryption, then iterations = 15000 + (PIM x 1000) and not iterations = PIM x 2048 like the other algorithms.

Browse Source
This commit is contained in:
Mounir IDRASSI
2017-07-02 19:35:12 +02:00
parent a0f2ffb90b
commit d1b26d4bfe
6 changed files with 27 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Common/Password.c
View File

@@ -133,14 +133,15 @@ BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw)
}
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning)
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning)
{
BOOL bCustomPimSmall = ((pim != 0) && (pim < (bForBoot? 98 : 485)))? TRUE : FALSE;
BOOL bootPimCondition = (bForBoot && (bootPRF != SHA512 && bootPRF != WHIRLPOOL))? TRUE : FALSE;
BOOL bCustomPimSmall = ((pim != 0) && (pim < (bootPimCondition? 98 : 485)))? TRUE : FALSE;
if (passwordLength < PASSWORD_LEN_WARNING)
{
if (bCustomPimSmall)
{
Error (bForBoot? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg);
Error (bootPimCondition? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg);
return FALSE;
}
@@ -157,7 +158,7 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim
}
#endif
if ((pim != 0) && (pim > (bForBoot? 98 : 485)))
if ((pim != 0) && (pim > (bootPimCondition? 98 : 485)))
{
// warn that mount/boot will take more time
Warning ("PIM_LARGE_WARNING", hwndDlg);

2
src/Common/Password.h
View File

@@ -39,7 +39,7 @@ typedef struct
#if defined(_WIN32) && !defined(TC_WINDOWS_DRIVER) && !defined(_UEFI)
void VerifyPasswordAndUpdate ( HWND hwndDlg , HWND hButton , HWND hPassword , HWND hVerify , unsigned char *szPassword , char *szVerify, BOOL keyFilesEnabled );
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning);
BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw);
int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, int old_pim, BOOL truecryptMode, Password *newPassword, int pkcs5, int pim, int wipePassCount, HWND hwndDlg);

8
src/Format/Tcformat.c
View File

@@ -4404,7 +4404,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
SetFocus (GetDlgItem (hwndDlg, IDC_PIM));
SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect ()? "PIM_SYSENC_HELP" : "PIM_HELP"));
SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect () && hash_algo != SHA512 && hash_algo != WHIRLPOOL? "PIM_SYSENC_HELP" : "PIM_HELP"));
ToHyperlink (hwndDlg, IDC_LINK_PIM_INFO);
@@ -6238,7 +6238,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (volumePassword.Length > 0)
{
// Check password length (check also done for outer volume which is not the case in TrueCrypt).
if (!CheckPasswordLength (NULL, volumePassword.Length, volumePim, FALSE, Silent, Silent))
if (!CheckPasswordLength (NULL, volumePassword.Length, volumePim, FALSE, 0, Silent, Silent))
{
exit (1);
}
@@ -7514,7 +7514,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
return 1;
}
// Check password length (check also done for outer volume which is not the case in TrueCrypt).
else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), FALSE, FALSE))
else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, 0, SysEncInEffect(), SysEncInEffect()? hash_algo : 0, FALSE, FALSE))
{
return 1;
}
@@ -7601,7 +7601,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
return 1;
}
// Check password length (check also done for outer volume which is not the case in TrueCrypt).
else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePim, SysEncInEffect(), TRUE, FALSE))
else if (!CheckPasswordLength (hwndDlg, volumePassword.Length, volumePim, SysEncInEffect(), SysEncInEffect()? hash_algo : 0, TRUE, FALSE))
{
return 1;
}

14
src/Mount/Mount.c
View File

@@ -2672,7 +2672,19 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
else if (!(newKeyFilesParam.EnableKeyFiles && newKeyFilesParam.FirstKeyFile != NULL)
&& pwdChangeDlgMode == PCDM_CHANGE_PASSWORD)
{
if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pim, bSysEncPwdChangeDlgMode, FALSE, FALSE))
int bootPRF = 0;
if (bSysEncPwdChangeDlgMode)
{
try
{
VOLUME_PROPERTIES_STRUCT properties;
BootEncObj->GetVolumeProperties(&properties);
bootPRF = properties.pkcs5;
}
catch(...)
{}
}
if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pim, bSysEncPwdChangeDlgMode, bootPRF, FALSE, FALSE))
return 1;
}