Windows: Don’t try to mount using empty password when default keyfile configured or keyfile specified in command line. Add option in default keyfiles dialog to restore the old behavior.

src/Common/Common.rc

@@ -98,7 +98,7 @@ BEGIN
     EDITTEXT        IDC_VOLUME_LABEL,112,67,150,14,ES_AUTOHSCROLL
 END
 
-IDD_KEYFILES DIALOGEX 0, 0, 345, 237
+IDD_KEYFILES DIALOGEX 0, 0, 345, 251
 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
 CAPTION "VeraCrypt - Keyfiles"
 FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -109,15 +109,17 @@ BEGIN
     PUSHBUTTON      "Add &Token Files...",IDC_TOKEN_FILES_ADD,139,132,65,14
     PUSHBUTTON      "&Remove",IDC_KEYREMOVE,209,132,61,14
     PUSHBUTTON      "Remove &All",IDC_KEYREMOVEALL,275,132,61,14
-    CONTROL         "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,219,83,11
+    CONTROL         "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,232,83,11
-    PUSHBUTTON      "&Generate Random Keyfile...",IDC_GENERATE_KEYFILE,213,217,123,14
+    PUSHBUTTON      "&Generate Random Keyfile...",IDC_GENERATE_KEYFILE,213,230,123,14
     DEFPUSHBUTTON   "OK",IDOK,279,8,59,14
     PUSHBUTTON      "Cancel",IDCANCEL,279,25,59,14
     LTEXT           "",IDT_KEYFILES_NOTE,10,161,324,41,0,WS_EX_TRANSPARENT
     LTEXT           "WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile!",IDT_KEYFILE_WARNING,279,44,58,85,0,WS_EX_TRANSPARENT
     CONTROL         "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,154,343,1,WS_EX_STATICEDGE
     CONTROL         "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,209,343,1,WS_EX_STATICEDGE
-    LTEXT           "More information on keyfiles",IDC_LINK_KEYFILES_INFO,96,220,108,10,SS_NOTIFY
+    LTEXT           "More information on keyfiles",IDC_LINK_KEYFILES_INFO,96,233,108,10,SS_NOTIFY
+    CONTROL         "Try first to mount with an empty password",IDC_KEYFILES_TRY_EMPTY_PASSWORD,
+                    "Button",BS_AUTOCHECKBOX | NOT WS_VISIBLE | WS_TABSTOP,7,217,205,10
 END
 
 IDD_LANGUAGE DIALOGEX 0, 0, 209, 183
@@ -362,7 +364,7 @@ BEGIN
         LEFTMARGIN, 7
         RIGHTMARGIN, 330
         TOPMARGIN, 7
-        BOTTOMMARGIN, 230
+        BOTTOMMARGIN, 244
     END
 
     IDD_LANGUAGE, DIALOG

src/Common/Keyfiles.c

@@ -26,6 +26,9 @@
 #include "Common/resource.h"
 #include "Platform/Finally.h"
 #include "Platform/ForEach.h"
+#ifdef TCMOUNT
+#include "Mount/Mount.h"
+#endif
 
 #include <Strsafe.h>
 
@@ -466,6 +469,17 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
 			LoadKeyList (hwndDlg, param->FirstKeyFile);
 			SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, param->EnableKeyFiles);
 			
+#ifdef TCMOUNT
+			if (	(origParam.EnableKeyFiles == defaultKeyFilesParam.EnableKeyFiles)
+				&&	(origParam.FirstKeyFile == defaultKeyFilesParam.FirstKeyFile)
+				)
+			{
+				/* default keyfile dialog case */
+				SetCheckBox (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD, bTryEmptyPasswordWhenKeyfileUsed);
+				ShowWindow(GetDlgItem(hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD), SW_SHOW);
+			}
+#endif
+
 			SetWindowTextW(GetDlgItem(hwndDlg, IDT_KEYFILES_NOTE), GetString ("KEYFILES_NOTE"));
 
 			ToHyperlink (hwndDlg, IDC_LINK_KEYFILES_INFO);
@@ -586,6 +600,17 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
 		if (lw == IDOK)
 		{
 			param->EnableKeyFiles = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE));
+
+#ifdef TCMOUNT
+			if (IsWindowVisible (GetDlgItem (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD)))
+			{
+				bTryEmptyPasswordWhenKeyfileUsed = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_TRY_EMPTY_PASSWORD));
+
+				WaitCursor ();
+				SaveSettings (hwndDlg);
+				NormalCursor ();
+			}
+#endif
 			EndDialog (hwndDlg, IDOK);
 			return 1;
 		}

src/Common/Language.xml

@@ -45,6 +45,7 @@
     <control lang="en" key="IDC_HIDVOL_WIZ_MODE_FULL">Normal mode</control>
     <control lang="en" key="IDC_KB">&amp;KB</control>
     <control lang="en" key="IDC_KEYFILES_ENABLE">U&amp;se keyfiles</control>
+    <control lang="en" key="IDC_KEYFILES_TRY_EMPTY_PASSWORD">Try first to mount with an empty password</control>
     <control lang="en" key="IDC_KEYFILES_RANDOM_SIZE">Random size ( 64 &lt;-&gt; 1048576 )</control>
     <control lang="en" key="IDC_KEY_FILES">&amp;Keyfiles...</control>
     <control lang="en" key="IDC_LINK_HASH_INFO">Information on hash algorithms</control>

src/Common/Resource.h

@@ -194,6 +194,7 @@
 #define IDC_PIM_ENABLE                  5132
 #define IDC_VOLUME_LABEL                5133
 #define IDT_VOLUME_LABEL                5134
+#define IDC_KEYFILES_TRY_EMPTY_PASSWORD 5135
 
 // Next default values for new objects
 // 
@@ -202,7 +203,7 @@
 #define _APS_NO_MFC                     1
 #define _APS_NEXT_RESOURCE_VALUE        542
 #define _APS_NEXT_COMMAND_VALUE         40001
-#define _APS_NEXT_CONTROL_VALUE         5135
+#define _APS_NEXT_CONTROL_VALUE         5136
 #define _APS_NEXT_SYMED_VALUE           101
 #endif
 #endif

src/Mount/Mount.c

@@ -86,6 +86,9 @@ BOOL bCacheInDriver = FALSE;		/* Cache any passwords we see */
 BOOL bCacheInDriverDefault = FALSE;
 BOOL bCacheDuringMultipleMount = FALSE;
 BOOL bCmdCacheDuringMultipleMount = FALSE;
+BOOL bTryEmptyPasswordWhenKeyfileUsed = FALSE;
+BOOL bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE;
+BOOL bCmdTryEmptyPasswordWhenKeyfileUsedValid = FALSE;
 BOOL bHistoryCmdLine = FALSE;		/* History control is always disabled */
 BOOL bUseDifferentTrayIconIfVolMounted = TRUE;
 BOOL bCloseDismountedWindows=TRUE;	/* Close all open explorer windows of dismounted volume */
@@ -680,6 +683,8 @@ void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL*
 	ConfigReadCompareInt ("WipePasswordCacheOnExit", FALSE, &bWipeCacheOnExit, bOnlyCheckModified, pbSettingsModified);
 	ConfigReadCompareInt ("WipeCacheOnAutoDismount", TRUE, &bWipeCacheOnAutoDismount, bOnlyCheckModified, pbSettingsModified);
 
+	ConfigReadCompareInt ("TryEmptyPasswordWhenKeyfileUsed",FALSE, &bTryEmptyPasswordWhenKeyfileUsed, bOnlyCheckModified, pbSettingsModified);
+
 	ConfigReadCompareInt ("StartOnLogon", FALSE, &bStartOnLogon, bOnlyCheckModified, pbSettingsModified);
 	ConfigReadCompareInt ("MountDevicesOnLogon", FALSE, &bMountDevicesOnLogon, bOnlyCheckModified, pbSettingsModified);
 	ConfigReadCompareInt ("MountFavoritesOnLogon", FALSE, &bMountFavoritesOnLogon, bOnlyCheckModified, pbSettingsModified);
@@ -835,6 +840,8 @@ void SaveSettings (HWND hwndDlg)
 		ConfigWriteInt ("WipePasswordCacheOnExit",			bWipeCacheOnExit);
 		ConfigWriteInt ("WipeCacheOnAutoDismount",			bWipeCacheOnAutoDismount);
 
+		ConfigWriteInt ("TryEmptyPasswordWhenKeyfileUsed",	bTryEmptyPasswordWhenKeyfileUsed);
+
 		ConfigWriteInt ("StartOnLogon",						bStartOnLogon);
 		ConfigWriteInt ("MountDevicesOnLogon",				bMountDevicesOnLogon);
 		ConfigWriteInt ("MountFavoritesOnLogon",			bMountFavoritesOnLogon);
@@ -4353,6 +4360,8 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName, int pim)
 	BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;
 	int EffectiveVolumePim = (pim < 0)? CmdVolumePim : pim;
 	BOOL bEffectiveCacheDuringMultipleMount = bCmdCacheDuringMultipleMount? TRUE: bCacheDuringMultipleMount;
+	BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed;
+	BOOL bUseCmdVolumePassword = CmdVolumePasswordValid && ((CmdVolumePassword.Length > 0) || (KeyFilesEnable && FirstKeyFile));
 
 	/* Priority is given to command line parameters 
 	 * Default values used only when nothing specified in command line
@@ -4405,9 +4414,11 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName, int pim)
 
 	ResetWrongPwdRetryCount ();
 
-	// First try cached passwords and if they fail ask user for a new one
 	WaitCursor ();
 
+	if (!bUseCmdVolumePassword)
+	{
+		// First try cached passwords and if they fail ask user for a new one
 		// try TrueCrypt mode first since it is quick, only if pim = 0
 		if (EffectiveVolumePim == 0)
 			mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, 0, TRUE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
@@ -4415,7 +4426,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName, int pim)
 			mounted = MountVolume (hwndDlg, nDosDriveNo, szFileName, NULL, 0, EffectiveVolumePim, FALSE, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
 		
 		// If keyfiles are enabled, test empty password first
-	if (!mounted && KeyFilesEnable && FirstKeyFile)
+		if (!mounted && KeyFilesEnable && FirstKeyFile && bEffectiveTryEmptyPasswordWhenKeyfileUsed)
 		{
 			Password emptyPassword;
 			emptyPassword.Length = 0;
@@ -4429,6 +4440,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName, int pim)
 			
 			burn (&emptyPassword, sizeof (emptyPassword));
 		}
+	}
 
 	// Test password and/or keyfiles used for the previous volume
 	if (!mounted && bEffectiveCacheDuringMultipleMount && MultipleMountOperationInProgress && VolumePassword.Length != 0)
@@ -4452,7 +4464,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, char *szFileName, int pim)
 
 	while (mounted == 0)
 	{		
-		if (CmdVolumePassword.Length > 0)
+		if (bUseCmdVolumePassword)
 		{
 			VolumePassword = CmdVolumePassword;
 			VolumePkcs5 = EffectiveVolumePkcs5;
@@ -6251,6 +6263,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 					BOOL mounted = FALSE;
 					int EffectiveVolumePkcs5 = CmdVolumePkcs5;
 					BOOL EffectiveVolumeTrueCryptMode = CmdVolumeTrueCryptMode;
+					BOOL bEffectiveTryEmptyPasswordWhenKeyfileUsed = bCmdTryEmptyPasswordWhenKeyfileUsedValid? bCmdTryEmptyPasswordWhenKeyfileUsed : bTryEmptyPasswordWhenKeyfileUsed;
 
 					if (!VolumePathExists (szFileName))
 					{
@@ -6270,7 +6283,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 						mounted = MountVolume (hwndDlg, szDriveLetter[0] - 'A', szFileName, NULL, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bForceMount, &mountOptions, Silent, FALSE);
 
 						// Command line password or keyfiles
-						if (!mounted && (CmdVolumePassword.Length != 0 || FirstCmdKeyFile))
+						if (!mounted && (CmdVolumePassword.Length != 0 || (FirstCmdKeyFile && (CmdVolumePasswordValid || bEffectiveTryEmptyPasswordWhenKeyfileUsed))))
 						{
 							BOOL reportBadPasswd = CmdVolumePassword.Length > 0;
 
@@ -8086,6 +8099,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
 				OptionPkcs5,
 				OptionTrueCryptMode,
 				OptionPim,
+				OptionTryEmptyPassword,
 			};
 
 			argument args[]=
@@ -8110,6 +8124,7 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
 				{ OptionTrueCryptMode,			"/truecrypt",			"/tc", FALSE },
 				{ OptionVolume,					"/volume",			"/v", FALSE },
 				{ CommandWipeCache,				"/wipecache",		"/w", FALSE },
+				{ OptionTryEmptyPassword,		"/tryemptypass",	NULL, FALSE },
 			};
 
 			argumentspec as;
@@ -8143,6 +8158,25 @@ void ExtractCommandLine (HWND hwndDlg, char *lpszCommandLine)
 				bBeep = TRUE;
 				break;
 
+			case OptionTryEmptyPassword:
+				{
+					char szTmp[16] = {0};
+					bCmdTryEmptyPasswordWhenKeyfileUsed = TRUE;
+					bCmdTryEmptyPasswordWhenKeyfileUsedValid = TRUE;
+
+					if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs,
+						     szTmp, sizeof (szTmp)))
+					{
+						if (!_stricmp(szTmp,"n") || !_stricmp(szTmp,"no"))
+							bCmdTryEmptyPasswordWhenKeyfileUsed = FALSE;
+						else if (!_stricmp(szTmp,"y") || !_stricmp(szTmp,"yes"))
+							bCmdTryEmptyPasswordWhenKeyfileUsed = TRUE;
+						else
+							AbortProcess ("COMMAND_LINE_ERROR");
+					}
+				}
+				break;
+
 			case OptionCache:
 				{
 					char szTmp[16] = {0};

src/Mount/Mount.h

@@ -65,6 +65,7 @@ extern BOOL bCloseBkgTaskWhenNoVolumes;
 extern BOOL bPlaySoundOnSuccessfulHkDismount;
 extern BOOL bDisplayBalloonOnSuccessfulHkDismount;
 extern BOOL bExplore;
+extern BOOL bTryEmptyPasswordWhenKeyfileUsed;
 
 static void localcleanup ( void );
 void EndMainDlg ( HWND hwndDlg );