Instantly share code, notes, and snippets.

anonymous /truecrypt.diff
Created May 28, 2014

Embed
What would you like to do?
truecrypt 7.2 diff
diff --git a/Boot/Windows/BootMain.cpp b/Boot/Windows/BootMain.cpp
index 5d4b942..0b6e6a6 100644
--- a/Boot/Windows/BootMain.cpp
+++ b/Boot/Windows/BootMain.cpp
@@ -75,7 +75,9 @@ static void PrintMainMenu ()
#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE
- PrintEndl (3);
+ PrintEndl (2);
+ Print ("WARNING: Using TrueCrypt is not secure");
+ PrintEndl (2);
}
@@ -574,125 +576,6 @@ static void BootMenu ()
#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE
-static bool CopySystemPartitionToHiddenVolume (byte drive, byte &exitKey)
-{
- bool status = false;
-
- uint64 sectorsRemaining;
- uint64 sectorOffset;
- sectorOffset.LowPart = 0;
- sectorOffset.HighPart = 0;
-
- int fragmentSectorCount = 0x7f; // Maximum safe value supported by BIOS
- int statCount;
-
- if (!CheckMemoryRequirements ())
- goto err;
-
- if (!GetSystemPartitions (drive))
- goto err;
-
- if (PartitionFollowingActive.Drive == TC_INVALID_BIOS_DRIVE)
- TC_THROW_FATAL_EXCEPTION;
-
- // Check if BIOS can read the last sector of the hidden system
- AcquireSectorBuffer();
-
- if (ReadSectors (SectorBuffer, PartitionFollowingActive.Drive, PartitionFollowingActive.EndSector - (TC_VOLUME_HEADER_GROUP_SIZE / TC_LB_SIZE - 2), 1) != BiosResultSuccess
- || GetCrc32 (SectorBuffer, sizeof (SectorBuffer)) != OuterVolumeBackupHeaderCrc)
- {
- PrintErrorNoEndl ("Your BIOS does not support large drives");
- Print (IsLbaSupported (PartitionFollowingActive.Drive) ? " due to a bug" : "\r\n- Enable LBA in BIOS");
- PrintEndl();
- Print (TC_BOOT_STR_UPGRADE_BIOS);
-
- ReleaseSectorBuffer();
- goto err;
- }
-
- ReleaseSectorBuffer();
-
- if (!MountVolume (drive, exitKey, true, false))
- return false;
-
- sectorsRemaining = EncryptedVirtualPartition.SectorCount;
-
- if (!(sectorsRemaining == ActivePartition.SectorCount))
- TC_THROW_FATAL_EXCEPTION;
-
- InitScreen();
- Print ("\r\nCopying system to hidden volume. To abort, press Esc.\r\n\r\n");
-
- while (sectorsRemaining.HighPart != 0 || sectorsRemaining.LowPart != 0)
- {
- if (EscKeyPressed())
- {
- Print ("\rIf aborted, copying will have to start from the beginning (if attempted again).\r\n");
- if (AskYesNo ("Abort"))
- break;
- }
-
- if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart < fragmentSectorCount)
- fragmentSectorCount = (int) sectorsRemaining.LowPart;
-
- if (ReadWriteSectors (false, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, ActivePartition.StartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess)
- {
- Print ("To fix bad sectors: 1) Terminate 2) Encrypt and decrypt sys partition 3) Retry\r\n");
- crypto_close (BootCryptoInfo);
- goto err;
- }
-
- AcquireSectorBuffer();
-
- for (int i = 0; i < fragmentSectorCount; ++i)
- {
- CopyMemory (TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, SectorBuffer, TC_LB_SIZE);
-
- uint64 s = HiddenVolumeStartUnitNo + sectorOffset + i;
- EncryptDataUnits (SectorBuffer, &s, 1, BootCryptoInfo);
-
- CopyMemory (SectorBuffer, TC_BOOT_LOADER_BUFFER_SEGMENT, i * TC_LB_SIZE, TC_LB_SIZE);
- }
-
- ReleaseSectorBuffer();
-
- if (ReadWriteSectors (true, TC_BOOT_LOADER_BUFFER_SEGMENT, 0, drive, HiddenVolumeStartSector + sectorOffset, fragmentSectorCount, false) != BiosResultSuccess)
- {
- crypto_close (BootCryptoInfo);
- goto err;
- }
-
- sectorsRemaining = sectorsRemaining - fragmentSectorCount;
- sectorOffset = sectorOffset + fragmentSectorCount;
-
- if (!(statCount++ & 0xf))
- {
- Print ("\rRemaining: ");
- PrintSectorCountInMB (sectorsRemaining);
- }
- }
-
- crypto_close (BootCryptoInfo);
-
- if (sectorsRemaining.HighPart == 0 && sectorsRemaining.LowPart == 0)
- {
- status = true;
- Print ("\rCopying completed.");
- }
-
- PrintEndl (2);
- goto ret;
-
-err:
- exitKey = TC_BIOS_KEY_ESC;
- GetKeyboardChar();
-
-ret:
- EraseMemory ((void *) TC_BOOT_LOADER_ARGS_OFFSET, sizeof (BootArguments));
- return status;
-}
-
-
#else // TC_WINDOWS_BOOT_RESCUE_DISK_MODE
@@ -1105,29 +988,7 @@ void main ()
#ifndef TC_WINDOWS_BOOT_RESCUE_DISK_MODE
- // Hidden system setup
- byte hiddenSystemCreationPhase = BootSectorFlags & TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE;
-
- if (hiddenSystemCreationPhase != TC_HIDDEN_OS_CREATION_PHASE_NONE)
- {
- PreventNormalSystemBoot = true;
- PrintMainMenu();
-
- if (hiddenSystemCreationPhase == TC_HIDDEN_OS_CREATION_PHASE_CLONING)
- {
- if (CopySystemPartitionToHiddenVolume (BootDrive, exitKey))
- {
- BootSectorFlags = (BootSectorFlags & ~TC_BOOT_CFG_MASK_HIDDEN_OS_CREATION_PHASE) | TC_HIDDEN_OS_CREATION_PHASE_WIPING;
- UpdateBootSectorConfiguration (BootLoaderDrive);
- }
- else if (exitKey == TC_BIOS_KEY_ESC)
- goto bootMenu;
- else
- continue;
- }
- }
- else
- PrintMainMenu();
+ PrintMainMenu();
exitKey = BootEncryptedDrive();
diff --git a/Common/BootEncryption.cpp b/Common/BootEncryption.cpp
index 83571ab..0ca1863 100644
--- a/Common/BootEncryption.cpp
+++ b/Common/BootEncryption.cpp
@@ -1861,6 +1861,8 @@ namespace TrueCrypt
void BootEncryption::CheckRequirements ()
{
+ AbortProcess ("INSECURE_APP");
+
if (nCurrentOS == WIN_2000)
throw ErrorException ("SYS_ENCRYPTION_UNSUPPORTED_ON_CURRENT_OS");
@@ -2232,72 +2234,13 @@ namespace TrueCrypt
void BootEncryption::PrepareHiddenOSCreation (int ea, int mode, int pkcs5)
{
- BootEncryptionStatus encStatus = GetStatus();
- if (encStatus.DriveMounted)
- throw ParameterIncorrect (SRC_POS);
-
- CheckRequirements();
- BackupSystemLoader();
-
- SelectedEncryptionAlgorithmId = ea;
+ AbortProcess ("INSECURE_APP");
}
void BootEncryption::PrepareInstallation (bool systemPartitionOnly, Password &password, int ea, int mode, int pkcs5, const string &rescueIsoImagePath)
{
- BootEncryptionStatus encStatus = GetStatus();
- if (encStatus.DriveMounted)
- throw ParameterIncorrect (SRC_POS);
-
- CheckRequirements ();
-
- SystemDriveConfiguration config = GetSystemDriveConfiguration();
-
- // Some chipset drivers may prevent access to the last sector of the drive
- if (!systemPartitionOnly)
- {
- DISK_GEOMETRY geometry = GetDriveGeometry (config.DriveNumber);
- Buffer sector (geometry.BytesPerSector);
-
- Device device (config.DevicePath);
-
- try
- {
- device.SeekAt (config.DrivePartition.Info.PartitionLength.QuadPart - geometry.BytesPerSector);
- device.Read (sector.Ptr(), sector.Size());
- }
- catch (SystemException &e)
- {
- if (e.ErrorCode != ERROR_CRC)
- {
- e.Show (ParentWindow);
- Error ("WHOLE_DRIVE_ENCRYPTION_PREVENTED_BY_DRIVERS");
- throw UserAbort (SRC_POS);
- }
- }
- }
-
- BackupSystemLoader ();
-
- uint64 volumeSize;
- uint64 encryptedAreaStart;
-
- if (systemPartitionOnly)
- {
- volumeSize = config.SystemPartition.Info.PartitionLength.QuadPart;
- encryptedAreaStart = config.SystemPartition.Info.StartingOffset.QuadPart;
- }
- else
- {
- volumeSize = config.DrivePartition.Info.PartitionLength.QuadPart - TC_BOOT_LOADER_AREA_SIZE;
- encryptedAreaStart = config.DrivePartition.Info.StartingOffset.QuadPart + TC_BOOT_LOADER_AREA_SIZE;
- }
-
- SelectedEncryptionAlgorithmId = ea;
- CreateVolumeHeader (volumeSize, encryptedAreaStart, &password, ea, mode, pkcs5);
-
- if (!rescueIsoImagePath.empty())
- CreateRescueIsoImage (true, rescueIsoImagePath);
+ AbortProcess ("INSECURE_APP");
}
bool BootEncryption::IsPagingFileActive (BOOL checkNonWindowsPartitionsOnly)
@@ -2358,19 +2301,7 @@ namespace TrueCrypt
void BootEncryption::StartEncryption (WipeAlgorithmId wipeAlgorithm, bool zeroUnreadableSectors)
{
- BootEncryptionStatus encStatus = GetStatus();
-
- if (!encStatus.DeviceFilterActive || !encStatus.DriveMounted || encStatus.SetupInProgress)
- throw ParameterIncorrect (SRC_POS);
-
- BootEncryptionSetupRequest request;
- ZeroMemory (&request, sizeof (request));
-
- request.SetupMode = SetupEncryption;
- request.WipeAlgorithm = wipeAlgorithm;
- request.ZeroUnreadableSectors = zeroUnreadableSectors;
-
- CallDriver (TC_IOCTL_BOOT_ENCRYPTION_SETUP, &request, sizeof (request), NULL, 0);
+ AbortProcess ("INSECURE_APP");
}
void BootEncryption::CopyFileAdmin (const string &sourceFile, const string &destinationFile)
diff --git a/Common/Cmdline.c b/Common/Cmdline.c
index cf3903d..57c8544 100644
--- a/Common/Cmdline.c
+++ b/Common/Cmdline.c
@@ -54,6 +54,8 @@ BOOL CALLBACK CommandHelpDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
}
}
+ strcat (tmp, "\nExamples:\n\nMount a volume as X:\ttruecrypt.exe /q /v volume.tc /l X\nDismount a volume X:\ttruecrypt.exe /q /d X");
+
SetWindowText (GetDlgItem (hwndDlg, IDC_COMMANDHELP_TEXT), (char*) tmp);
return 1;
}
diff --git a/Common/Common.rc b/Common/Common.rc
index e579fe1..c638305 100644
--- a/Common/Common.rc
+++ b/Common/Common.rc
@@ -13,13 +13,11 @@
#undef APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
-// English (U.S.) resources
+// English (United States) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
-#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
-#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
@@ -34,25 +32,24 @@ FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
EDITTEXT IDC_ABOUT_CREDITS,7,111,277,45,ES_MULTILINE | WS_VSCROLL | NOT WS_TABSTOP
DEFPUSHBUTTON "OK",IDOK,230,178,52,14
- LTEXT "",IDC_HOMEPAGE,18,87,117,9,SS_NOTIFY
LTEXT "",IDT_ABOUT_RELEASE,18,71,235,8
- CONTROL 517,IDC_ABOUT_BKG,"Static",SS_BITMAP,0,0,12,11,WS_EX_STATICEDGE
+ CONTROL IDB_TEXTUAL_LOGO_BKG,IDC_ABOUT_BKG,"Static",SS_BITMAP,0,0,12,11,WS_EX_STATICEDGE
LTEXT "",IDT_ABOUT_VERSION,18,61,161,8
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,167,291,1,WS_EX_STATICEDGE
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,169,291,1,WS_EX_STATICEDGE
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,1,107,291,1,WS_EX_STATICEDGE
CONTROL "",IDC_ABOUT_LOGO_AREA,"Static",SS_GRAYRECT | NOT WS_VISIBLE,0,0,293,50,WS_EX_TRANSPARENT | WS_EX_STATICEDGE
- CONTROL 518,IDC_TEXTUAL_LOGO_IMG,"Static",SS_BITMAP,12,26,157,16
+ CONTROL IDB_TEXTUAL_LOGO_96DPI,IDC_TEXTUAL_LOGO_IMG,"Static",SS_BITMAP,12,26,157,16
END
-IDD_COMMANDHELP_DLG DIALOGEX 0, 0, 249, 213
+IDD_COMMANDHELP_DLG DIALOGEX 0, 0, 249, 234
STYLE DS_SETFONT | DS_MODALFRAME | DS_3DLOOK | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "Command Line Help"
CLASS "CustomDlg"
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
- DEFPUSHBUTTON "OK",IDOK,93,191,59,14
- LTEXT "",IDC_COMMANDHELP_TEXT,20,11,208,174
+ DEFPUSHBUTTON "OK",IDOK,93,212,59,14
+ LTEXT "",IDC_COMMANDHELP_TEXT,20,11,208,195
END
IDD_RAWDEVICES_DLG DIALOGEX 0, 0, 305, 209
@@ -65,7 +62,7 @@ BEGIN
PUSHBUTTON "Cancel",IDCANCEL,248,190,50,14
END
-IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 172
+IDD_MOUNT_OPTIONS DIALOGEX 0, 0, 277, 159
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "TrueCrypt - Mount Options"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -81,11 +78,10 @@ BEGIN
CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,123,90,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,112,136,90,10
PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,203,125,60,14
- LTEXT "What is hidden volume protection?",IDC_LINK_HIDVOL_PROTECTION_INFO,16,151,247,10,SS_NOTIFY
DEFPUSHBUTTON "OK",IDOK,211,7,60,14
PUSHBUTTON "Cancel",IDCANCEL,211,24,60,14
RTEXT "P&assword to hidden volume:\n(if empty, cache is used)",IDT_HIDDEN_PROT_PASSWD,15,103,91,17,0,WS_EX_RIGHT
- GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,95
+ GROUPBOX "Hidden Volume Protection",IDT_HIDDEN_VOL_PROTECTION,6,72,265,81
CONTROL "Use backup header embedded in &volume if available",IDC_USE_EMBEDDED_HEADER_BAK,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,12,39,257,11
END
@@ -109,7 +105,6 @@ BEGIN
LTEXT "WARNING: If you lose a keyfile or if any bit of its first 1024 kilobytes changes, it will be impossible to mount volumes that use the keyfile!",IDT_KEYFILE_WARNING,279,44,58,85,0,WS_EX_TRANSPARENT
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,154,343,1,WS_EX_STATICEDGE
CONTROL "",IDC_STATIC,"Static",SS_ETCHEDHORZ,2,209,343,1,WS_EX_STATICEDGE
- LTEXT "More information on keyfiles",IDC_LINK_KEYFILES_INFO,96,220,108,10,SS_NOTIFY
END
IDD_LANGUAGE DIALOGEX 0, 0, 209, 183
@@ -119,7 +114,6 @@ FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
LISTBOX IDC_LANGLIST,6,7,197,67,LBS_SORT | LBS_NOINTEGRALHEIGHT | WS_VSCROLL | WS_TABSTOP
EDITTEXT IDC_LANGPACK_CREDITS,6,108,197,28,ES_MULTILINE | ES_READONLY | WS_VSCROLL | NOT WS_TABSTOP
- CTEXT "Download language pack",IDC_GET_LANG_PACKS,2,146,205,10,SS_NOTIFY
DEFPUSHBUTTON "OK",IDOK,97,165,50,14
PUSHBUTTON "Cancel",IDCANCEL,153,165,50,14
LTEXT "Translated by:",IDT_LANGPACK_AUTHORS,6,99,101,9,SS_NOTIFY,WS_EX_TRANSPARENT
@@ -211,7 +205,7 @@ BEGIN
END
IDD_MULTI_CHOICE_DLG DIALOGEX 0, 0, 167, 322
-STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
+STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION
FONT 8, "MS Shell Dlg", 0, 0, 0x0
BEGIN
PUSHBUTTON "",IDC_CHOICE10,7,292,153,24,BS_CENTER | BS_MULTILINE,WS_EX_STATICEDGE
@@ -306,11 +300,15 @@ END
//
#ifdef APSTUDIO_INVOKED
-GUIDELINES DESIGNINFO
+GUIDELINES DESIGNINFO
BEGIN
+ IDD_ABOUT_DLG, DIALOG
+ BEGIN
+ END
+
IDD_COMMANDHELP_DLG, DIALOG
BEGIN
- BOTTOMMARGIN, 205
+ BOTTOMMARGIN, 226
END
IDD_RAWDEVICES_DLG, DIALOG
@@ -325,7 +323,7 @@ BEGIN
BEGIN
LEFTMARGIN, 7
TOPMARGIN, 7
- BOTTOMMARGIN, 166
+ BOTTOMMARGIN, 153
END
IDD_KEYFILES, DIALOG
@@ -524,7 +522,7 @@ IDI_TRUECRYPT_MOUNTED_ICON ICON "..\\Common\\TrueCrypt_mounte
IDB_TEXTUAL_LOGO_BKG BITMAP "..\\Common\\Textual_logo_background.bmp"
IDB_TEXTUAL_LOGO_96DPI BITMAP "..\\Common\\Textual_logo_96dpi.bmp"
IDB_TEXTUAL_LOGO_288DPI BITMAP "..\\Common\\Textual_logo_288dpi.bmp"
-#endif // English (U.S.) resources
+#endif // English (United States) resources
/////////////////////////////////////////////////////////////////////////////
diff --git a/Common/Dlgcode.c b/Common/Dlgcode.c
index 5005988..177d53e 100644
--- a/Common/Dlgcode.c
+++ b/Common/Dlgcode.c
@@ -51,6 +51,7 @@
#ifdef TCMOUNT
#include "Mount/Mount.h"
+#include "Mount/resource.h"
#endif
#ifdef VOLFORMAT
@@ -66,8 +67,6 @@ using namespace TrueCrypt;
LONG DriverVersion;
char *LastDialogId;
-char szHelpFile[TC_MAX_PATH];
-char szHelpFile2[TC_MAX_PATH];
char SecurityTokenLibraryPath[TC_MAX_PATH];
HFONT hFixedDigitFont = NULL;
@@ -405,14 +404,14 @@ void AbortProcess (char *stringId)
{
// Note that this function also causes localcleanup() to be called (see atexit())
MessageBeep (MB_ICONEXCLAMATION);
- MessageBoxW (NULL, GetString (stringId), lpszTitle, ICON_HAND);
- exit (1);
+ MessageBoxW (NULL, GetString (stringId), lpszTitle, ICON_HAND | MB_SETFOREGROUND | MB_TOPMOST);
+ ExitProcess (1);
}
void AbortProcessSilent (void)
{
// Note that this function also causes localcleanup() to be called (see atexit())
- exit (1);
+ ExitProcess (1);
}
@@ -769,6 +768,19 @@ void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT h
}
+// Note that the user can still close the window by right-clicking its taskbar icon and selecting 'Close window', or by pressing Alt-F4, or using the Task Manager.
+void DisableCloseButton (HWND hwndDlg)
+{
+ EnableMenuItem (GetSystemMenu (hwndDlg, FALSE), SC_CLOSE, MF_BYCOMMAND | MF_DISABLED | MF_GRAYED);
+}
+
+
+void EnableCloseButton (HWND hwndDlg)
+{
+ EnableMenuItem (GetSystemMenu (hwndDlg, FALSE), SC_CLOSE, MF_BYCOMMAND | MF_ENABLED);
+}
+
+
// Protects an input field from having its content updated by a Paste action (call ToBootPwdField() to use this).
static LRESULT CALLBACK BootPwdFieldProc (HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam)
{
@@ -869,10 +881,6 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam
LocalizeDialog (hwndDlg, "IDD_ABOUT_DLG");
- // Hyperlink
- SetWindowText (GetDlgItem (hwndDlg, IDC_HOMEPAGE), "www.truecrypt.org");
- ToHyperlink (hwndDlg, IDC_HOMEPAGE);
-
// Logo area background (must not keep aspect ratio; must retain Windows-imposed distortion)
GetClientRect (GetDlgItem (hwndDlg, IDC_ABOUT_LOGO_AREA), &rec);
SetWindowPos (GetDlgItem (hwndDlg, IDC_ABOUT_BKG), HWND_TOP, 0, 0, rec.right, rec.bottom, SWP_NOMOVE);
@@ -915,13 +923,13 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam
"Paulo Barreto, Brian Gladman, Wei Dai, Peter Gutmann, and many others.\r\n\r\n"
"Portions of this software:\r\n"
- "Copyright \xA9 2003-2012 TrueCrypt Developers Association. All Rights Reserved.\r\n"
+ "Copyright \xA9 2003-2014 TrueCrypt Developers Association. All Rights Reserved.\r\n"
"Copyright \xA9 1998-2000 Paul Le Roux. All Rights Reserved.\r\n"
"Copyright \xA9 1998-2008 Brian Gladman. All Rights Reserved.\r\n"
"Copyright \xA9 2002-2004 Mark Adler. All Rights Reserved.\r\n\r\n"
"This software as a whole:\r\n"
- "Copyright \xA9 2012 TrueCrypt Developers Association. All rights reserved.\r\n\r\n"
+ "Copyright \xA9 2014 TrueCrypt Developers Association. All rights reserved.\r\n\r\n"
"A TrueCrypt Foundation Release");
@@ -934,12 +942,6 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam
return 1;
}
- if (lw == IDC_HOMEPAGE)
- {
- Applink ("main", TRUE, "");
- return 1;
- }
-
// Disallow modification of credits
if (HIWORD (wParam) == EN_UPDATE)
{
@@ -1625,264 +1627,6 @@ LRESULT CALLBACK CustomDlgProc (HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lPar
}
-static BOOL IsReturnAddress (DWORD64 address)
-{
- static size_t codeEnd = 0;
- byte *sp = (byte *) address;
-
- if (codeEnd == 0)
- {
- MEMORY_BASIC_INFORMATION mi;
- if (VirtualQuery ((LPCVOID) 0x401000, &mi, sizeof (mi)) >= sizeof (mi))
- codeEnd = (size_t) mi.BaseAddress + mi.RegionSize;
- }
-
- if (address < 0x401000 + 8 || address > codeEnd)
- return FALSE;
-
- return sp[-5] == 0xe8 // call ADDR
- || (sp[-6] == 0xff && sp[-5] == 0x15) // call [ADDR]
- || (sp[-2] == 0xff && (sp[-1] & 0xf0) == 0xd0); // call REG
-}
-
-
-typedef struct
-{
- EXCEPTION_POINTERS *ExceptionPointers;
- HANDLE ExceptionThread;
-
-} ExceptionHandlerThreadArgs;
-
-
-void ExceptionHandlerThread (void *threadArg)
-{
- ExceptionHandlerThreadArgs *args = (ExceptionHandlerThreadArgs *) threadArg;
-
- EXCEPTION_POINTERS *ep = args->ExceptionPointers;
- DWORD addr;
- DWORD exCode = ep->ExceptionRecord->ExceptionCode;
- SYSTEM_INFO si;
- wchar_t msg[8192];
- char modPath[MAX_PATH];
- int crc = 0;
- char url[MAX_URL_LENGTH];
- char lpack[128];
- stringstream callStack;
- addr = (DWORD) ep->ExceptionRecord->ExceptionAddress;
- PDWORD sp = (PDWORD) ep->ContextRecord->Esp;
- int frameNumber = 0;
-
- switch (exCode)
- {
- case STATUS_IN_PAGE_ERROR:
- case 0xeedfade:
- // Exception not caused by TrueCrypt
- MessageBoxW (0, GetString ("EXCEPTION_REPORT_EXT"),
- GetString ("EXCEPTION_REPORT_TITLE"),
- MB_ICONERROR | MB_OK | MB_SETFOREGROUND | MB_TOPMOST);
- return;
- }
-
- // Call stack
- HMODULE dbgDll = LoadLibrary ("dbghelp.dll");
- if (dbgDll)
- {
- typedef DWORD (__stdcall *SymGetOptions_t) ();
- typedef DWORD (__stdcall *SymSetOptions_t) (DWORD SymOptions);
- typedef BOOL (__stdcall *SymInitialize_t) (HANDLE hProcess, PCSTR UserSearchPath, BOOL fInvadeProcess);
- typedef BOOL (__stdcall *StackWalk64_t) (DWORD MachineType, HANDLE hProcess, HANDLE hThread, LPSTACKFRAME64 StackFrame, PVOID ContextRecord, PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress);
- typedef BOOL (__stdcall * SymFromAddr_t) (HANDLE hProcess, DWORD64 Address, PDWORD64 Displacement, PSYMBOL_INFO Symbol);
-
- SymGetOptions_t DbgHelpSymGetOptions = (SymGetOptions_t) GetProcAddress (dbgDll, "SymGetOptions");
- SymSetOptions_t DbgHelpSymSetOptions = (SymSetOptions_t) GetProcAddress (dbgDll, "SymSetOptions");
- SymInitialize_t DbgHelpSymInitialize = (SymInitialize_t) GetProcAddress (dbgDll, "SymInitialize");
- PFUNCTION_TABLE_ACCESS_ROUTINE64 DbgHelpSymFunctionTableAccess64 = (PFUNCTION_TABLE_ACCESS_ROUTINE64) GetProcAddress (dbgDll, "SymFunctionTableAccess64");
- PGET_MODULE_BASE_ROUTINE64 DbgHelpSymGetModuleBase64 = (PGET_MODULE_BASE_ROUTINE64) GetProcAddress (dbgDll, "SymGetModuleBase64");
- StackWalk64_t DbgHelpStackWalk64 = (StackWalk64_t) GetProcAddress (dbgDll, "StackWalk64");
- SymFromAddr_t DbgHelpSymFromAddr = (SymFromAddr_t) GetProcAddress (dbgDll, "SymFromAddr");
-
- if (DbgHelpSymGetOptions && DbgHelpSymSetOptions && DbgHelpSymInitialize && DbgHelpSymFunctionTableAccess64 && DbgHelpSymGetModuleBase64 && DbgHelpStackWalk64 && DbgHelpSymFromAddr)
- {
- DbgHelpSymSetOptions (DbgHelpSymGetOptions() | SYMOPT_DEFERRED_LOADS | SYMOPT_ALLOW_ABSOLUTE_SYMBOLS | SYMOPT_NO_CPP);
-
- if (DbgHelpSymInitialize (GetCurrentProcess(), NULL, TRUE))
- {
- STACKFRAME64 frame;
- memset (&frame, 0, sizeof (frame));
-
- frame.AddrPC.Offset = ep->ContextRecord->Eip;
- frame.AddrPC.Mode = AddrModeFlat;
- frame.AddrStack.Offset = ep->ContextRecord->Esp;
- frame.AddrStack.Mode = AddrModeFlat;
- frame.AddrFrame.Offset = ep->ContextRecord->Ebp;
- frame.AddrFrame.Mode = AddrModeFlat;
-
- string lastSymbol;
-
- while (frameNumber < 32 && DbgHelpStackWalk64 (IMAGE_FILE_MACHINE_I386, GetCurrentProcess(), args->ExceptionThread, &frame, ep->ContextRecord, NULL, DbgHelpSymFunctionTableAccess64, DbgHelpSymGetModuleBase64, NULL))
- {
- if (!frame.AddrPC.Offset)
- continue;
-
- ULONG64 symbolBuffer[(sizeof (SYMBOL_INFO) + MAX_SYM_NAME * sizeof (TCHAR) + sizeof (ULONG64) - 1) / sizeof (ULONG64)];
- memset (symbolBuffer, 0, sizeof (symbolBuffer));
-
- PSYMBOL_INFO symbol = (PSYMBOL_INFO) symbolBuffer;
- symbol->SizeOfStruct = sizeof (SYMBOL_INFO);
- symbol->MaxNameLen = MAX_SYM_NAME;
-
- if (DbgHelpSymFromAddr (GetCurrentProcess(), frame.AddrPC.Offset, NULL, symbol) && symbol->NameLen > 0)
- {
- for (size_t i = 0; i < symbol->NameLen; ++i)
- {
- if (!isalnum (symbol->Name[i]))
- symbol->Name[i] = '_';
- }
-
- if (symbol->Name != lastSymbol)
- callStack << "&st" << frameNumber++ << "=" << symbol->Name;
-
- lastSymbol = symbol->Name;
- }
- else if (frameNumber == 0 || IsReturnAddress (frame.AddrPC.Offset))
- {
- callStack << "&st" << frameNumber++ << "=0x" << hex << frame.AddrPC.Offset << dec;
- }
- }
- }
- }
- }
-
- // StackWalk64() may fail due to missing frame pointers
- list <DWORD> retAddrs;
- if (frameNumber == 0)
- retAddrs.push_back (ep->ContextRecord->Eip);
-
- retAddrs.push_back (0);
-
- MEMORY_BASIC_INFORMATION mi;
- VirtualQuery (sp, &mi, sizeof (mi));
- PDWORD stackTop = (PDWORD)((byte *) mi.BaseAddress + mi.RegionSize);
- int i = 0;
-
- while (retAddrs.size() < 16 && &sp[i] < stackTop)
- {
- if (IsReturnAddress (sp[i]))
- {
- bool duplicate = false;
- foreach (DWORD prevAddr, retAddrs)
- {
- if (sp[i] == prevAddr)
- {
- duplicate = true;
- break;
- }
- }
-
- if (!duplicate)
- retAddrs.push_back (sp[i]);
- }
- i++;
- }
-
- if (retAddrs.size() > 1)
- {
- foreach (DWORD addr, retAddrs)
- {
- callStack << "&st" << frameNumber++ << "=0x" << hex << addr << dec;
- }
- }
-
- // Checksum of the module
- if (GetModuleFileName (NULL, modPath, sizeof (modPath)))
- {
- HANDLE h = CreateFile (modPath, FILE_READ_DATA | FILE_READ_ATTRIBUTES, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
- if (h != INVALID_HANDLE_VALUE)
- {
- BY_HANDLE_FILE_INFORMATION fi;
- if (GetFileInformationByHandle (h, &fi))
- {
- char *buf = (char *) malloc (fi.nFileSizeLow);
- if (buf)
- {
- DWORD bytesRead;
- if (ReadFile (h, buf, fi.nFileSizeLow, &bytesRead, NULL) && bytesRead == fi.nFileSizeLow)
- crc = GetCrc32 ((unsigned char *) buf, fi.nFileSizeLow);
- free (buf);
- }
- }
- CloseHandle (h);
- }
- }
-
- GetSystemInfo (&si);
-
- if (LocalizationActive)
- sprintf_s (lpack, sizeof (lpack), "&langpack=%s_%s", GetPreferredLangId (), GetActiveLangPackVersion ());
- else
- lpack[0] = 0;
-
- sprintf (url, TC_APPLINK_SECURE "&dest=err-report%s&os=%s&osver=%d.%d.%d&arch=%s&cpus=%d&app=%s&cksum=%x&dlg=%s&err=%x&addr=%x"
- , lpack
- , GetWindowsEdition().c_str()
- , CurrentOSMajor
- , CurrentOSMinor
- , CurrentOSServicePack
- , Is64BitOs () ? "x64" : "x86"
- , si.dwNumberOfProcessors
-#ifdef TCMOUNT
- ,"main"
-#endif
-#ifdef VOLFORMAT
- ,"format"
-#endif
-#ifdef SETUP
- ,"setup"
-#endif
- , crc
- , LastDialogId ? LastDialogId : "-"
- , exCode
- , addr);
-
- string urlStr = url + callStack.str();
-
- _snwprintf (msg, array_capacity (msg), GetString ("EXCEPTION_REPORT"), urlStr.c_str());
-
- if (IDYES == MessageBoxW (0, msg, GetString ("EXCEPTION_REPORT_TITLE"), MB_ICONERROR | MB_YESNO | MB_DEFBUTTON1))
- ShellExecute (NULL, "open", urlStr.c_str(), NULL, NULL, SW_SHOWNORMAL);
- else
- UnhandledExceptionFilter (ep);
-}
-
-
-LONG __stdcall ExceptionHandler (EXCEPTION_POINTERS *ep)
-{
- SetUnhandledExceptionFilter (NULL);
-
- if (SystemFileSelectorCallPending && SystemFileSelectorCallerThreadId == GetCurrentThreadId())
- {
- MessageBoxW (NULL, GetString ("EXCEPTION_REPORT_EXT_FILESEL"), GetString ("EXCEPTION_REPORT_TITLE"), MB_ICONERROR | MB_OK | MB_SETFOREGROUND | MB_TOPMOST);
-
- UnhandledExceptionFilter (ep);
- return EXCEPTION_EXECUTE_HANDLER;
- }
-
- ExceptionHandlerThreadArgs args;
- args.ExceptionPointers = ep;
- args.ExceptionThread = GetCurrentThread();
-
- WaitForSingleObject ((HANDLE) _beginthread (ExceptionHandlerThread, 0, &args), INFINITE);
-
- return EXCEPTION_EXECUTE_HANDLER;
-}
-
-
-void InvalidParameterHandler (const wchar_t *expression, const wchar_t *function, const wchar_t *file, unsigned int line, uintptr_t reserved)
-{
- TC_THROW_FATAL_EXCEPTION;
-}
-
-
static LRESULT CALLBACK NonInstallUacWndProc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
{
return DefWindowProc (hWnd, message, wParam, lParam);
@@ -2105,7 +1849,7 @@ BOOL LoadSysEncSettings (HWND hwndDlg)
}
-// Returns the number of partitions where non-system in-place encryption is progress or had been in progress
+// Returns the number of partitions where non-system in-place encryption is or had been in progress
// but was interrupted. In addition, via the passed pointer, returns the last selected wipe algorithm ID.
int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm)
{
@@ -2153,73 +1897,6 @@ void RemoveNonSysInPlaceEncNotifications (void)
}
-void SavePostInstallTasksSettings (int command)
-{
- FILE *f = NULL;
-
- if (IsNonInstallMode() && command != TC_POST_INSTALL_CFG_REMOVE_ALL)
- return;
-
- switch (command)
- {
- case TC_POST_INSTALL_CFG_REMOVE_ALL:
- remove (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL));
- remove (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES));
- break;
-
- case TC_POST_INSTALL_CFG_TUTORIAL:
- f = fopen (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL), "w");
- break;
-
- case TC_POST_INSTALL_CFG_RELEASE_NOTES:
- f = fopen (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES), "w");
- break;
-
- default:
- return;
- }
-
- if (f == NULL)
- return;
-
- if (fputs ("1", f) < 0)
- {
- // Error
- fclose (f);
- return;
- }
-
- TCFlushFile (f);
-
- fclose (f);
-}
-
-
-void DoPostInstallTasks (void)
-{
- BOOL bDone = FALSE;
-
- if (FileExists (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL)))
- {
- if (AskYesNo ("AFTER_INSTALL_TUTORIAL") == IDYES)
- Applink ("beginnerstutorial", TRUE, "");
-
- bDone = TRUE;
- }
-
- if (FileExists (GetConfigPath (TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES)))
- {
- if (AskYesNo ("AFTER_UPGRADE_RELEASE_NOTES") == IDYES)
- Applink ("releasenotes", TRUE, "");
-
- bDone = TRUE;
- }
-
- if (bDone)
- SavePostInstallTasksSettings (TC_POST_INSTALL_CFG_REMOVE_ALL);
-}
-
-
void InitOSVersionInfo ()
{
OSVERSIONINFO os;
@@ -2355,9 +2032,6 @@ void InitApp (HINSTANCE hInstance, char *lpszCommandLine)
}
#endif
- SetUnhandledExceptionFilter (ExceptionHandler);
- _set_invalid_parameter_handler (InvalidParameterHandler);
-
RemoteSession = GetSystemMetrics (SM_REMOTESESSION) != 0;
// OS version check
@@ -2460,8 +2134,6 @@ void InitApp (HINSTANCE hInstance, char *lpszCommandLine)
DialogBoxParamW (hInst, MAKEINTRESOURCEW (IDD_AUXILIARY_DLG), NULL,
(DLGPROC) AuxiliaryDlgProc, (LPARAM) 1);
- InitHelpFileName ();
-
#ifndef SETUP
if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit()))
{
@@ -2471,37 +2143,6 @@ void InitApp (HINSTANCE hInstance, char *lpszCommandLine)
#endif
}
-void InitHelpFileName (void)
-{
- char *lpszTmp;
-
- GetModuleFileName (NULL, szHelpFile, sizeof (szHelpFile));
- lpszTmp = strrchr (szHelpFile, '\\');
- if (lpszTmp)
- {
- char szTemp[TC_MAX_PATH];
-
- // Primary file name
- if (strcmp (GetPreferredLangId(), "en") == 0
- || GetPreferredLangId() == NULL)
- {
- strcpy (++lpszTmp, "TrueCrypt User Guide.pdf");
- }
- else
- {
- sprintf (szTemp, "TrueCrypt User Guide.%s.pdf", GetPreferredLangId());
- strcpy (++lpszTmp, szTemp);
- }
-
- // Secondary file name (used when localized documentation is not found).
- GetModuleFileName (NULL, szHelpFile2, sizeof (szHelpFile2));
- lpszTmp = strrchr (szHelpFile2, '\\');
- if (lpszTmp)
- {
- strcpy (++lpszTmp, "TrueCrypt User Guide.pdf");
- }
- }
-}
BOOL OpenDevice (const char *lpszPath, OPEN_TEST_STRUCT *driver, BOOL detectFilesystem)
{
@@ -2651,6 +2292,63 @@ int IsSystemDevicePath (char *path, HWND hwndDlg, BOOL bReliableRequired)
}
+
+/* Determines whether the path points to a non-system partition on the system drive.
+IMPORTANT: As this may take a very long time if called for the first time, it should be called
+ only before performing a dangerous operation, never at WM_INITDIALOG or any other GUI events.
+Return codes:
+0 - it isn't a non-system partition on the system drive
+1 - it's a non-system partition on the system drive
+-1 - the result can't be determined, isn't reliable, or there was an error. */
+int IsNonSysPartitionOnSysDrive (const char *path)
+{
+ char tmpPath [TC_MAX_PATH + 1];
+ int pos;
+
+ if (!GetSysDevicePaths (MainDlg))
+ return -1;
+
+ if (strlen (SysPartitionDevicePath) <= 1 || strlen (SysDriveDevicePath) <= 1)
+ return -1;
+
+ if (strncmp (path, SysPartitionDevicePath, max (strlen(path), strlen(SysPartitionDevicePath))) == 0
+ || strncmp (path, SysDriveDevicePath, max (strlen(path), strlen(SysDriveDevicePath))) == 0)
+ {
+ // It is the system partition/drive path (it isn't a non-system partition)
+ return 0;
+ }
+
+ memset (tmpPath, 0, sizeof (tmpPath));
+ strncpy (tmpPath, path, sizeof (tmpPath) - 1);
+
+
+ pos = (int) FindString (tmpPath, "Partition", strlen (tmpPath), strlen ("Partition"), 0);
+
+ if (pos < 0)
+ return -1;
+
+ pos += strlen ("Partition");
+
+ if (pos + 1 > sizeof (tmpPath) - 1)
+ return -1;
+
+ tmpPath [pos] = '0';
+ tmpPath [pos + 1] = 0;
+
+ if (strncmp (tmpPath, SysDriveDevicePath, max (strlen(tmpPath), strlen(SysDriveDevicePath))) == 0)
+ {
+ // It is a non-system partition on the system drive
+ return 1;
+ }
+ else
+ {
+ // The partition is not on the system drive
+ return 0;
+ }
+}
+
+
+
wstring GetSysEncryptionPretestInfo2String (void)
{
// This huge string is divided into smaller portions to make it easier for translators to
@@ -3814,7 +3512,11 @@ std::wstring GetWrongPasswordErrorMessage (HWND hwndDlg)
wcscat (szTmp, GetString ("PASSWORD_WRONG_CAPSLOCK_ON"));
#ifdef TCMOUNT
- if (TCBootLoaderOnInactiveSysEncDrive ())
+
+ char szDevicePath [TC_MAX_PATH+1] = {0};
+ GetWindowText (GetDlgItem (MainDlg, IDC_VOLUME), szDevicePath, sizeof (szDevicePath));
+
+ if (TCBootLoaderOnInactiveSysEncDrive (szDevicePath))
{
swprintf (szTmp, GetString (KeyFilesEnable ? "PASSWORD_OR_KEYFILE_OR_MODE_WRONG" : "PASSWORD_OR_MODE_WRONG"));
@@ -4615,8 +4317,6 @@ BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lP
SetDlgItemTextW (hwndDlg, IDC_HW_AES, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? ((driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION) ? "UISTR_DISABLED" : "UISTR_YES") : "NOT_APPLICABLE_OR_NOT_AVAILABLE"))).c_str());
- ToHyperlink (hwndDlg, IDC_HW_AES_LABEL_LINK);
-
if (is_aes_hw_cpu_supported() && (driverConfig & TC_DRIVER_CONFIG_DISABLE_HARDWARE_ENCRYPTION))
{
Warning ("DISABLED_HW_AES_AFFECTS_PERFORMANCE");
@@ -4643,8 +4343,6 @@ BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lP
SetDlgItemTextW (hwndDlg, IDC_PARALLELIZATION, (wstring (L" ") + nbrThreadsStr).c_str());
- ToHyperlink (hwndDlg, IDC_PARALLELIZATION_LABEL_LINK);
-
if (nbrThreads < min (sysInfo.dwNumberOfProcessors, GetMaxEncryptionThreadCount())
&& sysInfo.dwNumberOfProcessors > 1)
{
@@ -4681,16 +4379,6 @@ BOOL CALLBACK BenchmarkDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lP
}
return 1;
- case IDC_HW_AES_LABEL_LINK:
-
- Applink ("hwacceleration", TRUE, "");
- return 1;
-
- case IDC_PARALLELIZATION_LABEL_LINK:
-
- Applink ("parallelization", TRUE, "");
- return 1;
-
case IDCLOSE:
case IDCANCEL:
@@ -5686,6 +5374,8 @@ BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPA
wrec.bottom - wrec.top - vertSubOffset + 1 + vertMsgHeightOffset,
TRUE);
+ DisableCloseButton (hwndDlg);
+
return 1;
}
@@ -5708,7 +5398,8 @@ BOOL CALLBACK MultiChoiceDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPA
break;
case WM_CLOSE:
- EndDialog (hwndDlg, 0);
+ // This prevents the window from being closed by pressing Alt-F4 (the Close button is hidden).
+ // Note that the OS handles modal MessageBox() dialog windows the same way.
return 1;
}
@@ -6352,6 +6043,7 @@ BOOL IsMountedVolume (const char *volname)
}
+// Returns -1 if no drive letter is resolved
int GetMountedVolumeDriveNo (char *volname)
{
MOUNT_LIST_STRUCT mlist;
@@ -7748,6 +7440,13 @@ int AskNoYes (char *stringId)
}
+int AskNoYesString (const wchar_t *string)
+{
+ if (Silent) return IDNO;
+ return MessageBoxW (MainDlg, string, lpszTitle, MB_ICONQUESTION | MB_YESNO | MB_DEFBUTTON2);
+}
+
+
int AskOkCancel (char *stringId)
{
if (Silent) return IDCANCEL;
@@ -7837,8 +7536,7 @@ int AskErrNoYes (char *stringId)
// Input format 2: {L"", L"Message text", L"Button caption 1", ... L"Last button caption", 0};
// The second format is to be used if any of the strings contains format specification (e.g. %s, %d) or
// in any other cases where a string needs to be resolved before calling this function.
-// If the returned value is 0, the user closed the dialog window without making a choice.
-// If the user made a choice, the returned value is the ordinal number of the choice (1..MAX_MULTI_CHOICES)
+// The returned value is the ordinal number of the choice the user selected (1..MAX_MULTI_CHOICES)
int AskMultiChoice (void *strings[], BOOL bBold)
{
MULTI_CHOICE_DLGPROC_PARAMS params;
@@ -7984,36 +7682,6 @@ char *ConfigReadString (char *configKey, char *defaultValue, char *str, int maxL
}
-void OpenPageHelp (HWND hwndDlg, int nPage)
-{
- int r = (int)ShellExecute (NULL, "open", szHelpFile, NULL, NULL, SW_SHOWNORMAL);
-
- if (r == ERROR_FILE_NOT_FOUND)
- {
- // Try the secondary help file
- r = (int)ShellExecute (NULL, "open", szHelpFile2, NULL, NULL, SW_SHOWNORMAL);
-
- if (r == ERROR_FILE_NOT_FOUND)
- {
- OpenOnlineHelp ();
- return;
- }
- }
-
- if (r == SE_ERR_NOASSOC)
- {
- if (AskYesNo ("HELP_READER_ERROR") == IDYES)
- OpenOnlineHelp ();
- }
-}
-
-
-void OpenOnlineHelp ()
-{
- Applink ("help", TRUE, "");
-}
-
-
#ifndef SETUP
void RestoreDefaultKeyFilesParam (void)
@@ -8321,20 +7989,6 @@ std::string GetWindowsEdition ()
}
-void Applink (char *dest, BOOL bSendOS, char *extraOutput)
-{
- char url [MAX_URL_LENGTH];
-
- ArrowWaitCursor ();
-
- sprintf_s (url, sizeof (url), TC_APPLINK "%s%s&dest=%s", bSendOS ? ("&os=" + GetWindowsEdition()).c_str() : "", extraOutput, dest);
- ShellExecute (NULL, "open", url, NULL, NULL, SW_SHOWNORMAL);
-
- Sleep (200);
- NormalCursor ();
-}
-
-
char *RelativePath2Absolute (char *szFileName)
{
if (szFileName[0] != '\\'
@@ -9540,10 +9194,13 @@ BOOL BufferContainsString (const byte *buffer, size_t bufferSize, const char *st
#ifndef SETUP
-int AskNonSysInPlaceEncryptionResume ()
+int AskNonSysInPlaceEncryptionResume (BOOL *decrypt)
{
if (AskWarnYesNo ("NONSYS_INPLACE_ENC_RESUME_PROMPT") == IDYES)
+ {
+ *decrypt = TRUE;
return IDYES;
+ }
char *multiChoiceStr[] = { 0, "ASK_NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL", "DO_NOT_PROMPT_ME", "KEEP_PROMPTING_ME", 0 };
diff --git a/Common/Dlgcode.h b/Common/Dlgcode.h
index 9999494..5405f34 100644
--- a/Common/Dlgcode.h
+++ b/Common/Dlgcode.h
@@ -31,8 +31,7 @@ enum dynamic_gui_element_ids
IDPM_SELECT_DEVICE_AND_MOUNT,
IDPM_ADD_TO_FAVORITES,
IDPM_ADD_TO_SYSTEM_FAVORITES,
- IDM_SHOW_HIDE,
- IDM_HOMEPAGE_SYSTRAY
+ IDM_SHOW_HIDE
};
enum
@@ -74,8 +73,6 @@ enum
#define TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES TC_APP_NAME " System Favorite Volumes.xml"
#define TC_APPD_FILENAME_NONSYS_INPLACE_ENC "In-Place Encryption"
#define TC_APPD_FILENAME_NONSYS_INPLACE_ENC_WIPE "In-Place Encryption Wipe Algo"
-#define TC_APPD_FILENAME_POST_INSTALL_TASK_TUTORIAL "Post-Install Task - Tutorial"
-#define TC_APPD_FILENAME_POST_INSTALL_TASK_RELEASE_NOTES "Post-Install Task - Release Notes"
#ifndef USER_DEFAULT_SCREEN_DPI
#define USER_DEFAULT_SCREEN_DPI 96
@@ -85,17 +82,8 @@ enum
# error Revision of GUI and graphics necessary, since everything assumes default screen DPI as 96 (note that 96 is the default on Windows 2000, XP, and Vista).
#endif
-enum
-{
- TC_POST_INSTALL_CFG_REMOVE_ALL = 0,
- TC_POST_INSTALL_CFG_TUTORIAL,
- TC_POST_INSTALL_CFG_RELEASE_NOTES
-};
-
extern char *LastDialogId;
extern char *ConfigBuffer;
-extern char szHelpFile[TC_MAX_PATH];
-extern char szHelpFile2[TC_MAX_PATH];
extern char SecurityTokenLibraryPath[TC_MAX_PATH];
extern HFONT hFixedDigitFont;
extern HFONT hBoldFont;
@@ -128,6 +116,10 @@ extern WipeAlgorithmId nWipeMode;
extern BOOL bSysPartitionSelected;
extern BOOL bSysDriveSelected;
+extern char SysPartitionDevicePath [TC_MAX_PATH];
+extern char SysDriveDevicePath [TC_MAX_PATH];
+extern char bCachedSysDevicePathsValid;
+
extern BOOL bHyperLinkBeingTracked;
extern BOOL bInPlaceEncNonSysPending;
@@ -284,16 +276,14 @@ uint32 ReadEncryptionThreadPoolFreeCpuCountLimit ();
BOOL LoadSysEncSettings (HWND hwndDlg);
int LoadNonSysInPlaceEncSettings (WipeAlgorithmId *wipeAlgorithm);
void RemoveNonSysInPlaceEncNotifications (void);
-void SavePostInstallTasksSettings (int command);
-void DoPostInstallTasks (void);
void InitOSVersionInfo ();
void InitApp ( HINSTANCE hInstance, char *lpszCommandLine );
-void InitHelpFileName (void);
BOOL OpenDevice (const char *lpszPath, OPEN_TEST_STRUCT *driver, BOOL detectFilesystem);
void NotifyDriverOfPortableMode (void);
int GetAvailableFixedDisks ( HWND hComboBox , char *lpszRootPath );
int GetAvailableRemovables ( HWND hComboBox , char *lpszRootPath );
int IsSystemDevicePath (char *path, HWND hwndDlg, BOOL bReliableRequired);
+int IsNonSysPartitionOnSysDrive (const char *path);
BOOL CALLBACK RawDevicesDlgProc ( HWND hwndDlg , UINT msg , WPARAM wParam , LPARAM lParam );
BOOL TextInfoDialogBox (int nID);
BOOL CALLBACK TextInfoDialogBoxDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam);
@@ -372,7 +362,6 @@ char *GetModPath (char *path, int maxSize);
char *GetConfigPath (char *fileName);
char *GetProgramConfigPath (char *fileName);
char GetSystemDriveLetter (void);
-void OpenPageHelp (HWND hwndDlg, int nPage);
void TaskBarIconDisplayBalloonTooltip (HWND hwnd, wchar_t *headline, wchar_t *text, BOOL warning);
void InfoBalloon (char *headingStringId, char *textStringId);
void InfoBalloonDirect (wchar_t *headingString, wchar_t *textString);
@@ -391,6 +380,7 @@ int AskYesNo (char *stringId);
int AskYesNoString (const wchar_t *str);
int AskYesNoTopmost (char *stringId);
int AskNoYes (char *stringId);
+int AskNoYesString (const wchar_t *string);
int AskOkCancel (char *stringId);
int AskWarnYesNo (char *stringId);
int AskWarnYesNoString (const wchar_t *string);
@@ -421,7 +411,6 @@ BOOL IsServerOS ();
BOOL IsHiddenOSRunning (void);
BOOL EnableWow64FsRedirection (BOOL enable);
BOOL RestartComputer (void);
-void Applink (char *dest, BOOL bSendOS, char *extraOutput);
char *RelativePath2Absolute (char *szFileName);
void HandleDriveNotReadyError ();
BOOL CALLBACK CloseTCWindowsEnum( HWND hwnd, LPARAM lParam);
@@ -431,7 +420,6 @@ void InconsistencyResolved (char *msg);
void ReportUnexpectedState (char *techInfo);
BOOL SelectMultipleFiles (HWND hwndDlg, char *stringId, char *lpszFileName, BOOL keepHistory);
BOOL SelectMultipleFilesNext (char *lpszFileName);
-void OpenOnlineHelp ();
BOOL GetPartitionInfo (const char *deviceName, PPARTITION_INFORMATION rpartInfo);
BOOL GetDeviceInfo (const char *deviceName, DISK_PARTITION_INFO_STRUCT *info);
BOOL GetDriveGeometry (const char *deviceName, PDISK_GEOMETRY diskGeometry);
@@ -443,9 +431,12 @@ int GetTextGfxWidth (HWND hwndDlgItem, const wchar_t *text, HFONT hFont);
int GetTextGfxHeight (HWND hwndDlgItem, const wchar_t *text, HFONT hFont);
BOOL ToHyperlink (HWND hwndDlg, UINT ctrlId);
BOOL ToCustHyperlink (HWND hwndDlg, UINT ctrlId, HFONT hFont);
+void DisableCloseButton (HWND hwndDlg);
+void EnableCloseButton (HWND hwndDlg);
void ToBootPwdField (HWND hwndDlg, UINT ctrlId);
void AccommodateTextField (HWND hwndDlg, UINT ctrlId, BOOL bFirstUpdate, HFONT hFont);
BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize);
+BOOL GetSysDevicePaths (HWND hwndDlg);
BOOL DoDriverInstall (HWND hwndDlg);
int OpenVolume (OpenVolumeContext *context, const char *volumePath, Password *password, BOOL write, BOOL preserveTimestamps, BOOL useBackupHeader);
void CloseVolume (OpenVolumeContext *context);
@@ -460,7 +451,7 @@ BOOL FileHasReadOnlyAttribute (const char *path);
BOOL IsFileOnReadOnlyFilesystem (const char *path);
void CheckFilesystem (int driveNo, BOOL fixErrors);
BOOL BufferContainsString (const byte *buffer, size_t bufferSize, const char *str);
-int AskNonSysInPlaceEncryptionResume ();
+int AskNonSysInPlaceEncryptionResume (BOOL *decrypt);
BOOL RemoveDeviceWriteProtection (HWND hwndDlg, char *devicePath);
void EnableElevatedCursorChange (HWND parent);
BOOL DisableFileCompression (HANDLE file);
diff --git a/Common/Fat.c b/Common/Fat.c
index 6a2c77d..687b9e2 100644
--- a/Common/Fat.c
+++ b/Common/Fat.c
@@ -17,6 +17,7 @@
#include "Crypto.h"
#include "Common/Endian.h"
+#include "Dlgcode.h"
#include "Format.h"
#include "Fat.h"
#include "Progress.h"
@@ -255,191 +256,6 @@ static void PutFSInfo (unsigned char *sector, fatparams *ft)
int
FormatFat (unsigned __int64 startSector, fatparams * ft, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat)
{
- int write_buf_cnt = 0;
- char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf;
- unsigned __int64 nSecNo = startSector;
- int x, n;
- int retVal;
- char temporaryKey[MASTER_KEYDATA_SIZE];
-
- LARGE_INTEGER startOffset;
- LARGE_INTEGER newOffset;
-
- // Seek to start sector
- startOffset.QuadPart = startSector * ft->sector_size;
- if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN)
- || newOffset.QuadPart != startOffset.QuadPart)
- {
- return ERR_VOL_SEEKING;
- }
-
- /* Write the data area */
-
- write_buf = (char *)TCalloc (FormatWriteBufferSize);
- if (!write_buf)
- return ERR_OUTOFMEMORY;
-
- memset (sector, 0, ft->sector_size);
-
- RandgetBytes (ft->volume_id, sizeof (ft->volume_id), FALSE);
-
- PutBoot (ft, (unsigned char *) sector);
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
-
- /* fat32 boot area */
- if (ft->size_fat == 32)
- {
- /* fsinfo */
- PutFSInfo((unsigned char *) sector, ft);
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
-
- /* reserved */
- while (nSecNo - startSector < 6)
- {
- memset (sector, 0, ft->sector_size);
- sector[508+3]=0xaa; /* TrailSig */
- sector[508+2]=0x55;
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
- }
-
- /* bootsector backup */
- memset (sector, 0, ft->sector_size);
- PutBoot (ft, (unsigned char *) sector);
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
-
- PutFSInfo((unsigned char *) sector, ft);
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
- }
-
- /* reserved */
- while (nSecNo - startSector < (unsigned int)ft->reserved)
- {
- memset (sector, 0, ft->sector_size);
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
- }
-
- /* write fat */
- for (x = 1; x <= ft->fats; x++)
- {
- for (n = 0; n < ft->fat_length; n++)
- {
- memset (sector, 0, ft->sector_size);
-
- if (n == 0)
- {
- unsigned char fat_sig[12];
- if (ft->size_fat == 32)
- {
- fat_sig[0] = (unsigned char) ft->media;
- fat_sig[1] = fat_sig[2] = 0xff;
- fat_sig[3] = 0x0f;
- fat_sig[4] = fat_sig[5] = fat_sig[6] = 0xff;
- fat_sig[7] = 0x0f;
- fat_sig[8] = fat_sig[9] = fat_sig[10] = 0xff;
- fat_sig[11] = 0x0f;
- memcpy (sector, fat_sig, 12);
- }
- else if (ft->size_fat == 16)
- {
- fat_sig[0] = (unsigned char) ft->media;
- fat_sig[1] = 0xff;
- fat_sig[2] = 0xff;
- fat_sig[3] = 0xff;
- memcpy (sector, fat_sig, 4);
- }
- else if (ft->size_fat == 12)
- {
- fat_sig[0] = (unsigned char) ft->media;
- fat_sig[1] = 0xff;
- fat_sig[2] = 0xff;
- fat_sig[3] = 0x00;
- memcpy (sector, fat_sig, 4);
- }
- }
-
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
- }
- }
-
-
- /* write rootdir */
- for (x = 0; x < ft->size_root_dir / ft->sector_size; x++)
- {
- memset (sector, 0, ft->sector_size);
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
-
- }
-
- /* Fill the rest of the data area with random data */
-
- if(!quickFormat)
- {
- if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo))
- goto fail;
-
- /* Generate a random temporary key set to be used for "dummy" encryption that will fill
- the free disk space (data area) with random data. This is necessary for plausible
- deniability of hidden volumes (and also reduces the amount of predictable plaintext
- within the volume). */
-
- // Temporary master key
- if (!RandgetBytes (temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE))
- goto fail;
-
- // Temporary secondary key (XTS mode)
- if (!RandgetBytes (cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE))
- goto fail;
-
- retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks);
- if (retVal != ERR_SUCCESS)
- {
- burn (temporaryKey, sizeof(temporaryKey));
- return retVal;
- }
- if (!EAInitMode (cryptoInfo))
- {
- burn (temporaryKey, sizeof(temporaryKey));
- return ERR_MODE_INIT_FAILED;
- }
-
- x = ft->num_sectors - ft->reserved - ft->size_root_dir / ft->sector_size - ft->fat_length * 2;
- while (x--)
- {
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
- }
- UpdateProgressBar (nSecNo * ft->sector_size);
- }
- else
- UpdateProgressBar ((uint64) ft->num_sectors * ft->sector_size);
-
- if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo))
- goto fail;
-
- TCfree (write_buf);
- burn (temporaryKey, sizeof(temporaryKey));
+ AbortProcess ("INSECURE_APP");
return 0;
-
-fail:
-
- TCfree (write_buf);
- burn (temporaryKey, sizeof(temporaryKey));
- return ERR_OS_ERROR;
}
diff --git a/Common/Format.c b/Common/Format.c
index 49365a1..e3dafb3 100644
--- a/Common/Format.c
+++ b/Common/Format.c
@@ -72,715 +72,15 @@ uint64 GetVolumeDataAreaSize (BOOL hiddenVolume, uint64 volumeSize)
int TCFormatVolume (volatile FORMAT_VOL_PARAMETERS *volParams)
{
- int nStatus;
- PCRYPTO_INFO cryptoInfo = NULL;
- HANDLE dev = INVALID_HANDLE_VALUE;
- DWORD dwError;
- char header[TC_VOLUME_HEADER_EFFECTIVE_SIZE];
- unsigned __int64 num_sectors, startSector;
- fatparams ft;
- FILETIME ftCreationTime;
- FILETIME ftLastWriteTime;
- FILETIME ftLastAccessTime;
- BOOL bTimeStampValid = FALSE;
- BOOL bInstantRetryOtherFilesys = FALSE;
- char dosDev[TC_MAX_PATH] = { 0 };
- char devName[MAX_PATH] = { 0 };
- int driveLetter = -1;
- WCHAR deviceName[MAX_PATH];
- uint64 dataOffset, dataAreaSize;
- LARGE_INTEGER offset;
- BOOL bFailedRequiredDASD = FALSE;
-
- FormatSectorSize = volParams->sectorSize;
-
- if (FormatSectorSize < TC_MIN_VOLUME_SECTOR_SIZE
- || FormatSectorSize > TC_MAX_VOLUME_SECTOR_SIZE
- || FormatSectorSize % ENCRYPTION_DATA_UNIT_SIZE != 0)
- {
- Error ("SECTOR_SIZE_UNSUPPORTED");
- return ERR_DONT_REPORT;
- }
-
- /* WARNING: Note that if Windows fails to format the volume as NTFS and the volume size is
- less than the maximum FAT size, the user is asked within this function whether he wants to instantly
- retry FAT format instead (to avoid having to re-create the whole container again). If the user
- answers yes, some of the input parameters are modified, the code below 'begin_format' is re-executed
- and some destructive operations that were performed during the first attempt must be (and are) skipped.
- Therefore, whenever adding or modifying any potentially destructive operations below 'begin_format',
- determine whether they (or their portions) need to be skipped during such a second attempt; if so,
- use the 'bInstantRetryOtherFilesys' flag to skip them. */
-
- if (volParams->hiddenVol)
- {
- dataOffset = volParams->hiddenVolHostSize - TC_VOLUME_HEADER_GROUP_SIZE - volParams->size;
- }
- else
- {
- if (volParams->size <= TC_TOTAL_VOLUME_HEADERS_SIZE)
- return ERR_VOL_SIZE_WRONG;
-
- dataOffset = TC_VOLUME_DATA_OFFSET;
- }
-
- dataAreaSize = GetVolumeDataAreaSize (volParams->hiddenVol, volParams->size);
-
- num_sectors = dataAreaSize / FormatSectorSize;
-
- if (volParams->bDevice)
- {
- strcpy ((char *)deviceName, volParams->volumePath);
- ToUNICODE ((char *)deviceName);
-
- driveLetter = GetDiskDeviceDriveLetter (deviceName);
- }
-
- VirtualLock (header, sizeof (header));
-
- nStatus = CreateVolumeHeaderInMemory (FALSE,
- header,
- volParams->ea,
- FIRST_MODE_OF_OPERATION_ID,
- volParams->password,
- volParams->pkcs5,
- NULL,
- &cryptoInfo,
- dataAreaSize,
- volParams->hiddenVol ? dataAreaSize : 0,
- dataOffset,
- dataAreaSize,
- 0,
- volParams->headerFlags,
- FormatSectorSize,
- FALSE);
-
- if (nStatus != 0)
- {
- burn (header, sizeof (header));
- VirtualUnlock (header, sizeof (header));
- return nStatus;
- }
-
-begin_format:
-
- if (volParams->bDevice)
- {
- /* Device-hosted volume */
-
- DWORD dwResult;
- int nPass;
-
- if (FakeDosNameForDevice (volParams->volumePath, dosDev, devName, FALSE) != 0)
- return ERR_OS_ERROR;
-
- if (IsDeviceMounted (devName))
- {
- if ((dev = DismountDrive (devName, volParams->volumePath)) == INVALID_HANDLE_VALUE)
- {
- Error ("FORMAT_CANT_DISMOUNT_FILESYS");
- nStatus = ERR_DONT_REPORT;
- goto error;
- }
-
- /* Gain "raw" access to the partition (it contains a live filesystem and the filesystem driver
- would otherwise prevent us from writing to hidden sectors). */
-
- if (!DeviceIoControl (dev,
- FSCTL_ALLOW_EXTENDED_DASD_IO,
- NULL,
- 0,
- NULL,
- 0,
- &dwResult,
- NULL))
- {
- bFailedRequiredDASD = TRUE;
- }
- }
- else if (IsOSAtLeast (WIN_VISTA) && driveLetter == -1)
- {
- // Windows Vista doesn't allow overwriting sectors belonging to an unformatted partition
- // to which no drive letter has been assigned under the system. This problem can be worked
- // around by assigning a drive letter to the partition temporarily.
-
- char szDriveLetter[] = { 'A', ':', 0 };
- char rootPath[] = { 'A', ':', '\\', 0 };
- char uniqVolName[MAX_PATH+1] = { 0 };
- int tmpDriveLetter = -1;
- BOOL bResult = FALSE;
-
- tmpDriveLetter = GetFirstAvailableDrive ();
-
- if (tmpDriveLetter != -1)
- {
- rootPath[0] += (char) tmpDriveLetter;
- szDriveLetter[0] += (char) tmpDriveLetter;
-
- if (DefineDosDevice (DDD_RAW_TARGET_PATH, szDriveLetter, volParams->volumePath))
- {
- bResult = GetVolumeNameForVolumeMountPoint (rootPath, uniqVolName, MAX_PATH);
-
- DefineDosDevice (DDD_RAW_TARGET_PATH|DDD_REMOVE_DEFINITION|DDD_EXACT_MATCH_ON_REMOVE,
- szDriveLetter,
- volParams->volumePath);
-
- if (bResult
- && SetVolumeMountPoint (rootPath, uniqVolName))
- {
- // The drive letter can be removed now
- DeleteVolumeMountPoint (rootPath);
- }
- }
- }
- }
-
- // For extra safety, we will try to gain "raw" access to the partition. Note that this should actually be
- // redundant because if the filesystem was mounted, we already tried to obtain DASD above. If we failed,
- // bFailedRequiredDASD was set to TRUE and therefore we will perform pseudo "quick format" below. However,
- // for extra safety, in case IsDeviceMounted() failed to detect a live filesystem, we will blindly
- // send FSCTL_ALLOW_EXTENDED_DASD_IO (possibly for a second time) without checking the result.
-
- DeviceIoControl (dev,
- FSCTL_ALLOW_EXTENDED_DASD_IO,
- NULL,
- 0,
- NULL,
- 0,
- &dwResult,
- NULL);
-
-
- // If DASD is needed but we failed to obtain it, perform open - 'quick format' - close - open
- // so that the filesystem driver does not prevent us from formatting hidden sectors.
- for (nPass = (bFailedRequiredDASD ? 0 : 1); nPass < 2; nPass++)
- {
- int retryCount;
-
- retryCount = 0;
-
- // Try exclusive access mode first
- // Note that when exclusive access is denied, it is worth retrying (usually succeeds after a few tries).
- while (dev == INVALID_HANDLE_VALUE && retryCount++ < EXCL_ACCESS_MAX_AUTO_RETRIES)
- {
- dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
-
- if (retryCount > 1)
- Sleep (EXCL_ACCESS_AUTO_RETRY_DELAY);
- }
-
- if (dev == INVALID_HANDLE_VALUE)
- {
- // Exclusive access denied -- retry in shared mode
- dev = CreateFile (devName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, 0, NULL);
- if (dev != INVALID_HANDLE_VALUE)
- {
- if (IDNO == MessageBoxW (volParams->hwndDlg, GetString ("DEVICE_IN_USE_FORMAT"), lpszTitle, MB_YESNO|MB_ICONWARNING|MB_DEFBUTTON2))
- {
- nStatus = ERR_DONT_REPORT;
- goto error;
- }
- }
- else
- {
- handleWin32Error (volParams->hwndDlg);
- Error ("CANT_ACCESS_VOL");
- nStatus = ERR_DONT_REPORT;
- goto error;
- }
- }
-
- if (volParams->hiddenVol || bInstantRetryOtherFilesys)
- break; // The following "quick format" operation would damage the outer volume
-
- if (nPass == 0)
- {
- char buf [2 * TC_MAX_VOLUME_SECTOR_SIZE];
- DWORD bw;
-
- // Perform pseudo "quick format" so that the filesystem driver does not prevent us from
- // formatting hidden sectors
- memset (buf, 0, sizeof (buf));
-
- if (!WriteFile (dev, buf, sizeof (buf), &bw, NULL))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- FlushFileBuffers (dev);
- CloseHandle (dev);
- dev = INVALID_HANDLE_VALUE;
- }
- }
-
- if (DeviceIoControl (dev, FSCTL_IS_VOLUME_MOUNTED, NULL, 0, NULL, 0, &dwResult, NULL))
- {
- Error ("FORMAT_CANT_DISMOUNT_FILESYS");
- nStatus = ERR_DONT_REPORT;
- goto error;
- }
- }
- else
- {
- /* File-hosted volume */
-
- dev = CreateFile (volParams->volumePath, GENERIC_READ | GENERIC_WRITE,
- (volParams->hiddenVol || bInstantRetryOtherFilesys) ? (FILE_SHARE_READ | FILE_SHARE_WRITE) : 0,
- NULL, (volParams->hiddenVol || bInstantRetryOtherFilesys) ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL);
-
- if (dev == INVALID_HANDLE_VALUE)
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- DisableFileCompression (dev);
-
- if (!volParams->hiddenVol && !bInstantRetryOtherFilesys)
- {
- LARGE_INTEGER volumeSize;
- volumeSize.QuadPart = dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE;
-
- if (volParams->sparseFileSwitch && volParams->quickFormat)
- {
- // Create as sparse file container
- DWORD tmp;
- if (!DeviceIoControl (dev, FSCTL_SET_SPARSE, NULL, 0, NULL, 0, &tmp, NULL))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
- }
-
- // Preallocate the file
- if (!SetFilePointerEx (dev, volumeSize, NULL, FILE_BEGIN)
- || !SetEndOfFile (dev)
- || SetFilePointer (dev, 0, NULL, FILE_BEGIN) != 0)
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
- }
- }
-
- if (volParams->hiddenVol && !volParams->bDevice && bPreserveTimestamp)
- {
- if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0)
- bTimeStampValid = FALSE;
- else
- bTimeStampValid = TRUE;
- }
-
- KillTimer (volParams->hwndDlg, TIMER_ID_RANDVIEW);
-
- /* Volume header */
-
- // Hidden volume setup
- if (volParams->hiddenVol)
- {
- LARGE_INTEGER headerOffset;
-
- // Check hidden volume size
- if (volParams->hiddenVolHostSize < TC_MIN_HIDDEN_VOLUME_HOST_SIZE || volParams->hiddenVolHostSize > TC_MAX_HIDDEN_VOLUME_HOST_SIZE)
- {
- nStatus = ERR_VOL_SIZE_WRONG;
- goto error;
- }
-
- // Seek to hidden volume header location
-
- headerOffset.QuadPart = TC_HIDDEN_VOLUME_HEADER_OFFSET;
-
- if (!SetFilePointerEx ((HANDLE) dev, headerOffset, NULL, FILE_BEGIN))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
- }
- else if (bInstantRetryOtherFilesys)
- {
- // The previous file system format failed and the user wants to try again with a different file system.
- // The volume header had been written successfully so we need to seek to the byte after the header.
-
- LARGE_INTEGER offset;
- offset.QuadPart = TC_VOLUME_DATA_OFFSET;
- if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
- }
-
- if (!bInstantRetryOtherFilesys)
- {
- // Write the volume header
- if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- // To prevent fragmentation, write zeroes to reserved header sectors which are going to be filled with random data
- if (!volParams->bDevice && !volParams->hiddenVol)
- {
- byte buf[TC_VOLUME_HEADER_GROUP_SIZE - TC_VOLUME_HEADER_EFFECTIVE_SIZE];
- DWORD bytesWritten;
- ZeroMemory (buf, sizeof (buf));
-
- if (!WriteFile (dev, buf, sizeof (buf), &bytesWritten, NULL))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- if (bytesWritten != sizeof (buf))
- {
- nStatus = ERR_PARAMETER_INCORRECT;
- goto error;
- }
- }
- }
-
- if (volParams->hiddenVol)
- {
- // Calculate data area position of hidden volume
- cryptoInfo->hiddenVolumeOffset = dataOffset;
-
- // Validate the offset
- if (dataOffset % FormatSectorSize != 0)
- {
- nStatus = ERR_VOL_SIZE_WRONG;
- goto error;
- }
-
- volParams->quickFormat = TRUE; // To entirely format a hidden volume would be redundant
- }
-
- /* Data area */
- startSector = dataOffset / FormatSectorSize;
-
- // Format filesystem
-
- switch (volParams->fileSystem)
- {
- case FILESYS_NONE:
- case FILESYS_NTFS:
-
- if (volParams->bDevice && !StartFormatWriteThread())
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- nStatus = FormatNoFs (startSector, num_sectors, dev, cryptoInfo, volParams->quickFormat);
-
- if (volParams->bDevice)
- StopFormatWriteThread();
-
- break;
-
- case FILESYS_FAT:
- if (num_sectors > 0xFFFFffff)
- {
- nStatus = ERR_VOL_SIZE_WRONG;
- goto error;
- }
-
- // Calculate the fats, root dir etc
- ft.num_sectors = (unsigned int) (num_sectors);
-
-#if TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF
-#error TC_MAX_VOLUME_SECTOR_SIZE > 0xFFFF
-#endif
-
- ft.sector_size = (uint16) FormatSectorSize;
- ft.cluster_size = volParams->clusterSize;
- memcpy (ft.volume_name, "NO NAME ", 11);
- GetFatParams (&ft);
- *(volParams->realClusterSize) = ft.cluster_size * FormatSectorSize;
-
- if (volParams->bDevice && !StartFormatWriteThread())
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- nStatus = FormatFat (startSector, &ft, (void *) dev, cryptoInfo, volParams->quickFormat);
-
- if (volParams->bDevice)
- StopFormatWriteThread();
-
- break;
-
- default:
- nStatus = ERR_PARAMETER_INCORRECT;
- goto error;
- }
-
- if (nStatus != ERR_SUCCESS)
- goto error;
-
- // Write header backup
- offset.QuadPart = volParams->hiddenVol ? volParams->hiddenVolHostSize - TC_HIDDEN_VOLUME_HEADER_OFFSET : dataAreaSize + TC_VOLUME_HEADER_GROUP_SIZE;
-
- if (!SetFilePointerEx ((HANDLE) dev, offset, NULL, FILE_BEGIN))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- nStatus = CreateVolumeHeaderInMemory (FALSE,
- header,
- volParams->ea,
- FIRST_MODE_OF_OPERATION_ID,
- volParams->password,
- volParams->pkcs5,
- cryptoInfo->master_keydata,
- &cryptoInfo,
- dataAreaSize,
- volParams->hiddenVol ? dataAreaSize : 0,
- dataOffset,
- dataAreaSize,
- 0,
- volParams->headerFlags,
- FormatSectorSize,
- FALSE);
-
- if (!WriteEffectiveVolumeHeader (volParams->bDevice, dev, header))
- {
- nStatus = ERR_OS_ERROR;
- goto error;
- }
-
- // Fill reserved header sectors (including the backup header area) with random data
- if (!volParams->hiddenVol)
- {
- nStatus = WriteRandomDataToReservedHeaderAreas (dev, cryptoInfo, dataAreaSize, FALSE, FALSE);
-
- if (nStatus != ERR_SUCCESS)
- goto error;
- }
-
-#ifndef DEBUG
- if (volParams->quickFormat && volParams->fileSystem != FILESYS_NTFS)
- Sleep (500); // User-friendly GUI
-#endif
-
-error:
- dwError = GetLastError();
-
- burn (header, sizeof (header));
- VirtualUnlock (header, sizeof (header));
-
- if (dev != INVALID_HANDLE_VALUE)
- {
- if (!volParams->bDevice && !volParams->hiddenVol && nStatus != 0)
- {
- // Remove preallocated part before closing file handle if format failed
- if (SetFilePointer (dev, 0, NULL, FILE_BEGIN) == 0)
- SetEndOfFile (dev);
- }
-
- FlushFileBuffers (dev);
-
- if (bTimeStampValid)
- SetFileTime (dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime);
-
- CloseHandle (dev);
- dev = INVALID_HANDLE_VALUE;
- }
-
- if (nStatus != 0)
- {
- SetLastError(dwError);
- goto fv_end;
- }
-
- if (volParams->fileSystem == FILESYS_NTFS)
- {
- // Quick-format volume as NTFS
- int driveNo = GetLastAvailableDrive ();
- MountOptions mountOptions;
- int retCode;
-
- ZeroMemory (&mountOptions, sizeof (mountOptions));
-
- if (driveNo == -1)
- {
- MessageBoxW (volParams->hwndDlg, GetString ("NO_FREE_DRIVES"), lpszTitle, ICON_HAND);
- MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);
-
- nStatus = ERR_NO_FREE_DRIVES;
- goto fv_end;
- }
-
- mountOptions.ReadOnly = FALSE;
- mountOptions.Removable = FALSE;
- mountOptions.ProtectHiddenVolume = FALSE;
- mountOptions.PreserveTimestamp = bPreserveTimestamp;
- mountOptions.PartitionInInactiveSysEncScope = FALSE;
- mountOptions.UseBackupHeader = FALSE;
-
- if (MountVolume (volParams->hwndDlg, driveNo, volParams->volumePath, volParams->password, FALSE, TRUE, &mountOptions, FALSE, TRUE) < 1)
- {
- MessageBoxW (volParams->hwndDlg, GetString ("CANT_MOUNT_VOLUME"), lpszTitle, ICON_HAND);
- MessageBoxW (volParams->hwndDlg, GetString ("FORMAT_NTFS_STOP"), lpszTitle, ICON_HAND);
- nStatus = ERR_VOL_MOUNT_FAILED;
- goto fv_end;
- }
-
- if (!IsAdmin () && IsUacSupported ())
- retCode = UacFormatNtfs (volParams->hwndDlg, driveNo, volParams->clusterSize);
- else
- retCode = FormatNtfs (driveNo, volParams->clusterSize);
-
- if (retCode != TRUE)
- {
- if (!UnmountVolume (volParams->hwndDlg, driveNo, FALSE))
- MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND);
-
- if (dataAreaSize <= TC_MAX_FAT_SECTOR_COUNT * FormatSectorSize)
- {
- if (AskErrYesNo ("FORMAT_NTFS_FAILED_ASK_FAT") == IDYES)
- {
- // NTFS format failed and the user wants to try FAT format immediately
- volParams->fileSystem = FILESYS_FAT;
- bInstantRetryOtherFilesys = TRUE;
- volParams->quickFormat = TRUE; // Volume has already been successfully TC-formatted
- volParams->clusterSize = 0; // Default cluster size
- goto begin_format;
- }
- }
- else
- Error ("FORMAT_NTFS_FAILED");
-
- nStatus = ERR_DONT_REPORT;
- goto fv_end;
- }
-
- if (!UnmountVolume (volParams->hwndDlg, driveNo, FALSE))
- MessageBoxW (volParams->hwndDlg, GetString ("CANT_DISMOUNT_VOLUME"), lpszTitle, ICON_HAND);
- }
-
-fv_end:
- dwError = GetLastError();
-
- if (dosDev[0])
- RemoveFakeDosName (volParams->volumePath, dosDev);
-
- crypto_close (cryptoInfo);
-
- SetLastError (dwError);
- return nStatus;
+ AbortProcess ("INSECURE_APP");
+ return 0;
}
-int FormatNoFs (unsigned __int64 startSector, __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat)
+int FormatNoFs(unsigned __int64 startSector, __int64 num_sectors, void * dev, PCRYPTO_INFO cryptoInfo, BOOL quickFormat)
{
- int write_buf_cnt = 0;
- char sector[TC_MAX_VOLUME_SECTOR_SIZE], *write_buf;
- unsigned __int64 nSecNo = startSector;
- int retVal = 0;
- DWORD err;
- char temporaryKey[MASTER_KEYDATA_SIZE];
- char originalK2[MASTER_KEYDATA_SIZE];
-
- LARGE_INTEGER startOffset;
- LARGE_INTEGER newOffset;
-
- // Seek to start sector
- startOffset.QuadPart = startSector * FormatSectorSize;
- if (!SetFilePointerEx ((HANDLE) dev, startOffset, &newOffset, FILE_BEGIN)
- || newOffset.QuadPart != startOffset.QuadPart)
- {
- return ERR_OS_ERROR;
- }
-
- write_buf = (char *)TCalloc (FormatWriteBufferSize);
- if (!write_buf)
- return ERR_OUTOFMEMORY;
-
- VirtualLock (temporaryKey, sizeof (temporaryKey));
- VirtualLock (originalK2, sizeof (originalK2));
-
- memset (sector, 0, sizeof (sector));
-
- // Remember the original secondary key (XTS mode) before generating a temporary one
- memcpy (originalK2, cryptoInfo->k2, sizeof (cryptoInfo->k2));
-
- /* Fill the rest of the data area with random data */
-
- if(!quickFormat)
- {
- /* Generate a random temporary key set to be used for "dummy" encryption that will fill
- the free disk space (data area) with random data. This is necessary for plausible
- deniability of hidden volumes. */
-
- // Temporary master key
- if (!RandgetBytes (temporaryKey, EAGetKeySize (cryptoInfo->ea), FALSE))
- goto fail;
-
- // Temporary secondary key (XTS mode)
- if (!RandgetBytes (cryptoInfo->k2, sizeof cryptoInfo->k2, FALSE))
- goto fail;
-
- retVal = EAInit (cryptoInfo->ea, temporaryKey, cryptoInfo->ks);
- if (retVal != ERR_SUCCESS)
- goto fail;
-
- if (!EAInitMode (cryptoInfo))
- {
- retVal = ERR_MODE_INIT_FAILED;
- goto fail;
- }
-
- while (num_sectors--)
- {
- if (WriteSector (dev, sector, write_buf, &write_buf_cnt, &nSecNo,
- cryptoInfo) == FALSE)
- goto fail;
- }
-
- if (!FlushFormatWriteBuffer (dev, write_buf, &write_buf_cnt, &nSecNo, cryptoInfo))
- goto fail;
- }
- else
- nSecNo = num_sectors;
-
- UpdateProgressBar (nSecNo * FormatSectorSize);
-
- // Restore the original secondary key (XTS mode) in case NTFS format fails and the user wants to try FAT immediately
- memcpy (cryptoInfo->k2, originalK2, sizeof (cryptoInfo->k2));
-
- // Reinitialize the encryption algorithm and mode in case NTFS format fails and the user wants to try FAT immediately
- retVal = EAInit (cryptoInfo->ea, cryptoInfo->master_keydata, cryptoInfo->ks);
- if (retVal != ERR_SUCCESS)
- goto fail;
- if (!EAInitMode (cryptoInfo))
- {
- retVal = ERR_MODE_INIT_FAILED;
- goto fail;
- }
-
- burn (temporaryKey, sizeof(temporaryKey));
- burn (originalK2, sizeof(originalK2));
- VirtualUnlock (temporaryKey, sizeof (temporaryKey));
- VirtualUnlock (originalK2, sizeof (originalK2));
- TCfree (write_buf);
-
+ AbortProcess ("INSECURE_APP");
return 0;
-
-fail:
- err = GetLastError();
-
- burn (temporaryKey, sizeof(temporaryKey));
- burn (originalK2, sizeof(originalK2));
- VirtualUnlock (temporaryKey, sizeof (temporaryKey));
- VirtualUnlock (originalK2, sizeof (originalK2));
- TCfree (write_buf);
-
- SetLastError (err);
- return (retVal ? retVal : ERR_OS_ERROR);
}
@@ -795,36 +95,8 @@ BOOLEAN __stdcall FormatExCallback (int command, DWORD subCommand, PVOID paramet
BOOL FormatNtfs (int driveNo, int clusterSize)
{
- WCHAR dir[8] = { (WCHAR) driveNo + 'A', 0 };
- PFORMATEX FormatEx;
- HMODULE hModule = LoadLibrary ("fmifs.dll");
- int i;
-
- if (hModule == NULL)
- return FALSE;
-
- if (!(FormatEx = (PFORMATEX) GetProcAddress (GetModuleHandle ("fmifs.dll"), "FormatEx")))
- {
- FreeLibrary (hModule);
- return FALSE;
- }
-
- wcscat (dir, L":\\");
-
- FormatExResult = FALSE;
-
- // Windows sometimes fails to format a volume (hosted on a removable medium) as NTFS.
- // It often helps to retry several times.
- for (i = 0; i < 50 && FormatExResult != TRUE; i++)
- {
- FormatEx (dir, FMIFS_HARDDISK, L"NTFS", L"", TRUE, clusterSize * FormatSectorSize, FormatExCallback);
- }
-
- // The device may be referenced for some time after FormatEx() returns
- Sleep (2000);
-
- FreeLibrary (hModule);
- return FormatExResult;
+ AbortProcess ("INSECURE_APP");
+ return 0;
}
diff --git a/Common/Keyfiles.c b/Common/Keyfiles.c
index d5ce556..b9055be 100644
--- a/Common/Keyfiles.c
+++ b/Common/Keyfiles.c
@@ -452,8 +452,6 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
SetCheckBox (hwndDlg, IDC_KEYFILES_ENABLE, param->EnableKeyFiles);
SetWindowTextW(GetDlgItem(hwndDlg, IDT_KEYFILES_NOTE), GetString ("KEYFILES_NOTE"));
-
- ToHyperlink (hwndDlg, IDC_LINK_KEYFILES_INFO);
}
return 1;
@@ -544,11 +542,6 @@ BOOL CALLBACK KeyFilesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
return 1;
}
- if (lw == IDC_LINK_KEYFILES_INFO)
- {
- Applink ("keyfiles", TRUE, "");
- }
-
if (lw == IDOK)
{
param->EnableKeyFiles = IsButtonChecked (GetDlgItem (hwndDlg, IDC_KEYFILES_ENABLE));
diff --git a/Common/Language.c b/Common/Language.c
index d57127d..6792933 100644
--- a/Common/Language.c
+++ b/Common/Language.c
@@ -144,10 +144,10 @@ BOOL LoadLanguageFile ()
XmlGetAttributeText (xml, "prog-version", attr, sizeof (attr));
// Check version of external language file
- if (defaultLangParsed && strcmp (attr, VERSION_STRING) && strcmp (attr, "DEBUG"))
+ if (defaultLangParsed && strcmp (attr, VERSION_STRING) && strcmp (attr, "DEBUG") && strcmp (attr, "7.1a"))
{
wchar_t m[2048];
- swprintf (m, L"The installed language pack is incompatible with this version of TrueCrypt (the language pack is for TrueCrypt %hs). A newer version may be available at www.truecrypt.org.\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\TrueCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\TrueCrypt', etc.)", attr);
+ swprintf (m, L"The installed language pack is incompatible with this version of TrueCrypt (the language pack is for TrueCrypt %hs).\n\nTo prevent this message from being displayed, do any of the following:\n\n- Select 'Settings' > 'Language'; then select 'English' and click 'OK'.\n\n- Remove or replace the language pack with a compatible version (the language pack may reside e.g. in 'C:\\Program Files\\TrueCrypt' or '%%LOCALAPPDATA%%\\VirtualStore\\Program Files\\TrueCrypt', etc.)", attr);
MessageBoxW (NULL, m, L"TrueCrypt", MB_ICONERROR);
continue;
}
@@ -331,7 +331,6 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
BOOL defaultLangFound = FALSE;
LocalizeDialog (hwndDlg, "IDD_LANGUAGE");
- ToHyperlink (hwndDlg, IDC_GET_LANG_PACKS);
for (xml = MapFirstLanguageFile (); xml != NULL; xml = MapNextLanguageFile ())
{
@@ -459,21 +458,6 @@ BOOL CALLBACK LanguageDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
EndDialog (hwndDlg, lw);
return 1;
}
-
- if (lw == IDC_GET_LANG_PACKS)
- {
- char tmpstr [256];
-
- if (strlen (ActiveLangPackVersion) > 0 && strlen (GetPreferredLangId()) > 0)
- sprintf (tmpstr, "&langpackversion=%s&lang=%s", ActiveLangPackVersion, GetPreferredLangId());
- else
- tmpstr[0] = 0;
-
- Applink ("localizations", TRUE, tmpstr);
-
- return 1;
- }
- return 0;
}
return 0;
diff --git a/Common/Language.xml b/Common/Language.xml
index e87cad8..819a0b0 100644
--- a/Common/Language.xml
+++ b/Common/Language.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<TrueCrypt>
- <localization prog-version="7.1a">
+ <localization prog-version="7.2">
<!-- Languages -->
<language langid="en" name="English" en-name="English" version="0.0.0" translators="" />
<!-- Fonts -->
@@ -13,7 +13,6 @@
<control lang="en" key="IDC_ALL_USERS">Install &amp;for all users</control>
<control lang="en" key="IDC_BROWSE">Bro&amp;wse...</control>
<control lang="en" key="IDC_DESKTOP_ICON">Add TrueCrypt icon to &amp;desktop</control>
- <control lang="en" key="IDC_DONATE">Donate now...</control>
<control lang="en" key="IDC_FILE_TYPE">Associate the .tc file &amp;extension with TrueCrypt</control>
<control lang="en" key="IDC_OPEN_CONTAINING_FOLDER">&amp;Open the destination location when finished</control>
<control lang="en" key="IDC_PROG_GROUP">Add TrueCrypt to &amp;Start menu</control>
@@ -37,20 +36,13 @@
<control lang="en" key="IDC_DOWNLOAD_CD_BURN_SOFTWARE">Download CD/DVD recording software</control>
<control lang="en" key="IDC_FILE_CONTAINER">Create an encrypted file container</control>
<control lang="en" key="IDC_GB">&amp;GB</control>
- <control lang="en" key="IDC_HIDDEN_SYSENC_INFO_LINK">More information</control>
<control lang="en" key="IDC_HIDDEN_VOL">Hi&amp;dden TrueCrypt volume </control>
- <control lang="en" key="IDC_HIDDEN_VOL_HELP">More information about hidden volumes</control>
<control lang="en" key="IDC_HIDVOL_WIZ_MODE_DIRECT">Direct mode</control>
<control lang="en" key="IDC_HIDVOL_WIZ_MODE_FULL">Normal mode</control>
<control lang="en" key="IDC_KB">&amp;KB</control>
<control lang="en" key="IDC_KEYFILES_ENABLE">U&amp;se keyfiles</control>
<control lang="en" key="IDC_KEY_FILES">&amp;Keyfiles...</control>
- <control lang="en" key="IDC_LINK_HASH_INFO">Information on hash algorithms</control>
- <control lang="en" key="IDC_LINK_MORE_INFO_ABOUT_CIPHER">More information</control>
<control lang="en" key="IDC_MB">&amp;MB</control>
- <control lang="en" key="IDC_MORE_INFO_ON_CONTAINERS">More information</control>
- <control lang="en" key="IDC_MORE_INFO_ON_SYS_ENCRYPTION">More information about system encryption</control>
- <control lang="en" key="IDC_MORE_INFO_SYS_ENCRYPTION">More information</control>
<control lang="en" key="IDC_MULTI_BOOT">Multi-boot</control>
<control lang="en" key="IDC_NONSYS_DEVICE">Encrypt a non-system partition/drive</control>
<control lang="en" key="IDC_NO_HISTORY">&amp;Never save history</control>
@@ -71,6 +63,7 @@
<control lang="en" key="IDT_COLLECTING_RANDOM_DATA_NOTE">IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Next to continue.</control>
<control lang="en" key="IDT_CONFIRM">&amp;Confirm:</control>
<control lang="en" key="IDT_DONE">Done</control>
+ <control lang="en" key="IDT_DRIVE_LETTER">Drive letter:</control>
<control lang="en" key="IDT_ENCRYPTION_ALGO">Encryption Algorithm</control>
<control lang="en" key="IDT_FILESYSTEM">Filesystem </control>
<control lang="en" key="IDT_FILE_CONTAINER">Creates a virtual encrypted disk within a file. Recommended for inexperienced users.</control>
@@ -107,13 +100,11 @@
<control lang="en" key="IDC_CLOSE_TOKEN_SESSION_AFTER_MOUNT">&amp;Close token session (log out) after a volume is successfully mounted</control>
<control lang="en" key="IDC_COPY_WIZARD">Include TrueCrypt Volume Creation Wizard</control>
<control lang="en" key="IDC_CREATE">Create</control>
- <control lang="en" key="IDC_CREATE_VOLUME">&amp;Create Volume</control>
<control lang="en" key="IDC_DISABLE_BOOT_LOADER_OUTPUT">Do not &amp;show any texts in the pre-boot authentication screen (except the below custom message)</control>
<control lang="en" key="IDC_ENABLE_HARDWARE_ENCRYPTION">Accelerate AES encryption/decryption by using the AES instructions of the processor (if available)</control>
<control lang="en" key="IDC_ENABLE_KEYFILES">Use keyfiles</control>
<control lang="en" key="IDC_ENABLE_NEW_KEYFILES">Use keyfiles</control>
<control lang="en" key="IDC_EXIT">E&amp;xit</control>
- <control lang="en" key="IDC_FAVORITES_HELP_LINK">Help on favorite volumes</control>
<control lang="en" key="IDC_FAVORITE_DISABLE_HOTKEY">Do not mount selected volume when 'Mount Favorite Volumes' &amp;hot key is pressed</control>
<control lang="en" key="IDC_FAVORITE_MOUNT_ON_ARRIVAL">Mount selected volume when its host device gets &amp;connected</control>
<control lang="en" key="IDC_FAVORITE_MOUNT_ON_LOGON">Mount selected volume upon log&amp;on</control>
@@ -134,8 +125,6 @@
<control lang="en" key="IDC_HOTKEY_REMOVE">Remove</control>
<control lang="en" key="IDC_KEYFILES">Keyfiles...</control>
<control lang="en" key="IDC_LIMIT_ENC_THREAD_POOL">Do not use the following number of processors for encryption/decryption:</control>
- <control lang="en" key="IDC_MORE_INFO_ON_HW_ACCELERATION">More information</control>
- <control lang="en" key="IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION">More information</control>
<control lang="en" key="IDC_MORE_SETTINGS">More Settings...</control>
<control lang="en" key="IDC_MOUNTALL">&amp;Auto-Mount Devices</control>
<control lang="en" key="IDC_MOUNT_OPTIONS">Mount Opti&amp;ons...</control>
@@ -166,7 +155,6 @@
<control lang="en" key="IDC_TRAVEL_OPEN_EXPLORER">Open &amp;Explorer window for mounted volume</control>
<control lang="en" key="IDC_TRAV_CACHE_PASSWORDS">&amp;Cache password in driver memory</control>
<control lang="en" key="IDC_UNMOUNTALL">Di&amp;smount All</control>
- <control lang="en" key="IDC_VOLUME_PROPERTIES">&amp;Volume Properties...</control>
<control lang="en" key="IDC_VOLUME_TOOLS">Volume &amp;Tools...</control>
<control lang="en" key="IDC_WIPE_CACHE">&amp;Wipe Cache</control>
<control lang="en" key="IDD_FAVORITE_VOLUMES">TrueCrypt - Favorite Volumes</control>
@@ -184,7 +172,6 @@
<control lang="en" key="IDM_ADD_REMOVE_VOL_KEYFILES">Add/Remove Keyfiles to/from Volume...</control>
<control lang="en" key="IDM_ADD_VOLUME_TO_FAVORITES">Add Mounted Volume to Favorites...</control>
<control lang="en" key="IDM_ADD_VOLUME_TO_SYSTEM_FAVORITES">Add Mounted Volume to System Favorites...</control>
- <control lang="en" key="IDM_ANALYZE_SYSTEM_CRASH">Analyze a System Crash...</control>
<control lang="en" key="IDM_BACKUP_VOL_HEADER">Backup Volume Header...</control>
<control lang="en" key="IDM_BENCHMARK">Benchmark...</control>
<control lang="en" key="IDM_CHANGE_HEADER_KEY_DERIV_ALGO">Set Header Key Derivation Algorithm...</control>
@@ -193,15 +180,11 @@
<control lang="en" key="IDM_CHANGE_SYS_PASSWORD">Change Password...</control>
<control lang="en" key="IDM_CLEAR_HISTORY">Clear Volume History</control>
<control lang="en" key="IDM_CLOSE_ALL_TOKEN_SESSIONS">Close All Security Token Sessions</control>
- <control lang="en" key="IDM_CONTACT">Contact</control>
- <control lang="en" key="IDM_CREATE_HIDDEN_OS">Create Hidden Operating System...</control>
<control lang="en" key="IDM_CREATE_RESCUE_DISK">Create Rescue Disk...</control>
<control lang="en" key="IDM_CREATE_VOLUME">Create New Volume...</control>
+ <control lang="en" key="IDM_DECRYPT_NONSYS_VOL">Permanently Decrypt...</control>
<control lang="en" key="IDM_DEFAULT_KEYFILES">Default Keyfiles...</control>
<control lang="en" key="IDM_ENCRYPT_SYSTEM_DEVICE">Encrypt System Partition/Drive...</control>
- <control lang="en" key="IDM_FAQ">Frequently Asked Questions</control>
- <control lang="en" key="IDM_HELP">User's Guide</control>
- <control lang="en" key="IDM_HOMEPAGE">&amp;Homepage </control>
<control lang="en" key="IDM_HOTKEY_SETTINGS">Hot Keys...</control>
<control lang="en" key="IDM_KEYFILE_GENERATOR">Keyfile Generator</control>
<control lang="en" key="IDM_LANGUAGE">Language...</control>
@@ -212,9 +195,6 @@
<control lang="en" key="IDM_MOUNT_SYSENC_PART_WITHOUT_PBA">Mount Without Pre-Boot &amp;Authentication...</control>
<control lang="en" key="IDM_MOUNT_VOLUME">Mount Volume</control>
<control lang="en" key="IDM_MOUNT_VOLUME_OPTIONS">Mount Volume with Options</control>
- <control lang="en" key="IDM_NEWS">News</control>
- <control lang="en" key="IDM_ONLINE_HELP">Online Help</control>
- <control lang="en" key="IDM_ONLINE_TUTORIAL">Beginner's Tutorial</control>
<control lang="en" key="IDM_ORGANIZE_FAVORITES">Organize Favorite Volumes...</control>
<control lang="en" key="IDM_ORGANIZE_SYSTEM_FAVORITES">Organize System Favorite Volumes...</control>
<control lang="en" key="IDM_PERFORMANCE_SETTINGS">Performance...</control>
@@ -223,7 +203,7 @@
<control lang="en" key="IDM_REFRESH_DRIVE_LETTERS">Refresh Drive Letters</control>
<control lang="en" key="IDM_REMOVE_ALL_KEYFILES_FROM_VOL">Remove All Keyfiles from Volume...</control>
<control lang="en" key="IDM_RESTORE_VOL_HEADER">Restore Volume Header...</control>
- <control lang="en" key="IDM_RESUME_INTERRUPTED_PROC">Resume Interrupted Process</control>
+ <control lang="en" key="IDM_RESUME_INTERRUPTED_PROC">Resume Interrupted Decryption...</control>
<control lang="en" key="IDM_SELECT_DEVICE">Select Device...</control>
<control lang="en" key="IDM_SELECT_FILE">Select File...</control>
<control lang="en" key="IDM_SYSENC_RESUME">Resume Interrupted Process</control>
@@ -231,17 +211,14 @@
<control lang="en" key="IDM_SYSTEM_ENCRYPTION_STATUS">Properties...</control>
<control lang="en" key="IDM_SYS_ENC_SETTINGS">Settings...</control>
<control lang="en" key="IDM_SYS_FAVORITES_SETTINGS">System Favorite Volumes...</control>
- <control lang="en" key="IDM_TC_DOWNLOADS">Downloads</control>
<control lang="en" key="IDM_TEST_VECTORS">Test Vectors...</control>
<control lang="en" key="IDM_TOKEN_PREFERENCES">Security Tokens...</control>
<control lang="en" key="IDM_TRAVELER">Traveler Disk Setup...</control>
<control lang="en" key="IDM_UNMOUNTALL">Dismount All Mounted Volumes</control>
<control lang="en" key="IDM_UNMOUNT_VOLUME">Dismount Volume</control>
<control lang="en" key="IDM_VERIFY_RESCUE_DISK">Verify Rescue Disk</control>
- <control lang="en" key="IDM_VERSION_HISTORY">Version History</control>
<control lang="en" key="IDM_VOLUME_PROPERTIES">Volume Properties</control>
<control lang="en" key="IDM_VOLUME_WIZARD">Volume Creation Wizard</control>
- <control lang="en" key="IDM_WEBSITE">TrueCrypt Website</control>
<control lang="en" key="IDM_WIPE_CACHE">Wipe Cached Passwords</control>
<control lang="en" key="IDOK">OK</control>
<control lang="en" key="IDT_ACCELERATION_OPTIONS">Hardware Acceleration</control>
@@ -259,6 +236,7 @@
<control lang="en" key="IDT_FILE_SETTINGS">File Settings</control>
<control lang="en" key="IDT_HOTKEY_KEY">Key to assign:</control>
<control lang="en" key="IDT_HW_AES_SUPPORTED_BY_CPU">Processor (CPU) in this computer supports hardware acceleration for AES:</control>
+ <control lang="en" key="IDT_INSECURE_APP">WARNING: Using TrueCrypt is not secure</control>
<control lang="en" key="IDT_LOGON">Actions to perform upon logon to Windows</control>
<control lang="en" key="IDT_MINUTES">minutes</control>
<control lang="en" key="IDT_MOUNT_LETTER">Mount volume as drive letter:</control>
@@ -285,7 +263,6 @@
<control lang="en" key="IDC_EXPORT">&amp;Export...</control>
<control lang="en" key="IDC_GENERATE_AND_SAVE_KEYFILE">Generate and Save Keyfile...</control>
<control lang="en" key="IDC_GENERATE_KEYFILE">&amp;Generate Random Keyfile...</control>
- <control lang="en" key="IDC_GET_LANG_PACKS">Download language pack</control>
<control lang="en" key="IDC_HW_AES_LABEL_LINK">Hardware-accelerated AES:</control>
<control lang="en" key="IDC_IMPORT_KEYFILE">&amp;Import Keyfile to Token...</control>
<control lang="en" key="IDC_KEYADD">Add &amp;Files...</control>
@@ -293,8 +270,6 @@
<control lang="en" key="IDC_KEYFILES_HIDVOL_PROT">&amp;Keyfiles...</control>
<control lang="en" key="IDC_KEYREMOVE">&amp;Remove</control>
<control lang="en" key="IDC_KEYREMOVEALL">Remove &amp;All</control>
- <control lang="en" key="IDC_LINK_HIDVOL_PROTECTION_INFO">What is hidden volume protection?</control>
- <control lang="en" key="IDC_LINK_KEYFILES_INFO">More information on keyfiles</control>
<control lang="en" key="IDC_MOUNT_REMOVABLE">Mount volume as removable &amp;medium</control>
<control lang="en" key="IDC_MOUNT_SYSENC_PART_WITHOUT_PBA">Mount partition &amp;using system encryption without pre-boot authentication</control>
<control lang="en" key="IDC_PARALLELIZATION_LABEL_LINK">Parallelization:</control>
@@ -353,14 +328,14 @@
<control lang="en" key="MENU_TOOLS">T&amp;ools</control>
<control lang="en" key="MENU_SETTINGS">Settin&amp;gs</control>
<control lang="en" key="MENU_HELP">&amp;Help</control>
- <control lang="en" key="MENU_WEBSITE"> Home&amp;page </control>
<!-- Strings -->
+ <string lang="en" key="INSECURE_APP">WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. Use it only to migrate existing data encrypted by TrueCrypt.\n\nThe development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images.\n\nUse BitLocker to encrypt data:\n\n- To encrypt a drive, click icon of the drive in Explorer using the right mouse button and select 'Turn on BitLocker'.\n\n- To create an encrypted file container:\n1) Create a virtual disk in Disk Management (right-click Computer/PC icon > select 'Manage' > select 'Storage' > select 'Disk Management' > select 'Action' menu > select 'Create VHD').\n2) Initialize the disk (right-click it and select 'Initialize Disk') and create a partition on it (right-click unallocated space on the drive and select 'New Simple Volume').\n3) Encrypt the new virtual drive by BitLocker (right-click it in Explorer and select 'Turn on BitLocker').</string>
<string lang="en" key="ABOUTBOX">&amp;About...</string>
<string lang="en" key="ACCESSMODEFAIL">The read-only attribute on your old volume could not be changed. Please check the file access permissions.</string>
<string lang="en" key="ACCESS_DENIED">Error: Access denied.\n\nThe partition you are trying to access is either 0 sectors long, or it is the boot device.</string>
<string lang="en" key="ADMINISTRATOR">Administrator</string>
<string lang="en" key="ADMIN_PRIVILEGES_DRIVER">In order to load the TrueCrypt driver, you need to be logged into an account with administrator privileges.</string>
- <string lang="en" key="ADMIN_PRIVILEGES_WARN_DEVICES">Please note that in order to encrypt/format a partition/device you need to be logged into an account with administrator privileges.\n\nThis does not apply to file-hosted volumes.</string>
+ <string lang="en" key="ADMIN_PRIVILEGES_WARN_DEVICES">Please note that in order to encrypt, decrypt, or format a partition/device you need to be logged into an account with administrator privileges. (This does not apply to file-hosted volumes.)</string>
<string lang="en" key="ADMIN_PRIVILEGES_WARN_HIDVOL">In order to create a hidden volume you need to be logged into an account with administrator privileges.\n\nContinue?</string>
<string lang="en" key="ADMIN_PRIVILEGES_WARN_NTFS">Please note that in order to format the volume as NTFS you need to be logged into an account with administrator privileges.\n\nWithout administrator privileges, you can format the volume as FAT.</string>
<string lang="en" key="AES_HELP">FIPS-approved cipher (Rijndael, published in 1998) that may be used by U.S. government departments and agencies to protect classified information up to the Top Secret level. 256-bit key, 128-bit block, 14 rounds (AES-256). Mode of operation is XTS.</string>
@@ -420,21 +395,6 @@
<string lang="en" key="DRIVER_VERSION">Error: An incompatible version of the TrueCrypt driver is currently running.\n\nIf you are trying to run TrueCrypt in portable mode (i.e. without installing it) and a different version of TrueCrypt is already installed, you must uninstall it first (or upgrade it using the TrueCrypt installer). To uninstall it, follow these steps: On Windows Vista or later, select 'Start Menu' > Computer > 'Uninstall or change a program' > TrueCrypt > Uninstall; on Windows XP, select 'Start Menu' > Settings > 'Control Panel' > 'Add Or Remove Programs' > TrueCrypt > Remove.\n\nSimilarly, if you are trying to run TrueCrypt in portable mode (i.e. without installing it) and a different version of TrueCrypt is already running in portable mode, you must restart the system first and then run only this new version.</string>
<string lang="en" key="ERR_CIPHER_INIT_FAILURE">Error: Cipher initialization failure.</string>
<string lang="en" key="ERR_CIPHER_INIT_WEAK_KEY">Error: A weak or a potentially weak key has been detected. The key will be discarded. Please try again.</string>
- <string lang="en" key="EXCEPTION_REPORT">A critical error has occurred and TrueCrypt must be terminated. If this is caused by a bug in TrueCrypt, we would like to fix it. To help us, you can send us an automatically generated error report containing the following items:\n\n- Program version\n- Operating system version\n- Type of CPU\n- TrueCrypt component name\n- Checksum of TrueCrypt executable\n- Symbolic name of dialog window\n- Error category\n- Error address\n- TrueCrypt call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.\n\n%hs\n\nDo you want to send us the above error report?</string>
- <string lang="en" key="EXCEPTION_REPORT_EXT">A critical error has occurred in your system, which requires TrueCrypt to be terminated.\n\nNote that this error has not been caused by TrueCrypt (so the TrueCrypt developers cannot fix it). Please, check your system for possible problems (e.g., system configuration, network connection, failing hardware components).</string>
- <string lang="en" key="EXCEPTION_REPORT_EXT_FILESEL">A critical error has occurred in your system, which requires TrueCrypt to be terminated.\n\nIf this problem persists, you may want to try disabling or uninstalling applications that could potentially be causing this issue, such as antivirus or Internet security software, system "enhancers", "optimizers" or "tweakers", etc. If it does not help, you may want to try reinstalling your operating system (this problem may also be caused by malware).</string>
- <string lang="en" key="EXCEPTION_REPORT_TITLE">TrueCrypt Critical Error</string>
- <string lang="en" key="SYSTEM_CRASHED_ASK_REPORT">TrueCrypt detected that the operating system recently crashed. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)\n\nDo you want TrueCrypt to check whether a bug in TrueCrypt could have caused the system crash?</string>
- <string lang="en" key="ASK_KEEP_DETECTING_SYSTEM_CRASH">Do you want TrueCrypt to continue detecting system crashes?</string>
- <string lang="en" key="NO_MINIDUMP_FOUND">TrueCrypt found no system crash minidump file.</string>
- <string lang="en" key="ASK_DELETE_KERNEL_CRASH_DUMP">Do you want to delete the Windows crash dump file to free up disk space?</string>
- <string lang="en" key="ASK_DEBUGGER_INSTALL">In order to analyze the system crash, TrueCrypt needs to install Microsoft Debugging Tools for Windows first.\n\nAfter you click OK, the Windows installer will download the Microsoft Debugging Tools installation package (16 MB) from a Microsoft server and install it (the Windows installer will be forwarded to the Microsoft server URL from the truecrypt.org server, which ensures that this feature works even if Microsoft changes the location of the installation package).</string>
- <string lang="en" key="SYSTEM_CRASH_ANALYSIS_INFO">After you click OK, TrueCrypt will analyze the system crash. This may take up to several minutes.</string>
- <string lang="en" key="DEBUGGER_NOT_FOUND">Please make sure the environment variable 'PATH' includes the path to 'kd.exe' (Kernel Debugger).</string>
- <string lang="en" key="SYSTEM_CRASH_NO_TRUECRYPT">It appears that TrueCrypt most likely did not cause the system crash. There are many potential reasons why the system could have crashed (for example, a failing hardware component, a bug in a device driver, etc.)</string>
- <string lang="en" key="SYSTEM_CRASH_UPDATE_DRIVER">Results of the analysis indicate that updating the following driver might solve this issue: </string>
- <string lang="en" key="SYSTEM_CRASH_REPORT">To help us determine whether there is a bug in TrueCrypt, you can send us an automatically generated error report containing the following items:\n- Program version\n- Operating system version\n- Type of CPU\n- Error category\n- Driver name and version\n- System call stack\n\nIf you select 'Yes', the following URL (which contains the entire error report) will be opened in your default Internet browser.</string>
- <string lang="en" key="ASK_SEND_ERROR_REPORT">Do you want to send us the above error report?</string>
<string lang="en" key="ENCRYPT">&amp;Encrypt</string>
<string lang="en" key="DECRYPT">&amp;Decrypt</string>
<string lang="en" key="PERMANENTLY_DECRYPT">&amp;Permanently Decrypt</string>
@@ -476,7 +436,11 @@
<string lang="en" key="FORMAT_FINISHED_HELP">\n\nThe TrueCrypt volume has been created and is ready for use. If you wish to create another TrueCrypt volume, click Next. Otherwise, click Exit.</string>
<string lang="en" key="SYSENC_HIDDEN_VOL_FORMAT_FINISHED_HELP">\n\nThe hidden TrueCrypt volume has been successfully created (the hidden operating system will reside within this hidden volume).\n\nClick Next to continue.</string>
<string lang="en" key="NONSYS_INPLACE_ENC_FINISHED_TITLE">Volume Fully Encrypted</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_FINISHED_TITLE">Volume Fully Decrypted</string>
<string lang="en" key="NONSYS_INPLACE_ENC_FINISHED_INFO">IMPORTANT: TO MOUNT THIS NEWLY CREATED TRUECRYPT VOLUME AND TO ACCESS DATA STORED IN IT, CLICK 'Auto-Mount Devices' IN THE MAIN TRUECRYPT WINDOW. After you enter the correct password (and/or supply correct keyfiles), the volume will be mounted to the drive letter you select from the list in the main TrueCrypt window (and you will be able to access the encrypted data via the selected drive letter).\n\nPLEASE REMEMBER OR WRITE DOWN THE ABOVE STEPS. YOU MUST FOLLOW THEM WHENEVER YOU WANT TO MOUNT THE VOLUME AND ACCESS DATA STORED IN IT. Alternatively, in the main TrueCrypt window, click 'Select Device', then select this partition/volume, and click 'Mount'.\n\nThe partition/volume has been successfully encrypted (it contains a fully encrypted TrueCrypt volume now) and is ready for use.</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_FINISHED_INFO">The TrueCrypt volume has been successfully decrypted.</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_FINISHED_DRIVE_LETTER_SEL_INFO">The TrueCrypt volume has been successfully decrypted.\n\nPlease select a drive letter that you wish to assign to the decrypted volume and then click Finish.\n\nIMPORTANT: Until a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_FINISHED_NO_DRIVE_LETTER_AVAILABLE">Warning: To be able to access the decrypted data, a drive letter needs to be assigned to the decrypted volume. However, no drive letter is currently available.\n\nPlease vacate a drive letter (for example, by disconnecting a USB flash drive or external hard drive, etc.) and then click OK.</string>
<string lang="en" key="FORMAT_FINISHED_INFO">The TrueCrypt volume has been successfully created.</string>
<string lang="en" key="FORMAT_FINISHED_TITLE">Volume Created</string>
<string lang="en" key="FORMAT_HELP">IMPORTANT: Move your mouse as randomly as possible within this window. The longer you move it, the better. This significantly increases the cryptographic strength of the encryption keys. Then click Format to create the volume.</string>
@@ -533,6 +497,7 @@
<string lang="en" key="NODRIVER">Unable to connect to the TrueCrypt device driver. TrueCrypt cannot work if the device driver is not running.\n\nPlease note that, due to a Windows issue, it may be necessary to log off or restart the system before the device driver can be loaded.</string>
<string lang="en" key="NOFONT">Error occurred when loading/preparing fonts.</string>
<string lang="en" key="NOT_FOUND">The drive letter was not found or no drive letter was specified.</string>
+ <string lang="en" key="ERR_CANNOT_ASSIGN_DRIVE_LETTER_NONSYS_DEC">Error: Cannot assign drive letter.\n\nUntil a drive letter is assigned to the decrypted volume, you will not be able to access data stored on the volume.\n\nRetry?</string>
<string lang="en" key="DRIVE_LETTER_UNAVAILABLE">Drive letter not available.</string>
<string lang="en" key="NO_FILE_SELECTED">No file selected!</string>
<string lang="en" key="NO_FREE_DRIVES">No drive letters available.</string>
@@ -552,7 +517,8 @@
<string lang="en" key="OVERWRITEPROMPT">WARNING: The file '%hs' already exists!\n\nIMPORTANT: TRUECRYPT WILL NOT ENCRYPT THE FILE, BUT IT WILL DELETE IT. Are you sure you want to delete the file and replace it with a new TrueCrypt container?</string>
<string lang="en" key="OVERWRITEPROMPT_DEVICE">CAUTION: ALL FILES CURRENTLY STORED ON THE SELECTED %s '%hs'%s WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format?</string>
<string lang="en" key="NONSYS_INPLACE_ENC_CONFIRM">WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully encrypted.\n\nAre you sure you want to start encrypting the selected %s '%hs'%s?</string>
- <string lang="en" key="NONSYS_INPLACE_ENC_CONFIRM_BACKUP">WARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while TrueCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt.\n\nDo you have such a backup?</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_CONFIRM">WARNING: You will not be able to mount the volume or access any files stored on it until it has been fully decrypted.\n\nAre you sure you want to start decrypting the selected %s '%hs'%s?</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_CONFIRM_BACKUP">WARNING: Please note that when TrueCrypt is encrypting/decrypting partitions in place, the following problem may occur: If power supply is suddenly interrupted or the operating system crashes due to a software error or hardware malfunction, portions of the data being encrypted/decrypted may get corrupted or lost. Therefore, before you continue, make sure you have a backup of the data you are about to encrypt/decrypt now.\n\nDo you have such a backup?</string>
<string lang="en" key="OVERWRITEPROMPT_DEVICE_HIDDEN_OS_PARTITION">CAUTION: ANY FILES CURRENTLY STORED ON THE PARTITION '%hs'%s (I.E. ON THE FIRST PARTITION BEHIND THE SYSTEM PARTITION) WILL BE ERASED AND LOST (THEY WILL NOT BE ENCRYPTED)!\n\nAre you sure you want to proceed with format?</string>
<string lang="en" key="OVERWRITEPROMPT_DEVICE_SECOND_WARNING_LOTS_OF_DATA">WARNING: THE SELECTED PARTITION CONTAINS A LARGE AMOUNT OF DATA! Any files stored on the partition will be erased and lost (they will NOT be encrypted)!</string>
<string lang="en" key="ERASE_FILES_BY_CREATING_VOLUME">Erase any files stored on the partition by creating a TrueCrypt volume within it</string>
@@ -567,8 +533,9 @@
<string lang="en" key="KEYFILE_CHANGED">Keyfile(s) successfully added/removed.</string>
<string lang="en" key="KEYFILE_EXPORTED">Keyfile exported.</string>
<string lang="en" key="PKCS5_PRF_CHANGED">Header key derivation algorithm successfully set.</string>
- <string lang="en" key="NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP">Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption.\n\n\nRemark: After you click Next, TrueCrypt will attempt to find all non-system volumes where the process of encryption has been interrupted and where the TrueCrypt volume header can be decrypted using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step.</string>
- <string lang="en" key="NONSYS_INPLACE_ENC_RESUME_VOL_SELECT_HELP">Please select one of the listed volumes. The list contains every accessible non-system volume where the process of encryption has been interrupted and whose header could be decrypted using the supplied password and/or keyfile(s).</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_PASSWORD_PAGE_HELP">Please enter the password and/or keyfile(s) for the non-system TrueCrypt volume that you want to decrypt.</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE_HELP">Please enter the password and/or keyfile(s) for the non-system volume where you want to resume the process of in-place encryption/decryption.\n\nRemark: After you click Next, TrueCrypt will attempt to find all non-system volumes where the process of encryption/decryption has been interrupted and where the TrueCrypt volume header can be deciphered using the supplied password and/or keyfile(s). If more than one such volume is found, you will need to select one of them in the next step.</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_RESUME_VOL_SELECT_HELP">Please select one of the listed volumes. The list contains each accessible non-system volume where the process of encryption/decryption has been interrupted and where the volume header was successfully deciphered using the supplied password and/or keyfile(s).</string>
<string lang="en" key="PASSWORD_HELP">It is very important that you choose a good password. You should avoid choosing one that contains only a single word that can be found in a dictionary (or a combination of 2, 3, or 4 such words). It should not contain any names or dates of birth. It should not be easy to guess. A good password is a random combination of upper and lower case letters, numbers, and special characters, such as @ ^ = $ * + etc. We recommend choosing a password consisting of more than 20 characters (the longer, the better). The maximum possible length is 64 characters.</string>
<string lang="en" key="PASSWORD_HIDDENVOL_HELP">Please choose a password for the hidden volume. </string>
<string lang="en" key="PASSWORD_HIDDEN_OS_HELP">Please choose a password for the hidden operating system (i.e. for the hidden volume). </string>
@@ -590,9 +557,11 @@
<string lang="en" key="PASSWORD_WRONG_CAPSLOCK_ON">\n\nWarning: Caps Lock is on. This may cause you to enter your password incorrectly.</string>
<string lang="en" key="HIDDEN_FILES_PRESENT_IN_KEYFILE_PATH">\n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View).</string>
<string lang="en" key="HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT">If you are attempting to protect a hidden volume containing a hidden system, please make sure you are using the standard US keyboard layout when typing the password for the hidden volume. This is required due to the fact that the password needs to be typed in the pre-boot environment (before Windows starts) where non-US Windows keyboard layouts are not available.</string>
- <string lang="en" key="FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC">TrueCrypt has not found any volume where non-system encryption has been interrupted and where the volume header can be decrypted using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software).</string>
+ <string lang="en" key="FOUND_NO_PARTITION_W_DEFERRED_INPLACE_ENC">TrueCrypt has not found any volume where the process of encryption/decryption of a non-system volume has been interrupted and where the volume header can be deciphered using the supplied password and/or keyfile(s).\n\nPlease make sure the password and/or keyfile(s) are correct and that the partition/volume is not being used by the system or applications (including antivirus software).</string>
<string lang="en" key="SYSENC_MOUNT_WITHOUT_PBA_NOTE">\n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'System' > 'Mount Without Pre-Boot Authentication'.</string>
<string lang="en" key="MOUNT_WITHOUT_PBA_VOL_ON_ACTIVE_SYSENC_DRIVE">In this mode, you cannot mount a partition located on a drive whose portion is within the key scope of active system encryption.\n\nBefore you can mount this partition in this mode, you need to either boot an operating system installed on a different drive (encrypted or unencrypted) or boot an unencrypted operating system.</string>
+ <string lang="en" key="CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE">TrueCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive).</string>
+ <string lang="en" key="CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE_UNSURE">Warning: As the drive contains the TrueCrypt Boot Loader, it may be an entirely encrypted system drive. If it is, please note that TrueCrypt cannot decrypt an individual partition on an entirely encrypted system drive (you can decrypt only the entire system drive). If that is the case, you will be able to continue now but you will receive the 'Incorrect password' error message later.</string>
<string lang="en" key="PREV">&lt; &amp;Back</string>
<string lang="en" key="RAWDEVICES">Unable to list raw devices installed on your system!</string>
<string lang="en" key="READONLYPROMPT">The volume '%hs' exists, and is read-only. Are you sure you want to replace it?</string>
@@ -643,7 +612,7 @@
<string lang="en" key="WRONG_VOL_TYPE">TrueCrypt cannot change the password for a foreign volume.</string>
<string lang="en" key="SELECT_FREE_DRIVE">Please select a free drive letter from the list.</string>
<string lang="en" key="SELECT_A_MOUNTED_VOLUME">Please select a mounted volume in the drive letter list.</string>
- <string lang="en" key="AMBIGUOUS_VOL_SELECTION">Two different mounted volumes are currently selected (one in the drive letter list and the other in the input field below the list).\n\nPlease choose the volume you wanted to select:</string>
+ <string lang="en" key="AMBIGUOUS_VOL_SELECTION">Warning: Two different volumes/devices are currently selected (the first is selected in the drive letter list and the second is selected in the input field below the drive letter list).\n\nPlease confirm your choice:</string>
<string lang="en" key="CANT_CREATE_AUTORUN">Error: Cannot create autorun.inf</string>
<string lang="en" key="ERR_PROCESS_KEYFILE">Error while processing keyfile!</string>
<string lang="en" key="ERR_PROCESS_KEYFILE_PATH">Error processing keyfile path!</string>
@@ -691,11 +660,18 @@
<string lang="en" key="FOR_MORE_INFO_ON_PARTITIONS">For information on how to create and manage partitions, please refer to the documentation supplied with your operating system or contact your computer vendor's technical support team for assistance.</string>
<string lang="en" key="SYSTEM_PARTITION_NOT_ACTIVE">Error: The currently running operating system is not installed on the boot partition (first Active partition). This is not supported.</string>
<string lang="en" key="CONFIRM_FAT_FOR_FILES_OVER_4GB">You indicated that you intend to store files larger than 4 GB in this TrueCrypt volume. However, you chose the FAT file system, on which files larger than 4 GB cannot be stored.\n\nAre you sure you want to format the volume as FAT?</string>
+ <string lang="en" key="NONSYS_INPLACE_DECRYPTION_BAD_VOL_FORMAT">Error: TrueCrypt does not support in-place decryption of legacy non-system volumes created by TrueCrypt 5.1a or earlier.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume.</string>
+ <string lang="en" key="NONSYS_INPLACE_DECRYPTION_CANT_DECRYPT_HID_VOL">Error: TrueCrypt cannot in-place decrypt a hidden TrueCrypt volume.\n\nNote: You can still decrypt files stored on the volume by copying/moving them to any unencrypted volume.</string>
+ <string lang="en" key="CONFIRM_VOL_CONTAINS_NO_HIDDEN_VOL">Warning: Note that TrueCrypt cannot in-place decrypt a volume that contains a hidden TrueCrypt volume (the hidden volume would be overwritten with pseudorandom data).\n\nPlease confirm that the volume you are about to decrypt contains no hidden volume.\n\nNote: If the volume contains a hidden volume but you do not mind losing the hidden volume, you can select Proceed (the outer volume will be safely decrypted).</string>
+ <string lang="en" key="VOL_CONTAINS_NO_HIDDEN_VOL">The volume does not contain any hidden volume. Proceed.</string>
+ <string lang="en" key="VOL_CONTAINS_A_HIDDEN_VOL">The volume contains a hidden volume. Cancel.</string>
<string lang="en" key="CANT_ACCESS_VOL">Error: Cannot access the volume!\n\nMake sure that the selected volume exists, that it is not mounted or being used by the system or an application, that you have read/write permission for the volume, and that it is not write-protected.</string>
+ <string lang="en" key="CANT_GET_VOL_INFO">Error: Cannot obtain volume properties.</string>
<string lang="en" key="INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL">Error: Cannot access the volume and/or obtain information about the volume.\n\nMake sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.</string>
<string lang="en" key="INPLACE_ENC_CANT_ACCESS_OR_GET_INFO_ON_VOL_ALT">Error: Cannot access the volume and/or obtain information about the volume. Make sure that the selected volume exists, that it is not being used by the system or applications, that you have read/write permission for the volume, and that it is not write-protected.\n\nIf the problem persists, it might help to follow the below steps.</string>
<string lang="en" key="INPLACE_ENC_GENERIC_ERR_ALT_STEPS">An error prevented TrueCrypt from encrypting the partition. Please try fixing any previously reported problems and then try again. If the problems persist, it might help to follow the below steps.</string>
- <string lang="en" key="INPLACE_ENC_GENERIC_ERR_RESUME">An error prevented TrueCrypt from resuming the process of encryption of the partition.\n\nPlease try fixing any previously reported problems and then try resuming the process again. Note that the volume cannot be mounted until it has been fully encrypted.</string>
+ <string lang="en" key="INPLACE_DEC_GENERIC_ERR">An error prevented TrueCrypt from decrypting the volume. Please try fixing any previously reported problems and then try again if possible.</string>
+ <string lang="en" key="INPLACE_ENC_GENERIC_ERR_RESUME">An error prevented TrueCrypt from resuming the process of encryption/decryption of the partition/volume.\n\nPlease try fixing any previously reported problems and then try resuming the process again if possible. Note that the volume cannot be mounted until it has been fully encrypted or fully decrypted.</string>
<string lang="en" key="CANT_DISMOUNT_OUTER_VOL">Error: Cannot dismount the outer volume!\n\nVolume cannot be dismounted if it contains files or folders being used by a program or the system.\n\nPlease close any program that might be using files or directories on the volume and click Retry.</string>
<string lang="en" key="CANT_GET_OUTER_VOL_INFO">Error: Cannot obtain information about the outer volume!\nVolume creation cannot continue.</string>
<string lang="en" key="CANT_ACCESS_OUTER_VOL">Error: Cannot access the outer volume! Volume creation cannot continue.</string>
@@ -759,18 +735,12 @@
<string lang="en" key="SETUP_OPTIONS_INFO">Here you can set various options to control the installation process.</string>
<string lang="en" key="SETUP_PROGRESS_TITLE">Installing</string>
<string lang="en" key="SETUP_PROGRESS_INFO">Please wait while TrueCrypt is being installed.</string>
- <string lang="en" key="SETUP_FINISHED_TITLE_DON">TrueCrypt has been successfully installed</string>
- <string lang="en" key="SETUP_FINISHED_UPGRADE_TITLE_DON">TrueCrypt has been successfully upgraded</string>
- <string lang="en" key="SETUP_FINISHED_INFO_DON">Please consider making a donation. You can click Finish anytime to close the installer.</string>
<string lang="en" key="EXTRACTION_OPTIONS_TITLE">Extraction Options</string>
<string lang="en" key="EXTRACTION_OPTIONS_INFO">Here you can set various options to control the extraction process.</string>
<string lang="en" key="EXTRACTION_PROGRESS_INFO">Please wait while files are being extracted.</string>
- <string lang="en" key="EXTRACTION_FINISHED_TITLE_DON">Files successfully extracted</string>
<string lang="en" key="EXTRACTION_FINISHED_INFO">All files have been successfully extracted to the destination location.</string>
<string lang="en" key="AUTO_FOLDER_CREATION">If the specified folder does not exist, it will be automatically created.</string>
<string lang="en" key="SETUP_UPGRADE_DESTINATION">The TrueCrypt program files will be upgraded in the location where TrueCrypt is installed. If you need to select a different location, please uninstall TrueCrypt first.</string>
- <string lang="en" key="AFTER_UPGRADE_RELEASE_NOTES">Do you want to view release notes for the current (latest stable) version of TrueCrypt?</string>
- <string lang="en" key="AFTER_INSTALL_TUTORIAL">If you have never used TrueCrypt before, we recommend that you read the chapter Beginner's Tutorial in the TrueCrypt User Guide. Do you want to view the tutorial?</string>
<string lang="en" key="SELECT_AN_ACTION">Please select an action to perform from the following:</string>
<string lang="en" key="REPAIR_REINSTALL">Repair/Reinstall</string>
<string lang="en" key="UPGRADE">Upgrade</string>
@@ -779,7 +749,7 @@
<string lang="en" key="TC_INSTALLER_IS_RUNNING">TrueCrypt Installer is currently running on this system and performing or preparing installation or update of TrueCrypt. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding.</string>
<string lang="en" key="INSTALL_FAILED">Installation failed.</string>
<string lang="en" key="UNINSTALL_FAILED">Uninstallation failed.</string>
- <string lang="en" key="DIST_PACKAGE_CORRUPTED">This distribution package is damaged. Please try downloading it again (preferably from the official TrueCrypt website at www.truecrypt.org).</string>
+ <string lang="en" key="DIST_PACKAGE_CORRUPTED">This distribution package is damaged. Please try downloading it again.</string>
<string lang="en" key="CANNOT_WRITE_FILE_X">Cannot write file %hs</string>
<string lang="en" key="EXTRACTING_VERB">Extracting</string>
<string lang="en" key="CANNOT_READ_FROM_PACKAGE">Cannot read data from the package.</string>
@@ -890,7 +860,6 @@
<string lang="en" key="RESCUE_DISK_CHECK_FAILED">Cannot verify that the Rescue Disk has been correctly burned.\n\nIf you have burned the Rescue Disk, please eject and reinsert the CD/DVD; then click Next to try again. If this does not help, please try another medium%s.\n\nIf you have not burned the Rescue Disk yet, please do so, and then click Next.\n\nIf you attempted to verify a TrueCrypt Rescue Disk created before you started this wizard, please note that such Rescue Disk cannot be used, because it was created for a different master key. You need to burn the newly generated Rescue Disk.</string>
<string lang="en" key="RESCUE_DISK_CHECK_FAILED_SENTENCE_APPENDIX"> and/or other CD/DVD recording software</string>
<string lang="en" key="SYSTEM_FAVORITES_DLG_TITLE">TrueCrypt - System Favorite Volumes</string>
- <string lang="en" key="SYS_FAVORITES_HELP_LINK">What are system favorite volumes?</string>
<string lang="en" key="SYS_FAVORITES_REQUIRE_PBA">The system partition/drive does not appear to be encrypted.\n\nSystem favorite volumes can be mounted using only a pre-boot authentication password. Therefore, to enable use of system favorite volumes, you need to encrypt the system partition/drive first.</string>
<string lang="en" key="DISMOUNT_FIRST">Please dismount the volume before proceeding.</string>
<string lang="en" key="CANNOT_SET_TIMER">Error: Cannot set timer.</string>
@@ -915,7 +884,6 @@
<string lang="en" key="UNSUPPORTED_CHARS_IN_PWD_RECOM">Warning: Password contains non-ASCII characters. This may cause the volume to be impossible to mount when your system configuration changes.\n\nYou should replace all non-ASCII characters in the password with ASCII characters. To do so, click 'Volumes' -&gt; 'Change Volume Password'.\n\nThe following are ASCII characters:\n\n ! " # $ % &amp; ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; &lt; = &gt; ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \\ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t u v w k y z { | } ~</string>
<string lang="en" key="EXE_FILE_EXTENSION_CONFIRM">WARNING: We strongly recommend that you avoid file extensions that are used for executable files (such as .exe, .sys, or .dll) and other similarly problematic file extensions. Using such file extensions causes Windows and antivirus software to interfere with the container, which adversely affects the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension or change it (e.g., to '.tc').\n\nAre you sure you want to use the problematic file extension?</string>
<string lang="en" key="EXE_FILE_EXTENSION_MOUNT_WARNING">WARNING: This container has a file extension that is used for executable files (such as .exe, .sys, or .dll) or some other file extension that is similarly problematic. It will very likely cause Windows and antivirus software to interfere with the container, which will adversely affect the performance of the volume and may also cause other serious problems.\n\nWe strongly recommend that you remove the file extension of the container or change it (e.g., to '.tc') after you dismount the volume.</string>
- <string lang="en" key="HOMEPAGE">Homepage</string>
<string lang="en" key="LARGE_IDE_WARNING_XP">WARNING: It appears that you have not applied any Service Pack to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows XP to which you did not apply Service Pack 1 or later! If you do, data on the disk (no matter if it is a TrueCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in TrueCrypt.</string>
<string lang="en" key="LARGE_IDE_WARNING_2K">WARNING: It appears that you have not applied Service Pack 3 or later to your Windows installation. You should not write to IDE disks larger than 128 GB under Windows 2000 to which you did not apply Service Pack 3 or later! If you do, data on the disk (no matter if it is a TrueCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a bug in TrueCrypt.\n\nNote: You may also need to enable the 48-bit LBA support in the registry; for more information, see http://support.microsoft.com/kb/305098/EN-US</string>
<string lang="en" key="LARGE_IDE_WARNING_2K_REGISTRY">WARNING: 48-bit LBA ATAPI support is disabled on your system. Therefore, you should not write to IDE disks larger than 128 GB! If you do, data on the disk (no matter if it is a TrueCrypt volume or not) may get corrupted. Note that this is a limitation of Windows, not a limitation of TrueCrypt.\n\nTo enable the 48-bit LBA support, add the 'EnableBigLba' registry value in the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\atapi\\Parameters and set it to 1.\n\nFor more information, see http://support.microsoft.com/kb/305098</string>
@@ -950,27 +918,28 @@
<string lang="en" key="CONFIRM_NO_FORCED_AUTODISMOUNT">WARNING: If this option is disabled, volumes containing open files/directories will not be possible to auto-dismount.\n\nAre you sure you want to disable this option?</string>
<string lang="en" key="WARN_PREF_AUTO_DISMOUNT">WARNING: Volumes containing open files/directories will NOT be auto-dismounted.\n\nTo prevent this, enable the following option in this dialog window: 'Force auto-dismount even if volume contains open files or directories'</string>
<string lang="en" key="WARN_PREF_AUTO_DISMOUNT_ON_POWER">WARNING: When the notebook battery power is low, Windows may omit sending the appropriate messages to running applications when the computer is entering power saving mode. Therefore, TrueCrypt may fail to auto-dismount volumes in such cases.</string>
- <string lang="en" key="NONSYS_INPLACE_ENC_RESUME_PROMPT">You have scheduled the process of encryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now?</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_RESUME_PROMPT">You have scheduled the process of encryption/decryption of a partition/volume. The process has not been completed yet.\n\nDo you want to resume the process now?</string>
<string lang="en" key="SYSTEM_ENCRYPTION_RESUME_PROMPT">You have scheduled the process of encryption or decryption of the system partition/drive. The process has not been completed yet.\n\nDo you want to start (resume) the process now?</string>
- <string lang="en" key="ASK_NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL">Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption of non-system partitions/volumes?</string>
+ <string lang="en" key="ASK_NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL">Do you want to be prompted about whether you want to resume the currently scheduled processes of encryption/decryption of non-system partitions/volumes?</string>
<string lang="en" key="KEEP_PROMPTING_ME">Yes, keep prompting me</string>
<string lang="en" key="DO_NOT_PROMPT_ME">No, do not prompt me</string>
- <string lang="en" key="NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL_NOTE">IMPORTANT: Keep in mind that you can resume the process of encryption of any non-system partition/volume by selecting 'Volumes' &gt; 'Resume Interrupted Process' from the menu bar of the main TrueCrypt window.</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_NOTIFICATION_REMOVAL_NOTE">IMPORTANT: Keep in mind that you can resume the process of encryption or decryption of any non-system partition/volume by selecting 'Volumes' &gt; 'Resume Interrupted Decryption' from the menu bar of the main TrueCrypt window.</string>
<string lang="en" key="SYSTEM_ENCRYPTION_SCHEDULED_BUT_PBA_FAILED">You have scheduled the process of encryption or decryption of the system partition/drive. However, pre-boot authentication failed (or was bypassed).\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by selecting 'System' &gt; 'Permanently Decrypt System Partition/Drive' from the menu bar of the main TrueCrypt window.</string>
<string lang="en" key="CONFIRM_EXIT">WARNING: If TrueCrypt exits now, the following functions will be disabled:\n\n1) Hot keys\n2) Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.)\n3) Auto-mount of favorite volumes\n4) Notifications (e.g., when damage to hidden volume is prevented)\n\nNote: If you do not wish TrueCrypt to run in the background, disable the TrueCrypt Background Task in the Preferences (and, if necessary, disable the automatic start of TrueCrypt in the Preferences).\n\nAre you sure you want TrueCrypt to exit?</string>
<string lang="en" key="CONFIRM_EXIT_UNIVERSAL">Exit?</string>
<string lang="en" key="CHOOSE_ENCRYPT_OR_DECRYPT">TrueCrypt does not have sufficient information to determine whether to encrypt or decrypt.</string>
<string lang="en" key="CHOOSE_ENCRYPT_OR_DECRYPT_FINALIZE_DECRYPT_NOTE">TrueCrypt does not have sufficient information to determine whether to encrypt or decrypt.\n\nNote: If you decrypted the system partition/drive in the pre-boot environment, you may need to finalize the process by clicking Decrypt.</string>
- <string lang="en" key="NONSYS_INPLACE_ENC_DEFER_CONFIRM">Do you want to interrupt and postpone the process of encryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted. You will be able to resume the process of encryption and it will continue from the point it was stopped. You can do so, for example, by selecting 'Volumes' &gt; 'Resume Interrupted Process' from the menu bar of the main TrueCrypt window.</string>
- <string lang="en" key="SYSTEM_ENCRYPTION_DEFER_CONFIRM">Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' &gt; 'Resume Interrupted Process' from the menu bar of the main TrueCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' &gt; 'Permanently Decrypt System Partition/Drive'.</string>
- <string lang="en" key="SYSTEM_DECRYPTION_DEFER_CONFIRM">Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' &gt; 'Resume Interrupted Process' from the menu bar of the main TrueCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' &gt; 'Encrypt System Partition/Drive'.</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_REVERSE_INFO">Note: When you are encrypting a non-system partition/volume in place and an error persistently prevents you from finishing the process, you will not be able to mount the volume (and access data stored on it) until you entirely DECRYPT the volume (i.e. reverse the process).\n\nIf you need to do so, follow these steps:\n1) Exit this wizard.\n2) In the main TrueCrypt window, select 'Volumes' &gt; 'Resume Interrupted Decryption'.\n3) Select 'Decrypt'.</string>
+ <string lang="en" key="NONSYS_INPLACE_ENC_DEFER_CONFIRM">Do you want to interrupt and postpone the process of encryption/decryption of the partition/volume?\n\nNote: Keep in mind that the volume cannot be mounted until it has been fully encrypted or decrypted. You will be able to resume the process of encryption/decryption and it will continue from the point where it was stopped. You can do so, for example, by selecting 'Volumes' &gt; 'Resume Interrupted Decryption' from the menu bar of the main TrueCrypt window.</string>
+ <string lang="en" key="SYSTEM_ENCRYPTION_DEFER_CONFIRM">Do you want to interrupt and postpone the process of encryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' &gt; 'Resume Interrupted Decryption' from the menu bar of the main TrueCrypt window. If you want to permanently terminate or reverse the encryption process, select 'System' &gt; 'Permanently Decrypt System Partition/Drive'.</string>
+ <string lang="en" key="SYSTEM_DECRYPTION_DEFER_CONFIRM">Do you want to interrupt and postpone the process of decryption of the system partition/drive?\n\nNote: You will be able to resume the process and it will continue from the point it was stopped. You can do so, for example, by selecting 'System' &gt; 'Resume Interrupted Decryption' from the menu bar of the main TrueCrypt window. If you want to reverse the decryption process (and start encrypting), select 'System' &gt; 'Encrypt System Partition/Drive'.</string>
<string lang="en" key="FAILED_TO_INTERRUPT_SYSTEM_ENCRYPTION">Error: Failed to interrupt the process of encryption/decryption of the system partition/drive.</string>
<string lang="en" key="FAILED_TO_INTERRUPT_WIPING">Error: Failed to interrupt the process of wiping.</string>
<string lang="en" key="FAILED_TO_RESUME_SYSTEM_ENCRYPTION">Error: Failed to resume the process of encryption/decryption of the system partition/drive.</string>
<string lang="en" key="FAILED_TO_START_WIPING">Error: Failed to start the process of wiping.</string>
<string lang="en" key="INCONSISTENCY_RESOLVED">Inconsistency resolved.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs)</string>
<string lang="en" key="UNEXPECTED_STATE">Error: Unexpected state.\n\n\n(If you report a bug in connection with this, please include the following technical information in the bug report:\n%hs)</string>
- <string lang="en" key="NOTHING_TO_RESUME">There is no process/task to resume.</string>
+ <string lang="en" key="NO_SYS_ENC_PROCESS_TO_RESUME">There is no interrupted process of encryption/decryption of the system partition/drive to resume.\n\nNote: If you want to resume an interrupted process of encryption/decryption of a non-system partition/volume, select 'Volumes' &gt; 'Resume Interrupted Decryption'.</string>
<string lang="en" key="HIDVOL_PROT_BKG_TASK_WARNING">WARNING: TrueCrypt Background Task is disabled. After you exit TrueCrypt, you will not be notified if damage to hidden volume is prevented.\n\nNote: You may shut down the Background Task anytime by right-clicking the TrueCrypt tray icon and selecting 'Exit'.\n\nEnable TrueCrypt Background Task?</string>
<string lang="en" key="LANG_PACK_VERSION">Language pack version: %s</string>
<string lang="en" key="CHECKING_FS">Checking the file system on the TrueCrypt volume mounted as %hs...</string>
@@ -1098,9 +1067,10 @@
<string lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_3">- If the previous steps do not help or if the TrueCrypt Boot Loader screen does not appear (before Windows starts), insert the TrueCrypt Rescue Disk into your CD/DVD drive and restart your computer. If the TrueCrypt Rescue Disk screen does not appear (or if you do not see the 'Repair Options' item in the 'Keyboard Controls' section of the TrueCrypt Rescue Disk screen), it is possible that your BIOS is configured to attempt to boot from hard drives before CD/DVD drives. If that is the case, restart your computer, press F2 or Delete (as soon as you see a BIOS start-up screen), and wait until a BIOS configuration screen appears. If no BIOS configuration screen appears, restart (reset) the computer again and start pressing F2 or Delete repeatedly as soon as you restart (reset) the computer. When a BIOS configuration screen appears, configure your BIOS to boot from the CD/DVD drive first (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor's technical support team for assistance). Then restart your computer. The TrueCrypt Rescue Disk screen should appear now. In the TrueCrypt Rescue Disk screen, select 'Repair Options' by pressing F8 on your keyboard. From the 'Repair Options' menu, select 'Restore original system loader'. Then remove the Rescue Disk from your CD/DVD drive and restart your computer. Windows should start normally (provided that it is not encrypted).\n\n</string>
<string lang="en" key="SYS_ENCRYPTION_PRETEST_INFO2_PORTION_4">Note that the previous steps do NOT work if the system partition/drive is encrypted (nobody can start Windows or access encrypted data on the drive without the correct password even if he or she follows the previous steps).\n\n\nNote that even if you lose your TrueCrypt Rescue Disk and an attacker finds it, he or she will NOT be able to decrypt the system partition or drive without the correct password.</string>
<string lang="en" key="SYS_ENCRYPTION_PRETEST_RESULT_TITLE">Pretest Completed</string>
- <string lang="en" key="SYS_ENCRYPTION_PRETEST_RESULT_INFO">The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while TrueCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run TrueCrypt again anytime, and select 'System' &gt; 'Resume Interrupted Process' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting.</string>
+ <string lang="en" key="SYS_ENCRYPTION_PRETEST_RESULT_INFO">The pretest has been successfully completed.\n\nWARNING: Please note that if power supply is suddenly interrupted while encrypting existing data in place, or when the operating system crashes due to a software error or hardware malfunction while TrueCrypt is encrypting existing data in place, portions of the data will be corrupted or lost. Therefore, before you start encrypting, please make sure that you have backup copies of the files you want to encrypt. If you do not, please back up the files now (you can click Defer, back up the files, then run TrueCrypt again anytime, and select 'System' &gt; 'Resume Interrupted Decryption' to start encrypting).\n\nWhen ready, click Encrypt to start encrypting.</string>
<string lang="en" key="SYSENC_ENCRYPTION_PAGE_INFO">You can click Pause or Defer anytime to interrupt the process of encryption or decryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. To prevent slowdown when the system or applications write or read data from the system drive, TrueCrypt automatically waits until the data is written or read (see Status above) and then automatically continues encrypting or decrypting.</string>
<string lang="en" key="NONSYS_INPLACE_ENC_ENCRYPTION_PAGE_INFO">\n\nYou can click Pause or Defer anytime to interrupt the process of encryption, exit this wizard, restart or shut down your computer, and then resume the process, which will continue from the point it was stopped. Note that the volume cannot be mounted until it has been fully encrypted.</string>
+ <string lang="en" key="NONSYS_INPLACE_DEC_DECRYPTION_PAGE_INFO">\n\nYou can click Pause or Defer anytime to interrupt the process of decryption, exit this wizard, restart or shut down the computer, and then resume the process, which will continue from the point where it was stopped. Note that the volume cannot be mounted until it has been fully decrypted.</string>
<string lang="en" key="SYSENC_HIDDEN_OS_INITIAL_INFO_TITLE">Hidden System Started</string>
<string lang="en" key="SYSENC_HIDDEN_OS_WIPE_INFO_TITLE">Original System</string>
<string lang="en" key="SYSENC_HIDDEN_OS_WIPE_INFO">Windows creates (typically, without your knowledge or consent) various log files, temporary files, etc., on the system partition. It also saves the content of RAM to hibernation and paging files located on the system partition. Therefore, if an adversary analyzed files stored on the partition where the original system (of which the hidden system is a clone) resides, he might find out, for example, that you used the TrueCrypt wizard in the hidden-system-creation mode (which might indicate the existence of a hidden operating system on your computer).\n\nTo prevent such issues, TrueCrypt will, in the next steps, securely erase the entire content of the partition where the original system resides. Afterwards, in order to achieve plausible deniability, you will need to install a new system on the partition and encrypt it. Thus you will create the decoy system and the whole process of creation of the hidden operating system will be completed.</string>
@@ -1140,7 +1110,7 @@
<string lang="en" key="HIDDEN_OS_CREATION_PREINFO_HELP">In the next steps, TrueCrypt will create the hidden operating system by copying the content of the system partition to the hidden volume (data being copied will be encrypted on the fly with an encryption key different from the one that will be used for the decoy operating system).\n\nPlease note that the process will be performed in the pre-boot environment (before Windows starts) and it may take a long time to complete; several hours or even several days (depending on the size of the system partition and on the performance of your computer).\n\nYou will be able to interrupt the process, shut down your computer, start the operating system and then resume the process. However, if you interrupt it, the entire process of copying the system will have to start from the beginning (because the content of the system partition must not change during cloning).</string>
<string lang="en" key="CONFIRM_CANCEL_HIDDEN_OS_CREATION">Do you want to cancel the entire process of creation of the hidden operating system?\n\nNote: You will NOT be able to resume the process if you cancel it now.</string>
<string lang="en" key="CONFIRM_CANCEL_SYS_ENC_PRETEST">Do you want to cancel the system encryption pretest?</string>
- <string lang="en" key="BOOT_PRETEST_FAILED_RETRY">The TrueCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the TrueCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).\n\n- For more possible causes and solutions, see: http://www.truecrypt.org/docs/?s=troubleshooting</string>
+ <string lang="en" key="BOOT_PRETEST_FAILED_RETRY">The TrueCrypt system encryption pretest failed. Do you want to try again?\n\nIf you select 'No', the pre-boot authentication component will be uninstalled.\n\nNotes:\n\n- If the TrueCrypt Boot Loader did not ask you to enter the password before Windows started, it is possible that your operating system does not boot from the drive on which it is installed. This is not supported.\n\n- If you used an encryption algorithm other than AES and the pretest failed (and you entered the password), it may have been caused by an inappropriately designed driver. Select 'No', and try encrypting the system partition/drive again, but use the AES encryption algorithm (which has the lowest memory requirements).</string>
<string lang="en" key="SYS_DRIVE_NOT_ENCRYPTED">The system partition/drive does not appear to be encrypted (neither partially nor fully).</string>
<string lang="en" key="SETUP_FAILED_BOOT_DRIVE_ENCRYPTED">Your system partition/drive is encrypted (partially or fully).\n\nPlease decrypt your system partition/drive entirely before proceeding. To do so, select 'System' &gt; 'Permanently Decrypt System Partition/Drive' from the menu bar of the main TrueCrypt window.</string>
<string lang="en" key="SETUP_FAILED_BOOT_DRIVE_ENCRYPTED_DOWNGRADE">When the system partition/drive is encrypted (partially or fully), you cannot downgrade TrueCrypt (but you can upgrade it or reinstall the same version).</string>
@@ -1148,7 +1118,7 @@
<string lang="en" key="SYSTEM_ENCRYPTION_IN_PROGRESS_ELSEWHERE">An instance of the TrueCrypt Volume Creation Wizard is currently running on this system and performing or preparing encryption/decryption of the system partition/drive. Before you proceed, please wait for it to finish or close it. If you cannot close it, please restart your computer before proceeding.</string>
<string lang="en" key="SYSTEM_ENCRYPTION_NOT_COMPLETED">The process of encryption or decryption of the system partition/drive has not been completed. Please wait until it is complete before proceeding.</string>
<string lang="en" key="ERR_ENCRYPTION_NOT_COMPLETED">Error: The process of encryption of the partition/drive has not been completed. It must be completed first.</string>
- <string lang="en" key="ERR_NONSYS_INPLACE_ENC_INCOMPLETE">Error: The process of encryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' &gt; 'Resume Interrupted Process' from the menu bar of the main TrueCrypt window.</string>
+ <string lang="en" key="ERR_NONSYS_INPLACE_ENC_INCOMPLETE">Error: The process of encryption or decryption of the partition/volume has not been completed. It must be completed first.\n\nNote: To resume the process, select 'Volumes' &gt; 'Resume Interrupted Decryption' from the menu bar of the main TrueCrypt window.</string>
<string lang="en" key="ERR_SYS_HIDVOL_HEAD_REENC_MODE_WRONG">The password is correct, TrueCrypt has successfully decrypted the volume header and detected that this volume is a hidden system volume. However, you cannot modify the header of a hidden system volume this way.\n\nTo change the password for a hidden system volume, boot the operating system residing in the hidden volume, and then select 'System' &gt; 'Change Password' from the menu bar of the main TrueCrypt window.\n\nTo set the header key derivation algorithm, boot the hidden operating system and then select 'System' &gt; 'Set Header Key Derivation Algorithm'.</string>
<string lang="en" key="CANNOT_DECRYPT_HIDDEN_OS">TrueCrypt does not support in-place decryption of a hidden system partition.\n\nNote: If you want to decrypt the decoy system partition, boot the decoy system, and then select 'System' &gt; 'Permanently Decrypt System Partition/Drive' from the menu bar of the main TrueCrypt window.</string>
<string lang="en" key="ERR_PARAMETER_INCORRECT">Error: Incorrect/invalid parameter.</string>
@@ -1156,7 +1126,8 @@
<string lang="en" key="CONFIRM_CHANGE_WIZARD_MODE_TO_FILE_CONTAINER">Do you want to create a TrueCrypt file container instead?</string>
<string lang="en" key="CONFIRM_SYSTEM_ENCRYPTION_MODE">You have selected the system partition/drive (or the boot partition), but the wizard mode you selected is suitable only for non-system partitions/drives.\n\nDo you want to set up pre-boot authentication (which means that you will need to enter your password each time before Windows boots/starts) and encrypt the system partition/drive?</string>
<string lang="en" key="CONFIRM_DECRYPT_SYS_DEVICE">Are you sure you want to permanently decrypt the system partition/drive?</string>
- <string lang="en" key="CONFIRM_DECRYPT_SYS_DEVICE_CAUTION">CAUTION: If you permanently decrypt the system partition/drive, unencrypted data will be written to it.\n\nAre you really sure you want to permanently decrypt the system partition/drive?</string>
+ <string lang="en" key="CONFIRM_DECRYPT_NON_SYS_DEVICE">Are you sure you want to permanently decrypt the following volume?</string>
+ <string lang="en" key="CONFIRM_DECRYPT_NON_SYS_DEVICE_CAUTION">CAUTION: If you permanently decrypt the TrueCrypt volume, unencrypted data will be written to the disk.\n\nAre you really sure you want to permanently decrypt the selected volume?</string>
<string lang="en" key="CONFIRM_CASCADE_FOR_SYS_ENCRYPTION">Warning: If you use a cascade of ciphers for system encryption, you may encounter the following issues:\n\n1) The TrueCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the TrueCrypt Boot Loader. Hence, whenever it gets damaged (which often happens, for example, during inappropriately designed anti-piracy activation procedures of certain programs), you will need to use the TrueCrypt Rescue Disk to boot or to repair the TrueCrypt Boot Loader.\n\n2) On some computers, resuming from hibernation takes longer.\n\nThese potential issues can be prevented by choosing a non-cascade encryption algorithm (e.g. AES).\n\nAre you sure you want to use a cascade of ciphers?</string>
<string lang="en" key="NOTE_CASCADE_FOR_SYS_ENCRYPTION">If you encounter any of the previously described problems, decrypt the partition/drive (if it is encrypted) and then try encrypting it again using a non-cascade encryption algorithm (e.g. AES).</string>
<string lang="en" key="UPDATE_TC_IN_DECOY_OS_FIRST">WARNING: For safety and security reasons, you should update TrueCrypt on the decoy operating system before you update it on the hidden operating system.\n\nTo do so, boot the decoy system and run the TrueCrypt installer from within it. Then boot the hidden system and run the installer from within it as well.\n\nNote: The decoy system and the hidden system share a single boot loader. If you upgraded TrueCrypt only on the hidden system (but not on the decoy system), the decoy system would contain a TrueCrypt driver and TrueCrypt applications whose version numbers are different from the version number of the TrueCrypt Boot Loader. Such a discrepancy might indicate that there is a hidden operating system on this computer.\n\n\nDo you want to continue?</string>
@@ -1172,6 +1143,7 @@
<string lang="en" key="ENABLE_BAD_SECTOR_ZEROING">Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nThe process of in-place encryption can continue only when the sectors have been made readable again. TrueCrypt can attempt to make these sectors readable by writing zeros to the sectors (subsequently such all-zero blocks would be encrypted). However, note that any data stored in the unreadable sectors will be lost. If you want to avoid that, you can attempt to recover portions of the corrupted data using appropriate third-party tools.\n\nNote: In case of physically damaged sectors (as opposed to mere data corruption and checksum errors) most types of storage devices internally reallocate the sectors when data is attempted to be written to them (so the existing data in the damaged sectors may remain unencrypted on the drive).\n\nDo you want TrueCrypt to write zeroes to unreadable sectors?</string>
<string lang="en" key="DISCARD_UNREADABLE_ENCRYPTED_SECTORS">Error: Content of one or more sectors on the disk cannot be read (probably due to a physical defect).\n\nTo be able to proceed with decryption, TrueCrypt will have to discard the content of the unreadable sectors (the content will be replaced with pseudorandom data). Please note that, before proceeding, you can attempt to recover portions of any corrupted data using appropriate third-party tools.\n\nDo you want TrueCrypt to discard data in the unreadable sectors now?</string>
<string lang="en" key="ZEROED_BAD_SECTOR_COUNT">Note: TrueCrypt has replaced the content of %I64d unreadable sectors (%s) with encrypted all-zero plaintext blocks.</string>
+ <string lang="en" key="SKIPPED_BAD_SECTOR_COUNT">Note: TrueCrypt has replaced the content of %I64d unreadable sectors (%s) with pseudorandom data.</string>
<string lang="en" key="ENTER_TOKEN_PASSWORD">Enter password/PIN for token '%s':</string>
<string lang="en" key="PKCS11_LIB_LOCATION_HELP">In order to allow TrueCrypt to access a security token or smart card, you need to install a PKCS #11 software library for the token or smart card first. Such a library may be supplied with the device or it may be available for download from the website of the vendor or other third parties.\n\nAfter you install the library, you can either select it manually by clicking 'Select Library' or you can let TrueCrypt find and select it automatically by clicking 'Auto-Detect Library' (only the Windows system directory will be searched).</string>
<string lang="en" key="SELECT_PKCS11_MODULE_HELP">Note: For the filename and location of the PKCS #11 library installed for your security token or smart card, please refer to the documentation supplied with the token, card, or third-party software.\n\nClick 'OK' to select the path and filename.</string>
diff --git a/Common/Resource.h b/Common/Resource.h
index 72844e2..4653170 100644
--- a/Common/Resource.h
+++ b/Common/Resource.h
@@ -12,37 +12,36 @@
#define IDD_ABOUT_DLG 508
#define IDD_COMMANDHELP_DLG 509
#define IDD_RAWDEVICES_DLG 510
-#define IDC_HOMEPAGE 511
-#define IDR_COMMON_RSRC_HEADER 512
-#define IDD_LANGUAGE 513
-#define IDD_CIPHER_TEST_DLG 514
-#define IDR_LICENSE 515
-#define IDD_AUXILIARY_DLG 516
-#define IDB_TEXTUAL_LOGO_BKG 517
-#define IDB_TEXTUAL_LOGO_96DPI 518
-#define IDB_TEXTUAL_LOGO_288DPI 519
-#define IDR_BOOT_SECTOR 520
-#define IDR_BOOT_SECTOR_AES 521
-#define IDR_BOOT_SECTOR_SERPENT 522
-#define IDR_BOOT_SECTOR_TWOFISH 523
-#define IDR_BOOT_LOADER_DECOMPRESSOR 524
-#define IDR_BOOT_LOADER 525
-#define IDR_BOOT_LOADER_AES 526
-#define IDR_BOOT_LOADER_SERPENT 527
-#define IDR_BOOT_LOADER_TWOFISH 528
-#define IDR_RESCUE_BOOT_SECTOR 529
-#define IDR_RESCUE_BOOT_SECTOR_AES 530
-#define IDR_RESCUE_BOOT_SECTOR_SERPENT 531
-#define IDR_RESCUE_BOOT_SECTOR_TWOFISH 532
-#define IDR_RESCUE_LOADER 533
-#define IDR_RESCUE_LOADER_AES 534
-#define IDR_RESCUE_LOADER_SERPENT 535
-#define IDR_RESCUE_LOADER_TWOFISH 536
-#define IDD_TOKEN_PASSWORD 537
-#define IDD_TOKEN_KEYFILES 538
-#define IDD_NEW_TOKEN_KEYFILE 539
-#define IDD_RANDOM_POOL_ENRICHMENT 540
-#define IDI_TRUECRYPT_MOUNTED_ICON 541
+#define IDR_COMMON_RSRC_HEADER 511
+#define IDD_LANGUAGE 512
+#define IDD_CIPHER_TEST_DLG 513
+#define IDR_LICENSE 514
+#define IDD_AUXILIARY_DLG 515
+#define IDB_TEXTUAL_LOGO_BKG 516
+#define IDB_TEXTUAL_LOGO_96DPI 517
+#define IDB_TEXTUAL_LOGO_288DPI 518
+#define IDR_BOOT_SECTOR 519
+#define IDR_BOOT_SECTOR_AES 520
+#define IDR_BOOT_SECTOR_SERPENT 521
+#define IDR_BOOT_SECTOR_TWOFISH 522
+#define IDR_BOOT_LOADER_DECOMPRESSOR 523
+#define IDR_BOOT_LOADER 524
+#define IDR_BOOT_LOADER_AES 525
+#define IDR_BOOT_LOADER_SERPENT 526
+#define IDR_BOOT_LOADER_TWOFISH 527
+#define IDR_RESCUE_BOOT_SECTOR 528
+#define IDR_RESCUE_BOOT_SECTOR_AES 529
+#define IDR_RESCUE_BOOT_SECTOR_SERPENT 530
+#define IDR_RESCUE_BOOT_SECTOR_TWOFISH 531
+#define IDR_RESCUE_LOADER 532
+#define IDR_RESCUE_LOADER_AES 533
+#define IDR_RESCUE_LOADER_SERPENT 534
+#define IDR_RESCUE_LOADER_TWOFISH 535
+#define IDD_TOKEN_PASSWORD 536
+#define IDD_TOKEN_KEYFILES 537
+#define IDD_NEW_TOKEN_KEYFILE 538
+#define IDD_RANDOM_POOL_ENRICHMENT 539
+#define IDI_TRUECRYPT_MOUNTED_ICON 540
#define IDC_HW_AES_LABEL_LINK 5000
#define IDC_HW_AES 5001
#define IDC_PARALLELIZATION_LABEL_LINK 5002
@@ -120,55 +119,52 @@
#define IDT_KEYFILE_GENERATOR_NOTE 5074
#define IDC_GENERATE_AND_SAVE_KEYFILE 5075
#define IDT_POOL_CONTENTS 5076
-#define IDC_GET_LANG_PACKS 5077
-#define IDT_LANGPACK_AUTHORS 5078
-#define IDC_LANGPACK_CREDITS 5079
-#define IDC_LANGPACK_VERSION 5080
-#define IDT_ACTIVE_LANG_PACK 5081
-#define IDC_DISPLAY_POOL_CONTENTS 5082
-#define IDC_XTS_MODE_ENABLED 5083
-#define IDC_MULTI_CHOICE_MSG 5084
-#define IDC_CHOICE1 5085
-#define IDC_CHOICE5 5086
-#define IDC_CHOICE2 5087
-#define IDC_CHOICE3 5088
-#define IDC_CHOICE4 5089
-#define IDC_CHOICE6 5090
-#define IDC_CHOICE7 5091
-#define IDC_CHOICE8 5092
-#define IDC_CHOICE9 5093
-#define IDC_CHOICE10 5094
-#define IDC_MC_DLG_HR1 5095
-#define IDC_MC_DLG_HR2 5096
-#define IDC_LINK_HIDVOL_PROTECTION_INFO 5097
-#define IDC_LINK_KEYFILES_INFO 5098
-#define IDC_TEXTUAL_LOGO_IMG 5099
-#define IDC_ASPECT_RATIO_CALIBRATION_BOX 5100
-#define IDC_ABOUT_LOGO_AREA 5101
-#define IDC_TOKEN_PASSWORD 5102
-#define IDC_TOKEN_FILE_LIST 5103
-#define IDC_TOKEN_FILES_ADD 5104
-#define IDC_EXPORT 5105
-#define IDC_DELETE 5106
-#define IDC_IMPORT_KEYFILE 5107
-#define IDC_SELECTED_TOKEN 5108
-#define IDT_SECURITY_TOKEN 5109
-#define IDT_TOKEN_KEYFILE_NAME 5110
-#define IDC_TOKEN_KEYFILE_NAME 5111
-#define IDT_TOKEN_PASSWORD_INFO 5112
-#define IDT_RANDOM_POOL_ENRICHMENT_NOTE 5113
-#define IDC_CONTINUE 5114
-#define IDT_ABOUT_RELEASE 5115
-#define IDT_STATIC_MODELESS_WAIT_DLG_INFO 5116
+#define IDT_LANGPACK_AUTHORS 5077
+#define IDC_LANGPACK_CREDITS 5078
+#define IDC_LANGPACK_VERSION 5079
+#define IDT_ACTIVE_LANG_PACK 5080
+#define IDC_DISPLAY_POOL_CONTENTS 5081
+#define IDC_XTS_MODE_ENABLED 5082
+#define IDC_MULTI_CHOICE_MSG 5083
+#define IDC_CHOICE1 5084
+#define IDC_CHOICE5 5085
+#define IDC_CHOICE2 5086
+#define IDC_CHOICE3 5087
+#define IDC_CHOICE4 5088
+#define IDC_CHOICE6 5089
+#define IDC_CHOICE7 5090
+#define IDC_CHOICE8 5091
+#define IDC_CHOICE9 5092
+#define IDC_CHOICE10 5093
+#define IDC_MC_DLG_HR1 5094
+#define IDC_MC_DLG_HR2 5095
+#define IDC_TEXTUAL_LOGO_IMG 5096
+#define IDC_ASPECT_RATIO_CALIBRATION_BOX 5097
+#define IDC_ABOUT_LOGO_AREA 5098
+#define IDC_TOKEN_PASSWORD 5099
+#define IDC_TOKEN_FILE_LIST 5100
+#define IDC_TOKEN_FILES_ADD 5101
+#define IDC_EXPORT 5102
+#define IDC_DELETE 5103
+#define IDC_IMPORT_KEYFILE 5104
+#define IDC_SELECTED_TOKEN 5105
+#define IDT_SECURITY_TOKEN 5106
+#define IDT_TOKEN_KEYFILE_NAME 5107
+#define IDC_TOKEN_KEYFILE_NAME 5108
+#define IDT_TOKEN_PASSWORD_INFO 5109
+#define IDT_RANDOM_POOL_ENRICHMENT_NOTE 5110
+#define IDC_CONTINUE 5111
+#define IDT_ABOUT_RELEASE 5112
+#define IDT_STATIC_MODELESS_WAIT_DLG_INFO 5113
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NO_MFC 1
-#define _APS_NEXT_RESOURCE_VALUE 542
+#define _APS_NEXT_RESOURCE_VALUE 541
#define _APS_NEXT_COMMAND_VALUE 40001
-#define _APS_NEXT_CONTROL_VALUE 5117
+#define _APS_NEXT_CONTROL_VALUE 5114
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
diff --git a/Common/Tcdefs.h b/Common/Tcdefs.h
index 45898b1..0fbfd75 100644
--- a/Common/Tcdefs.h
+++ b/Common/Tcdefs.h
@@ -15,15 +15,13 @@
#define TC_APP_NAME "TrueCrypt"
// Version displayed to user
-#define VERSION_STRING "7.1a"
+#define VERSION_STRING "7.2"
// Version number to compare against driver
-#define VERSION_NUM 0x071a
+#define VERSION_NUM 0x0720
// Release date
-#define TC_STR_RELEASE_DATE "February 7, 2012"
-#define TC_RELEASE_DATE_YEAR 2012
-#define TC_RELEASE_DATE_MONTH 2
+#define TC_STR_RELEASE_DATE "5/2014"
#define BYTES_PER_KB 1024LL
#define BYTES_PER_MB 1048576LL
@@ -247,14 +245,10 @@ void EraseMemory (void *memory, int size);
#define TC_MAX_PATH 260 /* Includes the null terminator */
#endif
-#define TC_STR_RELEASED_BY "Released by TrueCrypt Foundation on " TC_STR_RELEASE_DATE
+#define TC_STR_RELEASED_BY "Released by TrueCrypt Foundation in " TC_STR_RELEASE_DATE
#define MAX_URL_LENGTH 2084 /* Internet Explorer limit. Includes the terminating null character. */
-#define TC_HOMEPAGE "http://www.truecrypt.org/"
-#define TC_APPLINK "http://www.truecrypt.org/applink?version=" VERSION_STRING
-#define TC_APPLINK_SECURE "https://www.truecrypt.org/applink?version=" VERSION_STRING
-
enum
{
/* WARNING: ADD ANY NEW CODES AT THE END (DO NOT INSERT THEM BETWEEN EXISTING). DO *NOT* DELETE ANY
diff --git a/Common/Volumes.h b/Common/Volumes.h
index 14e9868..5ef292a 100644
--- a/Common/Volumes.h
+++ b/Common/Volumes.h
@@ -114,7 +114,7 @@ extern "C" {
// Volume header flags
#define TC_HEADER_FLAG_ENCRYPTED_SYSTEM 0x1
-#define TC_HEADER_FLAG_NONSYS_INPLACE_ENC 0x2 // The volume has been created using non-system in-place encryption
+#define TC_HEADER_FLAG_NONSYS_INPLACE_ENC 0x2 // The volume has been created (or is being encrypted/decrypted) using non-system in-place encryption
#ifndef TC_HEADER_Volume_VolumeHeader
diff --git a/Driver/DriveFilter.c b/Driver/DriveFilter.c
index 72adb86..7961f3c 100644
--- a/Driver/DriveFilter.c
+++ b/Driver/DriveFilter.c
@@ -1158,15 +1158,18 @@ static VOID SetupThreadProc (PVOID threadArg)
int64 bytesWrittenSinceHeaderUpdate = 0;
byte *buffer = NULL;
- byte *wipeBuffer = NULL;
- byte wipeRandChars[TC_WIPE_RAND_CHAR_COUNT];
- byte wipeRandCharsUpdate[TC_WIPE_RAND_CHAR_COUNT];
KIRQL irql;
NTSTATUS status;
SetupResult = STATUS_UNSUCCESSFUL;
+ if (SetupRequest.SetupMode == SetupEncryption)
+ {
+ SetupResult = STATUS_INVALID_PARAMETER;
+ goto ret;
+ }
+
// Make sure volume header can be updated
if (Extension->HeaderCryptoInfo == NULL)
{
@@ -1181,16 +1184,6 @@ static VOID SetupThreadProc (PVOID threadArg)
goto ret;
}
- if (SetupRequest.SetupMode == SetupEncryption && SetupRequest.WipeAlgorithm != TC_WIPE_NONE)
- {
- wipeBuffer = TCalloc (TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);
- if (!wipeBuffer)
- {
- SetupResult = STATUS_INSUFFICIENT_RESOURCES;
- goto ret;
- }
- }
-
while (!NT_SUCCESS (EncryptedIoQueueHoldWhenIdle (&Extension->Queue, 1000)))
{
if (EncryptionSetupThreadAbortRequested)
@@ -1321,47 +1314,7 @@ static VOID SetupThreadProc (PVOID threadArg)
}
dataUnit.Value = offset.QuadPart / ENCRYPTION_DATA_UNIT_SIZE;
-
- if (SetupRequest.SetupMode == SetupEncryption)
- {
- EncryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);
-
- if (SetupRequest.WipeAlgorithm != TC_WIPE_NONE)
- {
- byte wipePass;
- for (wipePass = 1; wipePass <= GetWipePassCount (SetupRequest.WipeAlgorithm); ++wipePass)
- {
- if (!WipeBuffer (SetupRequest.WipeAlgorithm, wipeRandChars, wipePass, wipeBuffer, setupBlockSize))
- {
- ULONG i;
- for (i = 0; i < setupBlockSize; ++i)
- {
- wipeBuffer[i] = buffer[i] + wipePass;
- }
-
- EncryptDataUnits (wipeBuffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);
- memcpy (wipeRandCharsUpdate, wipeBuffer, sizeof (wipeRandCharsUpdate));
- }
-
- status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, wipeBuffer, offset, setupBlockSize);
- if (!NT_SUCCESS (status))
- {
- // Undo failed write operation
- DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);
- TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize);
-
- SetupResult = status;
- goto err;
- }
- }
-
- memcpy (wipeRandChars, wipeRandCharsUpdate, sizeof (wipeRandCharsUpdate));
- }
- }
- else
- {
- DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);
- }
+ DecryptDataUnits (buffer, &dataUnit, setupBlockSize / ENCRYPTION_DATA_UNIT_SIZE, Extension->Queue.CryptoInfo);
status = TCWriteDevice (BootDriveFilterExtension->LowerDeviceObject, buffer, offset, setupBlockSize);
if (!NT_SUCCESS (status))
@@ -1458,8 +1411,6 @@ err:
ret:
if (buffer)
TCfree (buffer);
- if (wipeBuffer)
- TCfree (wipeBuffer);
SetupInProgress = FALSE;
PsTerminateSystemThread (SetupResult);
diff --git a/Driver/Driver.rc b/Driver/Driver.rc
index 6f1f9a9..04cdcf1 100644
--- a/Driver/Driver.rc
+++ b/Driver/Driver.rc
@@ -13,13 +13,11 @@
#undef APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
-// English (U.S.) resources
+// English (United States) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
-#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
-#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
@@ -27,8 +25,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
- FILEVERSION 7,1,1,0
- PRODUCTVERSION 7,1,1,0
+ FILEVERSION 7,2,0,0
+ PRODUCTVERSION 7,2,0,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@@ -45,11 +43,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "TrueCrypt Foundation"
VALUE "FileDescription", "TrueCrypt Driver"
- VALUE "FileVersion", "7.1a"
+ VALUE "FileVersion", "7.2"
VALUE "LegalTrademarks", "TrueCrypt"
VALUE "OriginalFilename", "truecrypt.sys"
VALUE "ProductName", "TrueCrypt"
- VALUE "ProductVersion", "7.1a"
+ VALUE "ProductVersion", "7.2"
END
END
BLOCK "VarFileInfo"
@@ -84,7 +82,7 @@ END
#endif // APSTUDIO_INVOKED
-#endif // English (U.S.) resources
+#endif // English (United States) resources
/////////////////////////////////////////////////////////////////////////////
diff --git a/Format/Format.rc b/Format/Format.rc
index 83d4d67..91629e9 100644
--- a/Format/Format.rc
+++ b/Format/Format.rc
@@ -14,13 +14,11 @@
#undef APSTUDIO_READONLY_SYMBOLS
/////////////////////////////////////////////////////////////////////////////
-// English (U.S.) resources
+// English (United States) resources
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
-#ifdef _WIN32
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
#pragma code_page(1252)
-#endif //_WIN32
/////////////////////////////////////////////////////////////////////////////
//
@@ -28,8 +26,8 @@ LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
//
VS_VERSION_INFO VERSIONINFO
- FILEVERSION 7,1,1,0
- PRODUCTVERSION 7,1,1,0
+ FILEVERSION 7,2,0,0
+ PRODUCTVERSION 7,2,0,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@@ -46,11 +44,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "TrueCrypt Foundation"
VALUE "FileDescription", "TrueCrypt Format"
- VALUE "FileVersion", "7.1a"
+ VALUE "FileVersion", "7.2"
VALUE "LegalTrademarks", "TrueCrypt"
VALUE "OriginalFilename", "TrueCrypt Format.exe"
VALUE "ProductName", "TrueCrypt"
- VALUE "ProductVersion", "7.1a"
+ VALUE "ProductVersion", "7.2"
END
END
BLOCK "VarFileInfo"
@@ -91,7 +89,7 @@ BEGIN
PUSHBUTTON "Cancel",IDCANCEL,343,189,50,14
LTEXT "",IDC_BOX_TITLE,160,8,233,17
GROUPBOX "",IDC_STATIC,4,0,392,183
- CONTROL 116,IDC_BITMAP_WIZARD,"Static",SS_BITMAP | SS_SUNKEN,10,9,137,169
+ CONTROL IDB_WIZARD,IDC_BITMAP_WIZARD,"Static",SS_BITMAP | SS_SUNKEN,10,9,137,169
LTEXT "",IDC_POS_BOX,160,24,231,152
END
@@ -106,8 +104,6 @@ BEGIN
LTEXT "",IDC_BOX_HELP,7,40,205,40
GROUPBOX "Encryption Algorithm",IDT_ENCRYPTION_ALGO,0,10,217,95
GROUPBOX "Hash Algorithm",IDT_HASH_ALGO,0,109,217,35
- LTEXT "More information",IDC_LINK_MORE_INFO_ABOUT_CIPHER,7,82,135,10,SS_NOTIFY
- LTEXT "Information on hash algorithms",IDC_LINK_HASH_INFO,97,124,115,8,SS_NOTIFY
END
IDD_PASSWORD_PAGE_DLG DIALOGEX 0, 0, 226, 152
@@ -182,12 +178,10 @@ FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
CONTROL "Create an encrypted file container",IDC_FILE_CONTAINER,
"Button",BS_AUTORADIOBUTTON,0,7,217,10
- LTEXT "More information",IDC_MORE_INFO_ON_CONTAINERS,16,39,165,10,SS_NOTIFY
CONTROL "Encrypt a non-system partition/drive",IDC_NONSYS_DEVICE,
"Button",BS_AUTORADIOBUTTON,0,53,217,10
CONTROL "Encrypt the system partition or entire system drive",IDC_SYS_DEVICE,
"Button",BS_AUTORADIOBUTTON,0,87,217,10
- LTEXT "More information about system encryption",IDC_MORE_INFO_ON_SYS_ENCRYPTION,16,136,190,10,SS_NOTIFY
LTEXT "Creates a virtual encrypted disk within a file. Recommended for inexperienced users.",IDT_FILE_CONTAINER,16,20,205,16
LTEXT "Encrypts a non-system partition on any internal or external drive (e.g. a flash drive). Optionally, creates a hidden volume.",IDT_NON_SYS_DEVICE,16,66,205,16
LTEXT "Encrypts the partition/drive where Windows is installed. Anyone who wants to gain access and use the system, read and write files, etc., will need to enter the correct password each time before Windows boots. Optionally, creates a hidden system.",IDT_SYS_DEVICE,16,100,205,33
@@ -236,7 +230,6 @@ FONT 8, "MS Shell Dlg", 400, 0, 0x1
BEGIN
CONTROL "Standard TrueCrypt volume",IDC_STD_VOL,"Button",BS_AUTORADIOBUTTON,0,7,212,10
CONTROL "Hi&dden TrueCrypt volume ",IDC_HIDDEN_VOL,"Button",BS_AUTORADIOBUTTON,0,53,212,10