aescrypt

Download

aescrypt@lists.packetizer.com

September 2013

2 participants
2 discussions

PATCH: "AES Check" context menu command in shell extension DLL.
by Kaz Kylheku 07 Sep '13

07 Sep '13

* Users can check whether they know the correct password for a file without bulk decrypting it. * Users can optionally verify the built-in integrity of the file without writing out the plaintext. * Progress bar dialog is now hidden when an exception takes place, solving the problem of continued progress bar animation underneath an error or informational dialog. * Internally, the "encrypt/decrypt" bool which is passed around has been replaced by a four-valued action enum, including in the DLL API. * The aescrypt command line executable which invokes the DLL supports a few extra options to test the new actions. diff -urp AESCrypt_source_v309-p2/AESCrypt/AESCrypt.cpp AESCrypt_source_v309/AESCrypt/AESCrypt.cpp --- AESCrypt_source_v309-p2/AESCrypt/AESCrypt.cpp 2013-03-09 23:13:54.000000000 -0800 +++ AESCrypt_source_v309/AESCrypt/AESCrypt.cpp 2013-09-06 20:33:44.357519400 -0700 @@ -16,6 +16,7 @@ #include "resource.h" #include "AESCrypt.h" #include "AESCryptWorkerThreads.h" +#include "../AESCrypt32/AESCrypt32.h" class AESCryptModule : public CAtlDllModuleT< AESCryptModule > { @@ -127,9 +128,9 @@ STDAPI DllUnregisterServer(void) } __declspec(dllexport) void __cdecl ProcessFiles(StringList *file_list, - bool encrypt) + AESAction action) { - AES_Crypt_Worker_Threads.ProcessFiles(file_list, encrypt); + AES_Crypt_Worker_Threads.ProcessFiles(file_list, action); } __declspec(dllexport) bool __cdecl AESLibBusy() diff -urp AESCrypt_source_v309-p2/AESCrypt/AESCrypt.rc AESCrypt_source_v309/AESCrypt/AESCrypt.rc --- AESCrypt_source_v309-p2/AESCrypt/AESCrypt.rc 2013-09-06 08:22:29.158076700 -0700 +++ AESCrypt_source_v309/AESCrypt/AESCrypt.rc 2013-09-06 20:33:52.299527900 -0700 @@ -122,7 +122,8 @@ BEGIN EDITTEXT IDC_PASSWDCONFIRM,6,47,208,14,ES_PASSWORD | ES_AUTOHSCROLL DEFPUSHBUTTON "OK",IDOK,222,17,50,16 PUSHBUTTON "Cancel",IDCANCEL,222,36,50,16 - CONTROL "Reveal Typing",IDC_SHOW_TYPING,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,129,7,62,10 + CONTROL "Reveal Typing",IDC_SHOW_TYPING,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,6,65,62,10 + CONTROL "Verify File Integrity",IDC_VERIFY,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,77,65,73,10 END IDD_PROGRESSDIALOG DIALOGEX 0, 0, 181, 87 diff -urp AESCrypt_source_v309-p2/AESCrypt/AESCryptShellExt.cpp AESCrypt_source_v309/AESCrypt/AESCryptShellExt.cpp --- AESCrypt_source_v309-p2/AESCrypt/AESCryptShellExt.cpp 2013-03-09 23:13:54.000000000 -0800 +++ AESCrypt_source_v309/AESCrypt/AESCryptShellExt.cpp 2013-09-06 20:34:48.691688800 -0700 @@ -15,6 +15,7 @@ #include "AESCrypt.h" #include "AESCryptShellExt.h" #include "AESCryptWorkerThreads.h" +#include "../AESCrypt32/AESCrypt32.h" /* * Make the global thread class visible in this module. @@ -295,6 +296,7 @@ HRESULT AESCryptShellExt::QueryContextMe UINT uFlags) { UINT uCmdID = uidFirstCmd; + UINT uMenuFirst = uMenuIndex; // If the flags include CMF_DEFAULTONLY then we shouldn't do anything. if (uFlags & CMF_DEFAULTONLY) @@ -306,15 +308,21 @@ HRESULT AESCryptShellExt::QueryContextMe if (AES_Files == true) { InsertMenu( hmenu, - uMenuIndex, + uMenuIndex++, MF_STRING | MF_BYPOSITION, uCmdID++, _T("AES Decrypt")); + + InsertMenu( hmenu, + uMenuIndex++, + MF_STRING | MF_BYPOSITION, + uCmdID++, + _T("AES Check")); } else { InsertMenu( hmenu, - uMenuIndex, + uMenuIndex++, MF_STRING | MF_BYPOSITION, uCmdID++, _T("AES Encrypt")); @@ -323,16 +331,18 @@ HRESULT AESCryptShellExt::QueryContextMe // Insert the bitmap if (Context_Bitmap != NULL ) { - SetMenuItemBitmaps( hmenu, - uMenuIndex, - MF_BYPOSITION, - Context_Bitmap, - NULL); + for (UINT i = uMenuFirst; i < uMenuIndex; i++) + { + SetMenuItemBitmaps( hmenu, + i, + MF_BYPOSITION, + Context_Bitmap, + NULL); + } } - // Tell the shell that we added one menu item - return MAKE_HRESULT(SEVERITY_SUCCESS, FACILITY_NULL, 1); - + // Tell the shell how many items we added + return MAKE_HRESULT(SEVERITY_SUCCESS, FACILITY_NULL, uMenuIndex - uMenuFirst); } /* @@ -368,6 +378,17 @@ HRESULT AESCryptShellExt::GetCommandStri } break; + case 1: + if (AES_Files == true) + { + help_text = _T("Check AES password and verify file integrity"); + } + else + { + return E_INVALIDARG; + } + break; + default: ATLASSERT(0); // should never get here return E_INVALIDARG; @@ -415,7 +436,22 @@ HRESULT AESCryptShellExt::GetCommandStri } } break; - + case 1: + if (AES_Files == true) + { + if (uFlags & GCS_UNICODE) + { + lstrcpynW((LPWSTR) szName, L"AES Verify", cchMax); + } + else + { + lstrcpynA(szName, "AES Verify", cchMax); + } + } + else + { + return E_INVALIDARG; + } default: ATLASSERT(0); // should never get here return E_INVALIDARG; @@ -434,6 +470,8 @@ HRESULT AESCryptShellExt::GetCommandStri */ HRESULT AESCryptShellExt::InvokeCommand(LPCMINVOKECOMMANDINFO pInfo) { + AESAction action = Decrypt; + // If lpVerb really points to a string, ignore this function call and bail out. if (HIWORD(pInfo->lpVerb) != 0) { @@ -443,18 +481,24 @@ HRESULT AESCryptShellExt::InvokeCommand( // Check that lpVerb is one of our commands (0 or 1) switch (LOWORD(pInfo->lpVerb)) { - case 0: - AES_Crypt_Worker_Threads.ProcessFiles( File_List, - (Non_AES_Files == TRUE)); - // We passed the pointer to AES_Crypt_Worker_Threads, - // so set it to NULL here to avoid double deletion - File_List = NULL; - return S_OK; - break; + case 0: + action = (Non_AES_Files ? Encrypt : Decrypt); + break; + case 1: + if (!Non_AES_Files) { + action = CheckPassword; + break; + } + // Fallthrough default: ATLASSERT(0); // should never get here return E_INVALIDARG; - break; } + + AES_Crypt_Worker_Threads.ProcessFiles( File_List, action ); + // We passed the pointer to AES_Crypt_Worker_Threads, + // so set it to NULL here to avoid double deletion + File_List = NULL; + return S_OK; } diff -urp AESCrypt_source_v309-p2/AESCrypt/AESCryptWorkerThreads.cpp AESCrypt_source_v309/AESCrypt/AESCryptWorkerThreads.cpp --- AESCrypt_source_v309-p2/AESCrypt/AESCryptWorkerThreads.cpp 2013-09-06 02:16:14.849193800 -0700 +++ AESCrypt_source_v309/AESCrypt/AESCryptWorkerThreads.cpp 2013-09-06 20:33:44.433029000 -0700 @@ -100,13 +100,13 @@ bool AESCryptWorkerThreads::IsBusy() * */ void AESCryptWorkerThreads::ProcessFiles( StringList *file_list, - bool encrypt) + AESAction action) { PasswdDialog dlg; - if (CheckOverwriteFiles(file_list, encrypt) && // files are not in the way - dlg.DoModal(::GetActiveWindow(), (encrypt ? 1 : 0)) == IDOK && // prompt for password - StartThread(file_list, dlg.passwd, encrypt)) // start thread + if (CheckOverwriteFiles(file_list, action) && // files are not in the way + dlg.DoModal(::GetActiveWindow(), (LPARAM) action) == IDOK && // prompt for password + StartThread(file_list, dlg.passwd, dlg.verifying ? Verify : action)) // start thread { // Thread started successfully and now owns file_list return; @@ -125,7 +125,7 @@ void AESCryptWorkerThreads::ProcessFiles */ bool AESCryptWorkerThreads::StartThread(StringList *file_list, TCHAR *passwd, - bool encrypt) + AESAction action) { WorkerData *worker_data = NULL; DWORD thread_id; @@ -135,7 +135,7 @@ bool AESCryptWorkerThreads::StartThread( { worker_data = new WorkerData; worker_data->file_list = file_list; - worker_data->encrypt = encrypt; + worker_data->action = action; _tcscpy_s(worker_data->passwd, MAX_PASSWD_LEN+1, passwd); worker_data->aes_crypt_worker_threads = this; } @@ -219,7 +219,7 @@ void AESCryptWorkerThreads::ThreadEntry( // OK, we're in sync with our caller and cleaned up old threads LeaveCriticalSection(&Critical_Section); - if (worker_data->encrypt) + if (worker_data->action == Encrypt) { EncryptFiles( worker_data->file_list, worker_data->passwd); @@ -227,7 +227,8 @@ void AESCryptWorkerThreads::ThreadEntry( else { DecryptFiles( worker_data->file_list, - worker_data->passwd); + worker_data->passwd, + worker_data->action ); } // Delete the file list @@ -284,11 +285,14 @@ DWORD WINAPI ThreadInit(LPVOID lpParamet */ bool AESCryptWorkerThreads::CheckOverwriteFiles( StringList *file_list, - bool encrypt) + AESAction action) { + if (action == CheckPassword || action == Verify) + return true; + for (StringListIter i = file_list->begin(); i != file_list->end(); i++) { const String &name = *i; - String dest = encrypt ? name + _T(".aes") : name.substr(0, name.length() - 4); + String dest = (action == Encrypt) ? name + _T(".aes") : name.substr(0, name.length() - 4); BufferedFile check_file; DWORD result_code = check_file.OpenFile(dest.c_str(), false, OPEN_EXISTING); @@ -905,7 +909,8 @@ void AESCryptWorkerThreads::EncryptFiles */ void AESCryptWorkerThreads::DecryptFiles( StringList *file_list, - TCHAR *passwd) + TCHAR *passwd, + AESAction action) { aes_context aes_ctx; sha256_context sha_ctx; @@ -986,9 +991,17 @@ void AESCryptWorkerThreads::DecryptFiles if (error_abort == false) { - result_code = out_buffered_file.OpenFile( out_file, - true, - CREATE_NEW); + if (action == Decrypt) + { + result_code = out_buffered_file.OpenFile( out_file, + true, + CREATE_NEW); + } + else + { + result_code = ERROR_SUCCESS; + } + if (result_code != ERROR_SUCCESS) { std::basic_string<TCHAR> message; @@ -1292,6 +1305,16 @@ void AESCryptWorkerThreads::DecryptFiles last_clock_time = clock(); current_percent = 0; last_block_size_read = false; + + if (action == CheckPassword) + { + throw SystemErrorException( + _T("Verified access to ") + + in_file + + _T("\nThe password is correct"), + 0, true); + } + while(bytes_left > 0) { bytes_left -= 16; @@ -1342,17 +1365,20 @@ void AESCryptWorkerThreads::DecryptFiles (last_block_size == 0)) ? 16 : last_block_size; // Write the decrypted block - result_code = out_buffered_file.WriteFile( - buffer, - n, - &bytes_written); - if (result_code != ERROR_SUCCESS) - { - std::basic_string<TCHAR> message; - message = _T("Unable to write to "); - message += out_file; - throw SystemErrorException(message, result_code); - } + if (action == Decrypt) + { + result_code = out_buffered_file.WriteFile( + buffer, + n, + &bytes_written); + if (result_code != ERROR_SUCCESS) + { + std::basic_string<TCHAR> message; + message = _T("Unable to write to "); + message += out_file; + throw SystemErrorException(message, result_code); + } + } // Update the UI when more than 250ms has passed // or when there is no more data to read or @@ -1385,7 +1411,7 @@ void AESCryptWorkerThreads::DecryptFiles } } - if (error_abort == false) + if (error_abort == false && action != CheckPassword) { if (last_block_size_read == false && version >= 1) { @@ -1458,19 +1484,35 @@ void AESCryptWorkerThreads::DecryptFiles } } } + + if (action == Verify) + { + throw SystemErrorException( + _T("Verified integrity of ") + + in_file + + _T("\nThe password is correct and the file appears undamaged"), + 0, true); + } + } catch(SystemErrorException e) { - ::ReportError(e.Message,e.Reason); + // First, hide the progress dialog, otherwise it lingers and may keep animating + // for a moment even as the new dialog pops up. + dlg.ShowWindow(SW_HIDE); + dlg.UpdateWindow(); + DoMessageLoop(); + ::ReportError(e.Message,e.Reason,e.informative); error_abort = true; } in_buffered_file.CloseFile(); - out_buffered_file.CloseFile(); + if (action == Decrypt) + out_buffered_file.CloseFile(); // We will attempt to cleanup, but we don't care if this // really works or not... - if (error_abort == true) + if (error_abort == true && action == Decrypt) { DeleteFile(out_file); } diff -urp AESCrypt_source_v309-p2/AESCrypt/AESCryptWorkerThreads.h AESCrypt_source_v309/AESCrypt/AESCryptWorkerThreads.h --- AESCrypt_source_v309-p2/AESCrypt/AESCryptWorkerThreads.h 2013-09-06 01:43:02.101147000 -0700 +++ AESCrypt_source_v309/AESCrypt/AESCryptWorkerThreads.h 2013-09-06 20:33:44.471533900 -0700 @@ -23,18 +23,19 @@ class AESCryptWorkerThreads bool StartThread( StringList *file_list, TCHAR *passwd, - bool encrypt); + AESAction action); inline void DoMessageLoop(); bool CheckOverwriteFiles( StringList *file_list, - bool encrypt); + AESAction action); void EncryptFiles( StringList *file_list, TCHAR *passwd); void DecryptFiles( StringList *file_list, - TCHAR *passwd); + TCHAR *passwd, + AESAction action); public: AESCryptWorkerThreads(); @@ -45,7 +46,7 @@ class AESCryptWorkerThreads // Process files for encryption (true) or decryption (false) void ProcessFiles( StringList *file_list, - bool encrypt); + AESAction action); // This should only be called by threads // spawned by this class. @@ -56,7 +57,7 @@ struct WorkerData { StringList *file_list; TCHAR passwd[MAX_PASSWD_LEN+1]; - bool encrypt; + AESAction action; HANDLE thread_handle; AESCryptWorkerThreads *aes_crypt_worker_threads; }; diff -urp AESCrypt_source_v309-p2/AESCrypt/ErrorHandling.cpp AESCrypt_source_v309/AESCrypt/ErrorHandling.cpp --- AESCrypt_source_v309-p2/AESCrypt/ErrorHandling.cpp 2013-03-09 23:13:54.000000000 -0800 +++ AESCrypt_source_v309/AESCrypt/ErrorHandling.cpp 2013-09-06 20:33:44.444030400 -0700 @@ -17,7 +17,8 @@ * Report an error to the user */ void ReportError( std::basic_string<TCHAR> message, - DWORD reason) + DWORD reason, + bool just_informative) { LPTSTR error_string; @@ -45,7 +46,7 @@ void ReportError( std::basic_string<TC } } - ::MessageBox(NULL,message.c_str(),_T("AES Crypt Error"), MB_OK); + ::MessageBox(NULL,message.c_str(), just_informative ? _T("AES Crypt Notice") : _T("AES Crypt Error"), MB_OK); } diff -urp AESCrypt_source_v309-p2/AESCrypt/ErrorHandling.h AESCrypt_source_v309/AESCrypt/ErrorHandling.h --- AESCrypt_source_v309-p2/AESCrypt/ErrorHandling.h 2013-03-09 23:13:54.000000000 -0800 +++ AESCrypt_source_v309/AESCrypt/ErrorHandling.h 2013-09-06 20:33:44.478534800 -0700 @@ -11,7 +11,8 @@ /* Global Error Reporting Function */ void ReportError( std::basic_string<TCHAR> message, - DWORD reason); + DWORD reason, + bool just_informative = false); /* * This class exists to allow us to easily bail out when @@ -22,9 +23,12 @@ class SystemErrorException public: DWORD Reason; std::basic_string<TCHAR> Message; + bool informative; SystemErrorException( std::basic_string<TCHAR> message, - DWORD reason = 0) + DWORD reason = 0, + bool inf = false) + : informative(inf) { Reason = reason; Message = message; diff -urp AESCrypt_source_v309-p2/AESCrypt/PasswdDialog.cpp AESCrypt_source_v309/AESCrypt/PasswdDialog.cpp --- AESCrypt_source_v309-p2/AESCrypt/PasswdDialog.cpp 2013-09-06 08:22:36.947565800 -0700 +++ AESCrypt_source_v309/AESCrypt/PasswdDialog.cpp 2013-09-06 20:33:44.449531100 -0700 @@ -13,12 +13,14 @@ #include "stdafx.h" #include "PasswdDialog.h" +#include "../AESCrypt32/AESCrypt32.h" /* * PasswdDialog Constructor */ PasswdDialog::PasswdDialog() : reveal_typing(false) + , verifying(false) { } @@ -36,6 +38,7 @@ LRESULT PasswdDialog::OnInitDialog(UINT { HWND window_handle; HICON hicon; + AESAction action = (AESAction) lParam; CAxDialogImpl<PasswdDialog>::OnInitDialog(uMsg, wParam, lParam, bHandled); bHandled = TRUE; @@ -57,24 +60,39 @@ LRESULT PasswdDialog::OnInitDialog(UINT EM_SETLIMITTEXT, MAX_PASSWD_LEN, 0); - if (lParam) - { - encrypting = true; + + + switch (action) { + case Encrypt: + encrypting = true; SendDlgItemMessage( IDC_PASSWDCONFIRM, EM_SETLIMITTEXT, MAX_PASSWD_LEN, 0); - } - else - { - encrypting = false; + // Hide verify control + window_handle = GetDlgItem(IDC_VERIFY); + ::ShowWindow(window_handle, SW_HIDE); + break; + case Verify: + // Check-box the verify control + SendDlgItemMessage(IDC_VERIFY, BM_SETCHECK, BST_CHECKED, 0); + verifying = true; + // fallthrough + case CheckPassword: + // Show the verify control + window_handle = GetDlgItem(IDC_VERIFY); + ::ShowWindow(window_handle, SW_SHOW); + // fallthrough + case Decrypt: + encrypting = false; // Hide the password confirmation controls window_handle = GetDlgItem(IDC_PASSWDCONFIRM); ::ShowWindow(window_handle, SW_HIDE); window_handle = GetDlgItem(IDC_ENTERPASSWDCONFIRM); ::ShowWindow(window_handle, SW_HIDE); + break; } return 1; // Let the system set the focus @@ -166,3 +184,10 @@ LRESULT PasswdDialog::OnBnClickedShowTyp return 0; } + + +LRESULT PasswdDialog::OnBnClickedVerify(WORD /*wNotifyCode*/, WORD /*wID*/, HWND /*hWndCtl*/, BOOL& /*bHandled*/) +{ + verifying = (SendDlgItemMessage(IDC_VERIFY, BM_GETCHECK, 0, 0) == BST_CHECKED); + return 0; +} diff -urp AESCrypt_source_v309-p2/AESCrypt/PasswdDialog.h AESCrypt_source_v309/AESCrypt/PasswdDialog.h --- AESCrypt_source_v309-p2/AESCrypt/PasswdDialog.h 2013-09-06 08:22:36.953566600 -0700 +++ AESCrypt_source_v309/AESCrypt/PasswdDialog.h 2013-09-06 20:33:44.482035200 -0700 @@ -29,6 +29,7 @@ class PasswdDialog : public CAxDialogImp TCHAR passwd[MAX_PASSWD_LEN+1]; bool encrypting; bool reveal_typing; + bool verifying; LRESULT password_hide_char; BEGIN_MSG_MAP(PasswdDialog) @@ -37,6 +38,7 @@ class PasswdDialog : public CAxDialogImp COMMAND_HANDLER(IDCANCEL, BN_CLICKED, OnClickedCancel) CHAIN_MSG_MAP(CAxDialogImpl<PasswdDialog>) COMMAND_HANDLER(IDC_SHOW_TYPING, BN_CLICKED, OnBnClickedShowTyping) + COMMAND_HANDLER(IDC_VERIFY, BN_CLICKED, OnBnClickedVerify) END_MSG_MAP() // Handler prototypes: @@ -50,5 +52,6 @@ class PasswdDialog : public CAxDialogImp LRESULT OnClickedCancel(WORD wNotifyCode, WORD wID, HWND hWndCtl, BOOL& bHandled); LRESULT OnBnClickedShowTyping(WORD /*wNotifyCode*/, WORD /*wID*/, HWND /*hWndCtl*/, BOOL& /*bHandled*/); + LRESULT OnBnClickedVerify(WORD /*wNotifyCode*/, WORD /*wID*/, HWND /*hWndCtl*/, BOOL& /*bHandled*/); }; diff -urp AESCrypt_source_v309-p2/AESCrypt/resource.h AESCrypt_source_v309/AESCrypt/resource.h --- AESCrypt_source_v309-p2/AESCrypt/resource.h 2013-09-06 08:24:23.067541300 -0700 +++ AESCrypt_source_v309/AESCrypt/resource.h 2013-09-06 20:33:44.488536100 -0700 @@ -17,6 +17,7 @@ #define IDC_ENCRYPTINGMSG 208 #define IDC_FILENAME 209 #define IDC_SHOW_TYPING 210 +#define IDC_VERIFY 211 // Next default values for new objects // @@ -24,7 +25,7 @@ #ifndef APSTUDIO_READONLY_SYMBOLS #define _APS_NEXT_RESOURCE_VALUE 206 #define _APS_NEXT_COMMAND_VALUE 32768 -#define _APS_NEXT_CONTROL_VALUE 211 +#define _APS_NEXT_CONTROL_VALUE 212 #define _APS_NEXT_SYMED_VALUE 105 #endif #endif diff -urp AESCrypt_source_v309-p2/AESCrypt/stdafx.h AESCrypt_source_v309/AESCrypt/stdafx.h --- AESCrypt_source_v309-p2/AESCrypt/stdafx.h 2013-09-06 01:26:21.891136400 -0700 +++ AESCrypt_source_v309/AESCrypt/stdafx.h 2013-09-06 20:33:44.495537000 -0700 @@ -49,6 +49,7 @@ typedef std::list< String >::iterator St #include <commctrl.h> #include <shlobj.h> #include <string> +#include "../AESCrypt32/AESCrypt32.h" // What is the longest password in characters? #define MAX_PASSWD_LEN 1024 diff -urp AESCrypt_source_v309-p2/AESCrypt32/AESCrypt32.cpp AESCrypt_source_v309/AESCrypt32/AESCrypt32.cpp --- AESCrypt_source_v309-p2/AESCrypt32/AESCrypt32.cpp 2013-03-09 23:13:54.000000000 -0800 +++ AESCrypt_source_v309/AESCrypt32/AESCrypt32.cpp 2013-09-06 09:25:10.197668100 -0700 @@ -60,7 +60,7 @@ int APIENTRY _tWinMain( HINSTANCE hInsta MSG msg; LPWSTR *szArglist; int nArgs; - bool encrypt = false; + AESAction action = Decrypt; StringList *file_list = NULL; // Allocate memory for the file list @@ -120,22 +120,22 @@ int APIENTRY _tWinMain( HINSTANCE hInsta { if (i==1) { - if (!_tcscmp(szArglist[i],_T("/d"))) + if (!_tcscmp(szArglist[i],_T("/d")) || !_tcscmp(szArglist[i],_T("-d"))) { - encrypt = false; + action = Decrypt; } - else if (!_tcscmp(szArglist[i],_T("-d"))) + else if (!_tcscmp(szArglist[i],_T("/e")) || !_tcscmp(szArglist[i],_T("-e"))) { - encrypt = false; - } - else if (!_tcscmp(szArglist[i],_T("/e"))) - { - encrypt = true; - } - else if (!_tcscmp(szArglist[i],_T("-e"))) - { - encrypt = true; + action = Encrypt; } + else if (!_tcscmp(szArglist[i],_T("/c")) || !_tcscmp(szArglist[i],_T("-e"))) + { + action = CheckPassword; + } + else if (!_tcscmp(szArglist[i],_T("/v")) || !_tcscmp(szArglist[i],_T("-v"))) + { + action = Verify; + } else { file_list->push_back(szArglist[i]); @@ -151,7 +151,7 @@ int APIENTRY _tWinMain( HINSTANCE hInsta if (file_list->empty()) { ::MessageBox( NULL, - _T("Usage: aescrypt32 [/d|/e] filename ..."), + _T("Usage: aescrypt32 [/d|/e|/c|/v] filename ..."), MAKEINTRESOURCE(IDS_APP_TITLE), MB_ICONERROR | MB_OK); SendMessage(hWnd, WM_DESTROY, 0, 0); @@ -159,7 +159,7 @@ int APIENTRY _tWinMain( HINSTANCE hInsta else { // Initiate file processing - ProcessFiles(file_list, encrypt); + ProcessFiles(file_list, action); // The file list will be consumed and freed by the worker thread // ultimately processes the list of files. diff -urp AESCrypt_source_v309-p2/AESCrypt32/AESCrypt32.h AESCrypt_source_v309/AESCrypt32/AESCrypt32.h --- AESCrypt_source_v309-p2/AESCrypt32/AESCrypt32.h 2013-03-09 23:13:54.000000000 -0800 +++ AESCrypt_source_v309/AESCrypt32/AESCrypt32.h 2013-09-06 09:59:51.032900600 -0700 @@ -18,8 +18,12 @@ #include "resource.h" +enum AESAction { + Decrypt, Encrypt, CheckPassword, Verify +}; + // Externals in the AESCrypt DLL -bool AESLibBusy(); -void ProcessFiles( StringList *file_list, - bool encrypt); +__declspec(dllexport) bool __cdecl AESLibBusy(); +__declspec(dllexport) void __cdecl ProcessFiles( StringList *file_list, + AESAction action);

2 1

Usability suggestions for Windows app.
by Kaz Kylheku 06 Sep '13

06 Sep '13

Hi all, In my opinion, the password entry dialog is not usable for long phrases, and encourages poor passwords. A checkbox to render the contents visible would be very useful to catch typing mistakes. It is frustrating to be told five times that the two do not match. Not everyone can touch type a long sentence twice with no mistakes. The security in concealing password entry is dubious anyway. It has value for protecting authentication passwords in places where someone may be looking over your shoulder. But would you be working with a highly sensitive document (that is worth protecting with AES) in such an environment? Its contents are as secret as the password used to protect it, and so it makes no sense to conceal the password from prying eyes, yet reveal the document. Another issue with the Windows application is that it performs sanity checks in the wrong order. When you're encrypting or decrypting a document, first you must get through the password dialog. Only then are you told, oops, the destination file already exists and we must bail! There is no security benefit in this; it is just annoying behavior. Why ask for the password if the operation cannot possibly complete (unless someone deletes the file outside of the program). Just bail right away: "We cannot do this operation because the destination file exists." A useful behavior would be to have the option to rename the existing file, or to choose a different name for the newly created file. (Deletion should be deferred to the user, who should be using a secure shred program, at least for the plaintexts). Cheers ...

2 8