EMV keyfile support: Overall code improvements and bug fixes

author: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2023-06-29 00:06:20 +0200
committer: Mounir IDRASSI <mounir.idrassi@idrix.fr> 2023-06-29 00:06:20 +0200
commit: 034b64f4153550cbe5849bcbfc27e187377cc512 (patch)
tree: d831496163c3891031765010bf1934406b0c4a3c /src/Main
parent: 502ab9112a7624dbd7c1c90c2e12ed45512b8b3c (diff)
download: VeraCrypt-034b64f4153550cbe5849bcbfc27e187377cc512.tar.gz
VeraCrypt-034b64f4153550cbe5849bcbfc27e187377cc512.zip
19 files changed, 135 insertions, 103 deletions
diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp
index dabfcad6..a7189652 100644
--- a/src/Main/CommandLineInterface.cpp
+++ b/src/Main/CommandLineInterface.cpp
@@ -56,7 +56,7 @@ namespace VeraCrypt
 		parser.AddSwitch (L"",	L"display-password",	_("Display password while typing"));
 		parser.AddOption (L"",	L"encryption",			_("Encryption algorithm"));
 		parser.AddSwitch (L"",	L"explore",				_("Open explorer window for mounted volume"));
-		parser.AddSwitch (L"",	L"export-token-keyfile",_("Export keyfile from security token"));
+		parser.AddSwitch (L"",	L"export-token-keyfile",_("Export keyfile from token"));
 		parser.AddOption (L"",	L"filesystem",			_("Filesystem type"));
 		parser.AddSwitch (L"f", L"force",				_("Force mount/dismount/overwrite"));
 #if !defined(TC_WINDOWS) && !defined(TC_MACOSX)
@@ -67,9 +67,9 @@ namespace VeraCrypt
 		parser.AddSwitch (L"",	L"import-token-keyfiles", _("Import keyfiles to security token"));
 		parser.AddOption (L"k", L"keyfiles",			_("Keyfiles"));
 		parser.AddSwitch (L"l", L"list",				_("List mounted volumes"));
-        parser.AddSwitch (L"",	L"list-token-keyfiles",	_("List token keyfiles"));
+		parser.AddSwitch (L"",	L"list-token-keyfiles",	_("List token keyfiles"));
 		parser.AddSwitch (L"",	L"list-securitytoken-keyfiles",	_("List security token keyfiles"));
-        parser.AddSwitch (L"",	L"list-emvtoken-keyfiles",	_("List emv token keyfiles"));
+		parser.AddSwitch (L"",	L"list-emvtoken-keyfiles",	_("List EMV token keyfiles"));
 		parser.AddSwitch (L"",	L"load-preferences",	_("Load user preferences"));
 		parser.AddSwitch (L"",	L"mount",				_("Mount volume interactively"));
 		parser.AddOption (L"m", L"mount-options",		_("VeraCrypt volume mount options"));
@@ -221,13 +221,13 @@ namespace VeraCrypt
 		if (parser.Found (L"export-token-keyfile"))
 		{
 			CheckCommandSingle();
-			ArgCommand = CommandId::ExportSecurityTokenKeyfile;
+			ArgCommand = CommandId::ExportTokenKeyfile;
 		}
 
 		if (parser.Found (L"import-token-keyfiles"))
 		{
 			CheckCommandSingle();
-			ArgCommand = CommandId::ImportSecurityTokenKeyfiles;
+			ArgCommand = CommandId::ImportTokenKeyfiles;
 		}
 
 		if (parser.Found (L"list"))
diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h
index 21fb5c89..6a31932e 100644
--- a/src/Main/CommandLineInterface.h
+++ b/src/Main/CommandLineInterface.h
@@ -39,9 +39,9 @@ namespace VeraCrypt
 			DismountVolumes,
 			DisplayVersion,
 			DisplayVolumeProperties,
-			ExportSecurityTokenKeyfile,
+			ExportTokenKeyfile,
 			Help,
-			ImportSecurityTokenKeyfiles,
+			ImportTokenKeyfiles,
 			ListTokenKeyfiles,
             ListSecurityTokenKeyfiles,
             ListEMVTokenKeyfiles,
diff --git a/src/Main/Forms/ChangePasswordDialog.cpp b/src/Main/Forms/ChangePasswordDialog.cpp
index 0992cf3b..0b54fefc 100644
--- a/src/Main/Forms/ChangePasswordDialog.cpp
+++ b/src/Main/Forms/ChangePasswordDialog.cpp
@@ -204,7 +204,7 @@ namespace VeraCrypt
 				wxBusyCursor busy;
 				ChangePasswordThreadRoutine routine(Path,	Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps,
 					CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), CurrentPasswordPanel->GetTrueCryptMode(),CurrentPasswordPanel->GetKeyfiles(),
-					newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().ActivateEMVOption);
+					newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled);
 				Gui->ExecuteWaitThreadRoutine (this, &routine);
 			}
 
diff --git a/src/Main/Forms/Forms.cpp b/src/Main/Forms/Forms.cpp
index 8667a741..e92b970e 100644
--- a/src/Main/Forms/Forms.cpp
+++ b/src/Main/Forms/Forms.cpp
@@ -2208,13 +2208,13 @@ PreferencesDialogBase::PreferencesDialogBase( wxWindow* parent, wxWindowID id, c
 	
 	bSizer128->Add( sbSizer37, 0, wxEXPAND|wxALL, 5 );
 
-    wxStaticBoxSizer* sbSizer38;
-    sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("IDT_EMV_OPTIONS") ), wxVERTICAL );
+	wxStaticBoxSizer* sbSizer38;
+	sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("IDT_EMV_OPTIONS") ), wxVERTICAL );
 
-    ActivateEMVOptionCheckBox = new wxCheckBox( sbSizer38->GetStaticBox(), wxID_ANY, _("IDC_ACTIVATE_EMV_OPTION"), wxDefaultPosition, wxDefaultSize, 0 );
-    sbSizer38->Add( ActivateEMVOptionCheckBox, 0, wxALL, 5 );
+	EMVSupportEnabledCheckBox = new wxCheckBox( sbSizer38->GetStaticBox(), wxID_ANY, _("IDC_ENABLE_EMV_SUPPORT"), wxDefaultPosition, wxDefaultSize, 0 );
+	sbSizer38->Add( EMVSupportEnabledCheckBox, 0, wxALL, 5 );
 
-    bSizer128->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 );
+	bSizer128->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 );
 
 	bSizer127->Add( bSizer128, 1, wxEXPAND|wxALL, 5 );
 	
diff --git a/src/Main/Forms/Forms.h b/src/Main/Forms/Forms.h
index 904e96dd..60937550 100644
--- a/src/Main/Forms/Forms.h
+++ b/src/Main/Forms/Forms.h
@@ -593,7 +593,7 @@ namespace VeraCrypt
 			wxTextCtrl* Pkcs11ModulePathTextCtrl;
 			wxButton* SelectPkcs11ModuleButton;
 			wxCheckBox* CloseSecurityTokenSessionsAfterMountCheckBox;
-            wxCheckBox* ActivateEMVOptionCheckBox;
+			wxCheckBox* EMVSupportEnabledCheckBox;
 			wxListCtrl* HotkeyListCtrl;
 			wxTextCtrl* HotkeyTextCtrl;
 			wxButton* AssignHotkeyButton;
diff --git a/src/Main/Forms/MainFrame.cpp b/src/Main/Forms/MainFrame.cpp
index b52682ce..4b9b9bf1 100644
--- a/src/Main/Forms/MainFrame.cpp
+++ b/src/Main/Forms/MainFrame.cpp
@@ -683,7 +683,7 @@ namespace VeraCrypt
 			{
 				mountOptions.Pim = CmdLine->ArgPim;
 			}
-            mountOptions.EMVOption = GetPreferences().ActivateEMVOption;
+			mountOptions.EMVSupportEnabled = GetPreferences().EMVSupportEnabled;
 			Gui->MountAllFavoriteVolumes (mountOptions);
 		}
 		catch (exception &e)
@@ -718,7 +718,7 @@ namespace VeraCrypt
 		{
 			mountOptions.Pim = CmdLine->ArgPim;
 		}
-        mountOptions.EMVOption = GetPreferences().ActivateEMVOption;
+        mountOptions.EMVSupportEnabled = GetPreferences().EMVSupportEnabled;
 
 		try
 		{
diff --git a/src/Main/Forms/MountOptionsDialog.cpp b/src/Main/Forms/MountOptionsDialog.cpp
index 28a9919c..4b8f7ce5 100644
--- a/src/Main/Forms/MountOptionsDialog.cpp
+++ b/src/Main/Forms/MountOptionsDialog.cpp
@@ -193,7 +193,7 @@ namespace VeraCrypt
 			Options.MountPoint = make_shared <DirectoryPath> (mountPoint);
 
 		Options.FilesystemOptions = FilesystemOptionsTextCtrl->GetValue();
-        Options.EMVOption = Gui->GetPreferences().ActivateEMVOption;
+		Options.EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled;
 
 		EndModal (wxID_OK);
 	}
diff --git a/src/Main/Forms/PreferencesDialog.cpp b/src/Main/Forms/PreferencesDialog.cpp
index 6caae325..abf1d505 100644
--- a/src/Main/Forms/PreferencesDialog.cpp
+++ b/src/Main/Forms/PreferencesDialog.cpp
@@ -96,7 +96,7 @@ namespace VeraCrypt
 		// Security tokens
 		Pkcs11ModulePathTextCtrl->SetValue (wstring (Preferences.SecurityTokenModule));
 		TC_CHECK_BOX_VALIDATOR (CloseSecurityTokenSessionsAfterMount);
-        TC_CHECK_BOX_VALIDATOR (ActivateEMVOption);
+		TC_CHECK_BOX_VALIDATOR (EMVSupportEnabled);
 
 		// System integration
 		TC_CHECK_BOX_VALIDATOR (StartOnLogon);
diff --git a/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp b/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp
index 2c5896a7..d78e22fd 100644
--- a/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp
+++ b/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp
@@ -53,7 +53,7 @@ namespace VeraCrypt
 		wxBusyCursor busy;
 
 		SecurityTokenKeyfileListCtrl->DeleteAllItems();
-		SecurityTokenKeyfileList = Token::GetAvailableKeyfiles(Gui->GetPreferences().ActivateEMVOption);
+		SecurityTokenKeyfileList = Token::GetAvailableKeyfiles(Gui->GetPreferences().EMVSupportEnabled);
 
 		size_t i = 0;
 		foreach (const shared_ptr<TokenKeyfile> key, SecurityTokenKeyfileList)
@@ -177,34 +177,38 @@ namespace VeraCrypt
 		}
 	}
 
-    void SecurityTokenKeyfilesDialog::OnListItemSelected(wxListEvent &event) {
-        if (event.GetItem().GetData() != (wxUIntPtr) nullptr) {
-            BOOL deletable = true;
-            foreach(long
-            item, Gui->GetListCtrlSelectedItems(SecurityTokenKeyfileListCtrl))
-            {
-                TokenKeyfile *keyfile = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(
-                        item));
-                if (!keyfile->Token->isEditable()) {
-                    deletable = false;
-                }
-            }
-            if (deletable) {
-                DeleteButton->Enable();
-            }
-            ExportButton->Enable();
-            OKButton->Enable();
-        }
-    }
+	void SecurityTokenKeyfilesDialog::OnListItemSelected(wxListEvent &event)
+	{
+		if (event.GetItem().GetData() != (wxUIntPtr) nullptr)
+		{
+			BOOL deletable = true;
+			foreach(long
+			item, Gui->GetListCtrlSelectedItems(SecurityTokenKeyfileListCtrl))
+			{
+				TokenKeyfile *keyfile = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(item));
+				if (!keyfile->Token->isEditable())
+				{
+					deletable = false;
+					break;
+				}
+			}
+			if (deletable)
+			{
+				DeleteButton->Enable();
+			}
+			ExportButton->Enable();
+			OKButton->Enable();
+		}
+	}
 
 	void SecurityTokenKeyfilesDialog::OnOKButtonClick ()
 	{
 		foreach (long item, Gui->GetListCtrlSelectedItems (SecurityTokenKeyfileListCtrl))
-        {
-            TokenKeyfile *key = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(item));
+		{
+			TokenKeyfile *key = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(item));
 
-            SelectedSecurityTokenKeyfilePaths.push_back(*key);
-        }
+			SelectedSecurityTokenKeyfilePaths.push_back(*key);
+		}
 		EndModal (wxID_OK);
 	}
 }
diff --git a/src/Main/Forms/VolumeCreationWizard.cpp b/src/Main/Forms/VolumeCreationWizard.cpp
index 0487455f..5939fc1b 100644
--- a/src/Main/Forms/VolumeCreationWizard.cpp
+++ b/src/Main/Forms/VolumeCreationWizard.cpp
@@ -795,7 +795,7 @@ namespace VeraCrypt
 						shared_ptr <VolumePassword> hiddenPassword;
 						try
 						{
-							hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption);
+							hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled);
 						}
 						catch (...)
 						{
@@ -846,7 +846,7 @@ namespace VeraCrypt
 					shared_ptr <VolumePassword> hiddenPassword;
 					try
 					{
-						hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption);
+						hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled);
 					}
 					catch (...)
 					{
@@ -1032,7 +1032,7 @@ namespace VeraCrypt
 						options->Size = VolumeSize;
 						options->Type = OuterVolume ? VolumeType::Normal : SelectedVolumeType;
 						options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*SelectedHash, false);
-                        options->EMVOption = Gui->GetPreferences().ActivateEMVOption;
+						options->EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled;
 
 
 						Creator.reset (new VolumeCreator);
@@ -1162,7 +1162,7 @@ namespace VeraCrypt
 				// remember Outer password and keyfiles in order to be able to compare it with those of Hidden volume
 				try
 				{
-					OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption);
+					OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled);
 				}
 				catch (...)
 				{
diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp
index c2e0be96..720c2bdc 100644
--- a/src/Main/Forms/WaitDialog.cpp
+++ b/src/Main/Forms/WaitDialog.cpp
@@ -9,8 +9,8 @@
 #include "System.h"
 #include "Volume/EncryptionModeXTS.h"
 #include "Main/GraphicUserInterface.h"
+#include "Common/PCSCException.h"
 #include "Common/SecurityToken.h"
-#include "Common/IccDataExtractor.h"
 #include "WaitDialog.h"
 
 namespace VeraCrypt
@@ -103,12 +103,18 @@ namespace VeraCrypt
 		VC_CONVERT_EXCEPTION (VolumeException);
 		VC_CONVERT_EXCEPTION (PasswordException);
 
-        VC_CONVERT_EXCEPTION (PCSCException);
-        VC_CONVERT_EXCEPTION (WinscardLibraryNotInitialized);
-        VC_CONVERT_EXCEPTION (InvalidEMVPath);
-        VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
-        VC_CONVERT_EXCEPTION (EMVPANNotFound);
-        VC_CONVERT_EXCEPTION (EMVUnknownCardType);
+		VC_CONVERT_EXCEPTION (PCSCException);
+		VC_CONVERT_EXCEPTION (CommandAPDUNotValid);
+		VC_CONVERT_EXCEPTION (ExtendedAPDUNotSupported);
+		VC_CONVERT_EXCEPTION (ScardLibraryInitializationFailed);
+		VC_CONVERT_EXCEPTION (EMVUnknownCardType);
+		VC_CONVERT_EXCEPTION (EMVSelectAIDFailed);
+		VC_CONVERT_EXCEPTION (EMVIccCertNotFound);
+		VC_CONVERT_EXCEPTION (EMVIssuerCertNotFound);
+		VC_CONVERT_EXCEPTION (EMVCPLCNotFound);
+		VC_CONVERT_EXCEPTION (InvalidEMVPath);
+		VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
+		VC_CONVERT_EXCEPTION (EMVPANNotFound);
 
 		throw *ex;
 	}
diff --git a/src/Main/GraphicUserInterface.cpp b/src/Main/GraphicUserInterface.cpp
index c76f1886..6786e9a8 100644
--- a/src/Main/GraphicUserInterface.cpp
+++ b/src/Main/GraphicUserInterface.cpp
@@ -193,7 +193,7 @@ namespace VeraCrypt
 						options->Kdf,
 						false,
 						options->Keyfiles,
-                        options->EMVOption,
+						options->EMVSupportEnabled,
 						options->Protection,
 						options->ProtectionPassword,
 						options->ProtectionPim,
@@ -222,7 +222,7 @@ namespace VeraCrypt
 								options->Kdf,
 								false,
 								options->Keyfiles,
-                                options->EMVOption,
+								options->EMVSupportEnabled,
 								options->Protection,
 								options->ProtectionPassword,
 								options->ProtectionPim,
@@ -317,7 +317,7 @@ namespace VeraCrypt
 
 			// Re-encrypt volume header
 			SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize());
-			ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVOption);
+			ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled);
 
 			ExecuteWaitThreadRoutine (parent, &routine);
 
@@ -326,7 +326,7 @@ namespace VeraCrypt
 			if (hiddenVolume)
 			{
 				// Re-encrypt hidden volume header
-				ReEncryptHeaderThreadRoutine hiddenRoutine(newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVOption);
+				ReEncryptHeaderThreadRoutine hiddenRoutine(newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled);
 
 				ExecuteWaitThreadRoutine (parent, &hiddenRoutine);
 			}
@@ -1468,7 +1468,7 @@ namespace VeraCrypt
 						options.Kdf,
 						options.TrueCryptMode,
 						options.Keyfiles,
-                        options.EMVOption,
+						options.EMVSupportEnabled,
 						options.Protection,
 						options.ProtectionPassword,
 						options.ProtectionPim,
@@ -1501,7 +1501,7 @@ namespace VeraCrypt
 			// Re-encrypt volume header
 			wxBusyCursor busy;
 			SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize());
-			ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption);
+			ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
 
 			ExecuteWaitThreadRoutine (parent, &routine);
 
@@ -1582,7 +1582,7 @@ namespace VeraCrypt
 						backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0);
 
 						// Decrypt header
-						shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVOption);
+						shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled);
 						Pkcs5KdfList keyDerivationFunctions = layout->GetSupportedKeyDerivationFunctions(options.TrueCryptMode);
 						EncryptionAlgorithmList encryptionAlgorithms = layout->GetSupportedEncryptionAlgorithms();
 						EncryptionModeList encryptionModes = layout->GetSupportedEncryptionModes();
@@ -1616,7 +1616,7 @@ namespace VeraCrypt
 			// Re-encrypt volume header
 			wxBusyCursor busy;
 			SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize());
-			ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption);
+			ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
 
 			ExecuteWaitThreadRoutine (parent, &routine);
 
@@ -1632,7 +1632,7 @@ namespace VeraCrypt
 			if (decryptedLayout->HasBackupHeader())
 			{
 				// Re-encrypt backup volume header
-				ReEncryptHeaderThreadRoutine backupRoutine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption);
+				ReEncryptHeaderThreadRoutine backupRoutine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
 
 				ExecuteWaitThreadRoutine (parent, &backupRoutine);
 
diff --git a/src/Main/GraphicUserInterface.h b/src/Main/GraphicUserInterface.h
index e50c6386..820a4831 100644
--- a/src/Main/GraphicUserInterface.h
+++ b/src/Main/GraphicUserInterface.h
@@ -46,7 +46,7 @@ namespace VeraCrypt
 		virtual void DoShowWarning (const wxString &message) const;
 		virtual void EndBusyState () const { wxEndBusyCursor(); }
 		virtual void EndInteractiveBusyState (wxWindow *window) const;
-		virtual void ExportSecurityTokenKeyfile () const { ThrowTextModeRequired(); }
+		virtual void ExportTokenKeyfile () const { ThrowTextModeRequired(); }
 		virtual wxTopLevelWindow *GetActiveWindow () const;
 		virtual shared_ptr <GetStringFunctor> GetAdminPasswordRequestHandler ();
 		virtual int GetCharHeight (wxWindow *window) const;
@@ -58,7 +58,7 @@ namespace VeraCrypt
 		virtual int GetScrollbarWidth (wxWindow *window, bool noScrollBar = false) const;
 		virtual list <long> GetListCtrlSelectedItems (wxListCtrl *listCtrl) const;
 		virtual wxString GetListCtrlSubItemText (wxListCtrl *listCtrl, long itemIndex, int columnIndex) const;
-		virtual void ImportSecurityTokenKeyfiles () const { ThrowTextModeRequired(); }
+		virtual void ImportTokenKeyfiles () const { ThrowTextModeRequired(); }
 		virtual void InitSecurityTokenLibrary () const;
 		virtual void InsertToListCtrl (wxListCtrl *listCtrl, long itemIndex, const vector <wstring> &itemFields, int imageIndex = -1, void *itemDataPtr = nullptr) const;
 		virtual bool IsInBackgroundMode () const { return BackgroundMode; }
diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp
index f4f73d7f..22df8e1f 100644
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -289,6 +289,9 @@ namespace VeraCrypt
 		normalVolumeMountOptions.Path = volumePath;
 		hiddenVolumeMountOptions.Path = volumePath;
 
+		normalVolumeMountOptions.EMVSupportEnabled = true;
+		hiddenVolumeMountOptions.EMVSupportEnabled = true;
+
 		VolumeType::Enum volumeType = VolumeType::Normal;
 
 		// Open both types of volumes
@@ -314,7 +317,7 @@ namespace VeraCrypt
 						kdf,
 						false,
 						options->Keyfiles,
-                        true,
+                        options->EMVSupportEnabled,
 						options->Protection,
 						options->ProtectionPassword,
 						options->ProtectionPim,
@@ -340,7 +343,7 @@ namespace VeraCrypt
 								kdf,
 								false,
 								options->Keyfiles,
-                                true,
+                                options->EMVSupportEnabled,
 								options->Protection,
 								options->ProtectionPassword,
 								options->ProtectionPim,
@@ -411,14 +414,14 @@ namespace VeraCrypt
 
 		// Re-encrypt volume header
 		SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize());
-		Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, true);
+		Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled);
 
 		backupFile.Write (newHeaderBuffer);
 
 		if (hiddenVolume)
 		{
 			// Re-encrypt hidden volume header
-			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, true);
+			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled);
 		}
 		else
 		{
@@ -915,7 +918,7 @@ namespace VeraCrypt
 		wxLongLong startTime = wxGetLocalTimeMillis();
 
 		VolumeCreator creator;
-            options->EMVOption = true;
+		options->EMVSupportEnabled = true;
 		creator.CreateVolume (options);
 
 		bool volumeCreated = false;
@@ -957,6 +960,7 @@ namespace VeraCrypt
 			mountOptions.Password = options->Password;
 			mountOptions.Pim = options->Pim;
 			mountOptions.Keyfiles = options->Keyfiles;
+			mountOptions.EMVSupportEnabled = true;
 
 			shared_ptr <VolumeInfo> volume = Core->MountVolume (mountOptions);
 			finally_do_arg (shared_ptr <VolumeInfo>, volume, { Core->DismountVolume (finally_arg, true); });
@@ -1053,9 +1057,9 @@ namespace VeraCrypt
 		wcerr << L"Warning: " << static_cast<wstring> (message) << endl;
 	}
 
-	void TextUserInterface::ExportSecurityTokenKeyfile () const
+	void TextUserInterface::ExportTokenKeyfile () const
 	{
-		wstring keyfilePath = AskString (_("Enter security token keyfile path: "));
+		wstring keyfilePath = AskString (_("Enter token keyfile path: "));
 
 		if (keyfilePath.empty())
 			throw UserAbort (SRC_POS);
@@ -1103,7 +1107,7 @@ namespace VeraCrypt
 		return shared_ptr <GetStringFunctor> (new AdminPasswordRequestHandler (this));
 	}
 
-	void TextUserInterface::ImportSecurityTokenKeyfiles () const
+	void TextUserInterface::ImportTokenKeyfiles () const
 	{
 		list <shared_ptr<TokenInfo>> tokens = Token::GetAvailableTokens();
 
@@ -1268,6 +1272,8 @@ namespace VeraCrypt
 			if (!options.Keyfiles)
 				options.Keyfiles = AskKeyfiles();
 
+			options.EMVSupportEnabled = true;
+
 			VolumeInfoList mountedVolumes = UserInterface::MountAllDeviceHostedVolumes (options);
 
 			if (!mountedVolumes.empty())
@@ -1306,6 +1312,8 @@ namespace VeraCrypt
 		VolumePassword password;
 		KeyfileList keyfiles;
 
+		options.EMVSupportEnabled = true;
+
 		if ((!options.Password || options.Password->IsEmpty())
 			&& (!options.Keyfiles || options.Keyfiles->empty())
 			&& !Core->IsPasswordCacheEmpty())
@@ -1526,6 +1534,7 @@ namespace VeraCrypt
 			shared_ptr <Volume> volume;
 			MountOptions options;
 			options.Path = volumePath;
+			options.EMVSupportEnabled = true;
 
 			while (!volume)
 			{
@@ -1544,7 +1553,7 @@ namespace VeraCrypt
 						kdf,
 						false,
 						options.Keyfiles,
-                        true,
+                        options.EMVSupportEnabled,
 						options.Protection,
 						options.ProtectionPassword,
 						options.ProtectionPim,
@@ -1572,7 +1581,7 @@ namespace VeraCrypt
 
 			// Re-encrypt volume header
 			SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize());
-			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim,  options.Keyfiles, true);
+			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim,  options.Keyfiles, options.EMVSupportEnabled);
 
 			// Write volume header
 			int headerOffset = volume->GetLayout()->GetHeaderOffset();
@@ -1622,6 +1631,7 @@ namespace VeraCrypt
 
 			// Open the volume header stored in the backup file
 			MountOptions options;
+			options.EMVSupportEnabled = true;
 
 			shared_ptr <VolumeLayout> decryptedLayout;
 
@@ -1649,7 +1659,7 @@ namespace VeraCrypt
 						backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0);
 
 						// Decrypt header
-						shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, true);
+						shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled);
 						if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
 						{
 							decryptedLayout = layout;
@@ -1674,7 +1684,7 @@ namespace VeraCrypt
 
 			// Re-encrypt volume header
 			SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize());
-			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, true);
+			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
 
 			// Write volume header
 			int headerOffset = decryptedLayout->GetHeaderOffset();
@@ -1688,7 +1698,7 @@ namespace VeraCrypt
 			if (decryptedLayout->HasBackupHeader())
 			{
 				// Re-encrypt backup volume header
-				Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, true);
+				Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
 
 				// Write backup volume header
 				headerOffset = decryptedLayout->GetBackupHeaderOffset();
diff --git a/src/Main/TextUserInterface.h b/src/Main/TextUserInterface.h
index 5e64aac7..dc16fe97 100644
--- a/src/Main/TextUserInterface.h
+++ b/src/Main/TextUserInterface.h
@@ -44,9 +44,9 @@ namespace VeraCrypt
 		virtual void DoShowString (const wxString &str) const;
 		virtual void DoShowWarning (const wxString &message) const;
 		virtual void EndBusyState () const { }
-		virtual void ExportSecurityTokenKeyfile () const;
+		virtual void ExportTokenKeyfile () const;
 		virtual shared_ptr <GetStringFunctor> GetAdminPasswordRequestHandler ();
-		virtual void ImportSecurityTokenKeyfiles () const;
+		virtual void ImportTokenKeyfiles () const;
 #ifndef TC_NO_GUI
 		virtual bool Initialize (int &argc, wxChar **argv) { return wxAppBase::Initialize(argc, argv); }
 #endif
diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp
index 132ad0e0..c2e95f7e 100644
--- a/src/Main/UserInterface.cpp
+++ b/src/Main/UserInterface.cpp
@@ -17,6 +17,7 @@
 #include <wx/cmdline.h>
 #include "Crypto/cpu.h"
 #include "Platform/PlatformTest.h"
+#include "Common/PCSCException.h"
 #ifdef TC_UNIX
 #include <errno.h>
 #include "Platform/Unix/Process.h"
@@ -24,7 +25,6 @@
 #include "Platform/SystemInfo.h"
 #include "Platform/SystemException.h"
 #include "Common/SecurityToken.h"
-#include "Common/IccDataExtractor.h"
 #include "Volume/EncryptionTest.h"
 #include "Application.h"
 #include "FavoriteVolume.h"
@@ -501,12 +501,18 @@ namespace VeraCrypt
 		EX2MSG (StringFormatterException,			LangString["LINUX_EX2MSG_STRINGFORMATTEREXCEPTION"]);
 		EX2MSG (TemporaryDirectoryFailure,			LangString["LINUX_EX2MSG_TEMPORARYDIRECTORYFAILURE"]);
 		EX2MSG (UnportablePassword,					LangString["UNSUPPORTED_CHARS_IN_PWD"]);
-        
-        EX2MSG (WinscardLibraryNotInitialized,		LangString["WINSCARD_MODULE_INIT_FAILED"]);
-        EX2MSG (InvalidEMVPath,					    LangString["INVALID_EMV_PATH"]);
-        EX2MSG (EMVKeyfileDataNotFound,				LangString["EMV_KEYFILE_DATA_NOT_FOUND"]);
-        EX2MSG (EMVPANNotFound,					    LangString["EMV_PAN_NOT_FOUND"]);
-        EX2MSG (EMVUnknownCardType,					LangString["EMV_UNKNOWN_CARD_TYPE"]);
+
+		EX2MSG (CommandAPDUNotValid,				LangString["COMMAND_APDU_INVALID"]);
+		EX2MSG (ExtendedAPDUNotSupported,			LangString["EXTENDED_APDU_UNSUPPORTED"]);
+		EX2MSG (ScardLibraryInitializationFailed,	LangString["SCARD_MODULE_INIT_FAILED"]);
+		EX2MSG (EMVUnknownCardType,					LangString["EMV_UNKNOWN_CARD_TYPE"]);
+		EX2MSG (EMVSelectAIDFailed,					LangString["EMV_SELECT_AID_FAILED"]);
+		EX2MSG (EMVIccCertNotFound,					LangString["EMV_ICC_CERT_NOTFOUND"]);
+		EX2MSG (EMVIssuerCertNotFound,				LangString["EMV_ISSUER_CERT_NOTFOUND"]);
+		EX2MSG (EMVCPLCNotFound,					LangString["EMV_CPLC_NOTFOUND"]);
+		EX2MSG (InvalidEMVPath,						LangString["EMV_PAN_NOTFOUND"]);
+		EX2MSG (EMVKeyfileDataNotFound,				LangString["INVALID_EMV_PATH"]);
+		EX2MSG (EMVPANNotFound,						LangString["EMV_KEYFILE_DATA_NOTFOUND"]);
 
 #if defined (TC_LINUX)
 		EX2MSG (TerminalNotFound,					LangString["LINUX_EX2MSG_TERMINALNOTFOUND"]);
@@ -1150,7 +1156,7 @@ namespace VeraCrypt
 					" Delete keyfiles from security tokens. See also command --list-token-keyfiles.\n"
 					"\n"
 					"--export-token-keyfile\n"
-					" Export a keyfile from a token keyfile. See also command --list-token-keyfiles.\n"
+					" Export a keyfile from a token. See also command --list-token-keyfiles.\n"
 					"\n"
 					"--import-token-keyfiles\n"
 					" Import keyfiles to a security token. See also option --token-lib.\n"
@@ -1393,12 +1399,12 @@ namespace VeraCrypt
 			}
 			return true;
 
-		case CommandId::ExportSecurityTokenKeyfile:
-			ExportSecurityTokenKeyfile();
+		case CommandId::ExportTokenKeyfile:
+			ExportTokenKeyfile();
 			return true;
 
-		case CommandId::ImportSecurityTokenKeyfiles:
-			ImportSecurityTokenKeyfiles();
+		case CommandId::ImportTokenKeyfiles:
+			ImportTokenKeyfiles();
 			return true;
 
 		case CommandId::ListTokenKeyfiles:
@@ -1694,12 +1700,18 @@ namespace VeraCrypt
 		VC_CONVERT_EXCEPTION (VolumeException);
 		VC_CONVERT_EXCEPTION (PasswordException);
 
-        VC_CONVERT_EXCEPTION (PCSCException);
-        VC_CONVERT_EXCEPTION (WinscardLibraryNotInitialized);
-        VC_CONVERT_EXCEPTION (InvalidEMVPath);
-        VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
-        VC_CONVERT_EXCEPTION (EMVPANNotFound);
-        VC_CONVERT_EXCEPTION (EMVUnknownCardType);
+		VC_CONVERT_EXCEPTION (PCSCException);
+		VC_CONVERT_EXCEPTION (CommandAPDUNotValid);
+		VC_CONVERT_EXCEPTION (ExtendedAPDUNotSupported);
+		VC_CONVERT_EXCEPTION (ScardLibraryInitializationFailed);
+		VC_CONVERT_EXCEPTION (EMVUnknownCardType);
+		VC_CONVERT_EXCEPTION (EMVSelectAIDFailed);
+		VC_CONVERT_EXCEPTION (EMVIccCertNotFound);
+		VC_CONVERT_EXCEPTION (EMVIssuerCertNotFound);
+		VC_CONVERT_EXCEPTION (EMVCPLCNotFound);
+		VC_CONVERT_EXCEPTION (InvalidEMVPath);
+		VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
+		VC_CONVERT_EXCEPTION (EMVPANNotFound);
 
 		throw *ex;
 	}
diff --git a/src/Main/UserInterface.h b/src/Main/UserInterface.h
index 4b628235..39c2be61 100644
--- a/src/Main/UserInterface.h
+++ b/src/Main/UserInterface.h
@@ -49,10 +49,10 @@ namespace VeraCrypt
 		virtual void DoShowWarning (const wxString &message) const = 0;
 		virtual void EndBusyState () const = 0;
 		static wxString ExceptionToMessage (const exception &ex);
-		virtual void ExportSecurityTokenKeyfile () const = 0;
+		virtual void ExportTokenKeyfile () const = 0;
 		virtual shared_ptr <GetStringFunctor> GetAdminPasswordRequestHandler () = 0;
 		virtual const UserPreferences &GetPreferences () const { return Preferences; }
-		virtual void ImportSecurityTokenKeyfiles () const = 0;
+		virtual void ImportTokenKeyfiles () const = 0;
 		virtual void Init ();
 		virtual void InitSecurityTokenLibrary () const = 0;
 		virtual void ListMountedVolumes (const VolumeInfoList &volumes) const;
diff --git a/src/Main/UserPreferences.cpp b/src/Main/UserPreferences.cpp
index d5b37bab..ef14b2c8 100644
--- a/src/Main/UserPreferences.cpp
+++ b/src/Main/UserPreferences.cpp
@@ -79,7 +79,7 @@ namespace VeraCrypt
 			TC_CONFIG_SET (CloseBackgroundTaskOnNoVolumes);
 			TC_CONFIG_SET (CloseExplorerWindowsOnDismount);
 			TC_CONFIG_SET (CloseSecurityTokenSessionsAfterMount);
-            TC_CONFIG_SET (ActivateEMVOption);
+			TC_CONFIG_SET (EMVSupportEnabled);
 			TC_CONFIG_SET (DisableKernelEncryptionModeWarning);
 			TC_CONFIG_SET (DismountOnInactivity);
 			TC_CONFIG_SET (DismountOnLogOff);
@@ -198,7 +198,7 @@ namespace VeraCrypt
 		TC_CONFIG_ADD (CloseBackgroundTaskOnNoVolumes);
 		TC_CONFIG_ADD (CloseExplorerWindowsOnDismount);
 		TC_CONFIG_ADD (CloseSecurityTokenSessionsAfterMount);
-        TC_CONFIG_ADD (ActivateEMVOption);
+        TC_CONFIG_ADD (EMVSupportEnabled);
 		TC_CONFIG_ADD (DisableKernelEncryptionModeWarning);
 		TC_CONFIG_ADD (DismountOnInactivity);
 		TC_CONFIG_ADD (DismountOnLogOff);
diff --git a/src/Main/UserPreferences.h b/src/Main/UserPreferences.h
index bc9cc0c7..6d53fb5f 100644
--- a/src/Main/UserPreferences.h
+++ b/src/Main/UserPreferences.h
@@ -31,7 +31,7 @@ namespace VeraCrypt
 			CloseBackgroundTaskOnNoVolumes (true),
 			CloseExplorerWindowsOnDismount (true),
 			CloseSecurityTokenSessionsAfterMount (false),
-            ActivateEMVOption (false),
+			EMVSupportEnabled (false),
 			DisableKernelEncryptionModeWarning (false),
 			DismountOnInactivity (false),
 			DismountOnLogOff (true),
@@ -73,7 +73,7 @@ namespace VeraCrypt
 		bool CloseBackgroundTaskOnNoVolumes;
 		bool CloseExplorerWindowsOnDismount;
 		bool CloseSecurityTokenSessionsAfterMount;
-        bool ActivateEMVOption;
+        bool EMVSupportEnabled;
 		bool DisableKernelEncryptionModeWarning;
 		bool DismountOnInactivity;
 		bool DismountOnLogOff;
author	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2023-06-29 00:06:20 +0200
committer	Mounir IDRASSI <mounir.idrassi@idrix.fr>	2023-06-29 00:06:20 +0200
commit	034b64f4153550cbe5849bcbfc27e187377cc512 (patch)
tree	d831496163c3891031765010bf1934406b0c4a3c /src/Main
parent	502ab9112a7624dbd7c1c90c2e12ed45512b8b3c (diff)
download	VeraCrypt-034b64f4153550cbe5849bcbfc27e187377cc512.tar.gz VeraCrypt-034b64f4153550cbe5849bcbfc27e187377cc512.zip