VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/SecurityToken.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/Common/SecurityToken.h')
-rw-r--r--src/Common/SecurityToken.h452
1 files changed, 226 insertions, 226 deletions
diff --git a/src/Common/SecurityToken.h b/src/Common/SecurityToken.h
index 9c6c47cf..00d543a2 100644
--- a/src/Common/SecurityToken.h
+++ b/src/Common/SecurityToken.h
@@ -1,226 +1,226 @@
-/*
- Derived from source code of TrueCrypt 7.1a, which is
- Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
- by the TrueCrypt License 3.0.
-
- Modifications and additions to the original source code (contained in this file)
- and all other portions of this file are Copyright (c) 2013-2016 IDRIX
- and are governed by the Apache License 2.0 the full text of which is
- contained in the file License.txt included in VeraCrypt binary and source
- code distribution packages.
-*/
-
-#ifndef TC_HEADER_Common_SecurityToken
-#define TC_HEADER_Common_SecurityToken
-
-#include "Platform/PlatformBase.h"
-#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE)
-# include "Exception.h"
-#else
-# include "Platform/Exception.h"
-#endif
-
-#ifndef NULL_PTR
-# define NULL_PTR 0
-#endif
-#define CK_PTR *
-#define CK_CALLBACK_FUNCTION(RET_TYPE, NAME) RET_TYPE (* NAME)
-
-#ifdef TC_WINDOWS
-
-# include <windows.h>
-
-# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllexport) NAME
-# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) NAME
-# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) (* NAME)
-
-# pragma pack(push, cryptoki, 1)
-# include <pkcs11.h>
-# pragma pack(pop, cryptoki)
-
-#else // !TC_WINDOWS
-
-# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME
-# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME
-# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE (* NAME)
-
-# include <pkcs11.h>
-
-#endif // !TC_WINDOWS
-
-
-#define TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX L"token://"
-#define TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"slot"
-#define TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"file"
-
-namespace VeraCrypt
-{
- struct SecurityTokenInfo
- {
- CK_SLOT_ID SlotId;
- CK_FLAGS Flags;
- wstring Label;
- string LabelUtf8;
- };
-
- struct SecurityTokenKeyfilePath
- {
- SecurityTokenKeyfilePath () { }
- SecurityTokenKeyfilePath (const wstring &path) : Path (path) { }
- operator wstring () const { return Path; }
- wstring Path;
- };
-
- struct SecurityTokenKeyfile
- {
- SecurityTokenKeyfile () : Handle(CK_INVALID_HANDLE), SlotId(CK_UNAVAILABLE_INFORMATION) { Token.SlotId = CK_UNAVAILABLE_INFORMATION; Token.Flags = 0; }
- SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path, char* pin = nullptr);
-
- operator SecurityTokenKeyfilePath () const;
-
- CK_OBJECT_HANDLE Handle;
- wstring Id;
- string IdUtf8;
- CK_SLOT_ID SlotId;
- SecurityTokenInfo Token;
- };
-
- struct Pkcs11Exception : public Exception
- {
- Pkcs11Exception (CK_RV errorCode = (CK_RV) -1)
- : ErrorCode (errorCode),
- SubjectErrorCodeValid (false),
- SubjectErrorCode( (uint64) -1)
- {
- }
-
- Pkcs11Exception (CK_RV errorCode, uint64 subjectErrorCode)
- : ErrorCode (errorCode),
- SubjectErrorCodeValid (true),
- SubjectErrorCode (subjectErrorCode)
- {
- }
-
-#ifdef TC_HEADER_Platform_Exception
- virtual ~Pkcs11Exception () throw () { }
- TC_SERIALIZABLE_EXCEPTION (Pkcs11Exception);
-#else
- void Show (HWND parent) const;
-#endif
- operator string () const;
- CK_RV GetErrorCode () const { return ErrorCode; }
-
- protected:
- CK_RV ErrorCode;
- bool SubjectErrorCodeValid;
- uint64 SubjectErrorCode;
- };
-
-
-#ifdef TC_HEADER_Platform_Exception
-
-#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception)
-
-#undef TC_EXCEPTION_SET
-#define TC_EXCEPTION_SET \
- TC_EXCEPTION_NODECL (Pkcs11Exception); \
- TC_EXCEPTION (InvalidSecurityTokenKeyfilePath); \
- TC_EXCEPTION (SecurityTokenLibraryNotInitialized); \
- TC_EXCEPTION (SecurityTokenKeyfileAlreadyExists); \
- TC_EXCEPTION (SecurityTokenKeyfileNotFound);
-
- TC_EXCEPTION_SET;
-
-#undef TC_EXCEPTION
-
-#else // !TC_HEADER_Platform_Exception
-
- struct SecurityTokenLibraryNotInitialized : public Exception
- {
- void Show (HWND parent) const { Error (SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); }
- };
-
- struct InvalidSecurityTokenKeyfilePath : public Exception
- {
- void Show (HWND parent) const { Error ("INVALID_TOKEN_KEYFILE_PATH", parent); }
- };
-
- struct SecurityTokenKeyfileAlreadyExists : public Exception
- {
- void Show (HWND parent) const { Error ("TOKEN_KEYFILE_ALREADY_EXISTS", parent); }
- };
-
- struct SecurityTokenKeyfileNotFound : public Exception
- {
- void Show (HWND parent) const { Error ("TOKEN_KEYFILE_NOT_FOUND", parent); }
- };
-
-#endif // !TC_HEADER_Platform_Exception
-
-
- struct Pkcs11Session
- {
- Pkcs11Session () : Handle (CK_UNAVAILABLE_INFORMATION), UserLoggedIn (false) { }
-
- CK_SESSION_HANDLE Handle;
- bool UserLoggedIn;
- };
-
- struct GetPinFunctor
- {
- virtual ~GetPinFunctor () { }
- virtual void operator() (string &str) = 0;
- };
-
- struct SendExceptionFunctor
- {
- virtual ~SendExceptionFunctor () { }
- virtual void operator() (const Exception &e) = 0;
- };
-
- class SecurityToken
- {
- public:
- static void CloseAllSessions () throw ();
- static void CloseLibrary ();
- static void CreateKeyfile (CK_SLOT_ID slotId, vector <byte> &keyfileData, const string &name);
- static void DeleteKeyfile (const SecurityTokenKeyfile &keyfile);
- static vector <SecurityTokenKeyfile> GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring(), char* pin = nullptr);
- static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector <byte> &keyfileData);
- static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, char* pin, vector <byte> &keyfileData);
- static list <SecurityTokenInfo> GetAvailableTokens ();
- static SecurityTokenInfo GetTokenInfo (CK_SLOT_ID slotId);
-#ifdef TC_WINDOWS
- static void InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr <GetPinFunctor> pinCallback, auto_ptr <SendExceptionFunctor> warningCallback);
-#else
- static void InitLibrary (const string &pkcs11LibraryPath, auto_ptr <GetPinFunctor> pinCallback, auto_ptr <SendExceptionFunctor> warningCallback);
-#endif
- static bool IsInitialized () { return Initialized; }
- static bool IsKeyfilePathValid (const wstring &securityTokenKeyfilePath);
-
- static const size_t MaxPasswordLength = 128;
-
- protected:
- static void CloseSession (CK_SLOT_ID slotId);
- static vector <CK_OBJECT_HANDLE> GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass);
- static void GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <byte> &attributeValue);
- static list <CK_SLOT_ID> GetTokenSlots ();
- static void Login (CK_SLOT_ID slotId, const char* pin);
- static void LoginUserIfRequired (CK_SLOT_ID slotId, char* cmdPin = nullptr);
- static void OpenSession (CK_SLOT_ID slotId);
- static void CheckLibraryStatus ();
-
- static bool Initialized;
- static auto_ptr <GetPinFunctor> PinCallback;
- static CK_FUNCTION_LIST_PTR Pkcs11Functions;
-#ifdef TC_WINDOWS
- static HMODULE Pkcs11LibraryHandle;
-#else
- static void *Pkcs11LibraryHandle;
-#endif
- static map <CK_SLOT_ID, Pkcs11Session> Sessions;
- static auto_ptr <SendExceptionFunctor> WarningCallback;
- };
-}
-
-#endif // TC_HEADER_Common_SecurityToken
+/*
+ Derived from source code of TrueCrypt 7.1a, which is
+ Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
+ by the TrueCrypt License 3.0.
+
+ Modifications and additions to the original source code (contained in this file)
+ and all other portions of this file are Copyright (c) 2013-2016 IDRIX
+ and are governed by the Apache License 2.0 the full text of which is
+ contained in the file License.txt included in VeraCrypt binary and source
+ code distribution packages.
+*/
+
+#ifndef TC_HEADER_Common_SecurityToken
+#define TC_HEADER_Common_SecurityToken
+
+#include "Platform/PlatformBase.h"
+#if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE)
+# include "Exception.h"
+#else
+# include "Platform/Exception.h"
+#endif
+
+#ifndef NULL_PTR
+# define NULL_PTR 0
+#endif
+#define CK_PTR *
+#define CK_CALLBACK_FUNCTION(RET_TYPE, NAME) RET_TYPE (* NAME)
+
+#ifdef TC_WINDOWS
+
+# include <windows.h>
+
+# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllexport) NAME
+# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) NAME
+# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) (* NAME)
+
+# pragma pack(push, cryptoki, 1)
+# include <pkcs11.h>
+# pragma pack(pop, cryptoki)
+
+#else // !TC_WINDOWS
+
+# define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME
+# define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME
+# define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE (* NAME)
+
+# include <pkcs11.h>
+
+#endif // !TC_WINDOWS
+
+
+#define TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX L"token://"
+#define TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"slot"
+#define TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"file"
+
+namespace VeraCrypt
+{
+ struct SecurityTokenInfo
+ {
+ CK_SLOT_ID SlotId;
+ CK_FLAGS Flags;
+ wstring Label;
+ string LabelUtf8;
+ };
+
+ struct SecurityTokenKeyfilePath
+ {
+ SecurityTokenKeyfilePath () { }
+ SecurityTokenKeyfilePath (const wstring &path) : Path (path) { }
+ operator wstring () const { return Path; }
+ wstring Path;
+ };
+
+ struct SecurityTokenKeyfile
+ {
+ SecurityTokenKeyfile () : Handle(CK_INVALID_HANDLE), SlotId(CK_UNAVAILABLE_INFORMATION) { Token.SlotId = CK_UNAVAILABLE_INFORMATION; Token.Flags = 0; }
+ SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path, char* pin = nullptr);
+
+ operator SecurityTokenKeyfilePath () const;
+
+ CK_OBJECT_HANDLE Handle;
+ wstring Id;
+ string IdUtf8;
+ CK_SLOT_ID SlotId;
+ SecurityTokenInfo Token;
+ };
+
+ struct Pkcs11Exception : public Exception
+ {
+ Pkcs11Exception (CK_RV errorCode = (CK_RV) -1)
+ : ErrorCode (errorCode),
+ SubjectErrorCodeValid (false),
+ SubjectErrorCode( (uint64) -1)
+ {
+ }
+
+ Pkcs11Exception (CK_RV errorCode, uint64 subjectErrorCode)
+ : ErrorCode (errorCode),
+ SubjectErrorCodeValid (true),
+ SubjectErrorCode (subjectErrorCode)
+ {
+ }
+
+#ifdef TC_HEADER_Platform_Exception
+ virtual ~Pkcs11Exception () throw () { }
+ TC_SERIALIZABLE_EXCEPTION (Pkcs11Exception);
+#else
+ void Show (HWND parent) const;
+#endif
+ operator string () const;
+ CK_RV GetErrorCode () const { return ErrorCode; }
+
+ protected:
+ CK_RV ErrorCode;
+ bool SubjectErrorCodeValid;
+ uint64 SubjectErrorCode;
+ };
+
+
+#ifdef TC_HEADER_Platform_Exception
+
+#define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception)
+
+#undef TC_EXCEPTION_SET
+#define TC_EXCEPTION_SET \
+ TC_EXCEPTION_NODECL (Pkcs11Exception); \
+ TC_EXCEPTION (InvalidSecurityTokenKeyfilePath); \
+ TC_EXCEPTION (SecurityTokenLibraryNotInitialized); \
+ TC_EXCEPTION (SecurityTokenKeyfileAlreadyExists); \
+ TC_EXCEPTION (SecurityTokenKeyfileNotFound);
+
+ TC_EXCEPTION_SET;
+
+#undef TC_EXCEPTION
+
+#else // !TC_HEADER_Platform_Exception
+
+ struct SecurityTokenLibraryNotInitialized : public Exception
+ {
+ void Show (HWND parent) const { Error (SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); }
+ };
+
+ struct InvalidSecurityTokenKeyfilePath : public Exception
+ {
+ void Show (HWND parent) const { Error ("INVALID_TOKEN_KEYFILE_PATH", parent); }
+ };
+
+ struct SecurityTokenKeyfileAlreadyExists : public Exception
+ {
+ void Show (HWND parent) const { Error ("TOKEN_KEYFILE_ALREADY_EXISTS", parent); }
+ };
+
+ struct SecurityTokenKeyfileNotFound : public Exception
+ {
+ void Show (HWND parent) const { Error ("TOKEN_KEYFILE_NOT_FOUND", parent); }
+ };
+
+#endif // !TC_HEADER_Platform_Exception
+
+
+ struct Pkcs11Session
+ {
+ Pkcs11Session () : Handle (CK_UNAVAILABLE_INFORMATION), UserLoggedIn (false) { }
+
+ CK_SESSION_HANDLE Handle;
+ bool UserLoggedIn;
+ };
+
+ struct GetPinFunctor
+ {
+ virtual ~GetPinFunctor () { }
+ virtual void operator() (string &str) = 0;
+ };
+
+ struct SendExceptionFunctor
+ {
+ virtual ~SendExceptionFunctor () { }
+ virtual void operator() (const Exception &e) = 0;
+ };
+
+ class SecurityToken
+ {
+ public:
+ static void CloseAllSessions () throw ();
+ static void CloseLibrary ();
+ static void CreateKeyfile (CK_SLOT_ID slotId, vector <byte> &keyfileData, const string &name);
+ static void DeleteKeyfile (const SecurityTokenKeyfile &keyfile);
+ static vector <SecurityTokenKeyfile> GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring(), char* pin = nullptr);
+ static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector <byte> &keyfileData);
+ static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, char* pin, vector <byte> &keyfileData);
+ static list <SecurityTokenInfo> GetAvailableTokens ();
+ static SecurityTokenInfo GetTokenInfo (CK_SLOT_ID slotId);
+#ifdef TC_WINDOWS
+ static void InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr <GetPinFunctor> pinCallback, auto_ptr <SendExceptionFunctor> warningCallback);
+#else
+ static void InitLibrary (const string &pkcs11LibraryPath, auto_ptr <GetPinFunctor> pinCallback, auto_ptr <SendExceptionFunctor> warningCallback);
+#endif
+ static bool IsInitialized () { return Initialized; }
+ static bool IsKeyfilePathValid (const wstring &securityTokenKeyfilePath);
+
+ static const size_t MaxPasswordLength = 128;
+
+ protected:
+ static void CloseSession (CK_SLOT_ID slotId);
+ static vector <CK_OBJECT_HANDLE> GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass);
+ static void GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <byte> &attributeValue);
+ static list <CK_SLOT_ID> GetTokenSlots ();
+ static void Login (CK_SLOT_ID slotId, const char* pin);
+ static void LoginUserIfRequired (CK_SLOT_ID slotId, char* cmdPin = nullptr);
+ static void OpenSession (CK_SLOT_ID slotId);
+ static void CheckLibraryStatus ();
+
+ static bool Initialized;
+ static auto_ptr <GetPinFunctor> PinCallback;
+ static CK_FUNCTION_LIST_PTR Pkcs11Functions;
+#ifdef TC_WINDOWS
+ static HMODULE Pkcs11LibraryHandle;
+#else
+ static void *Pkcs11LibraryHandle;
+#endif
+ static map <CK_SLOT_ID, Pkcs11Session> Sessions;
+ static auto_ptr <SendExceptionFunctor> WarningCallback;
+ };
+}
+
+#endif // TC_HEADER_Common_SecurityToken