diff options
Diffstat (limited to 'src/Main/TextUserInterface.cpp')
-rw-r--r-- | src/Main/TextUserInterface.cpp | 171 |
1 files changed, 113 insertions, 58 deletions
diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp index 7233b8b6..0de76c6b 100644 --- a/src/Main/TextUserInterface.cpp +++ b/src/Main/TextUserInterface.cpp @@ -21,7 +21,9 @@ #endif #include <wx/platinfo.h> +#include "Common/Token.h" #include "Common/SecurityToken.h" +#include "Common/EMVToken.h" #include "Core/RandomNumberGenerator.h" #include "Application.h" #include "TextUserInterface.h" @@ -175,9 +177,13 @@ namespace VeraCrypt wxString msg = _("Enter new PIM: "); if (!message.empty()) msg = message + L": "; + SetTerminalEcho (false); + finally_do ({ TextUserInterface::SetTerminalEcho (true); }); while (pim < 0) { wstring pimStr = AskString (msg); + ShowString (L"\n"); + if (pimStr.empty()) pim = 0; else @@ -271,7 +277,7 @@ namespace VeraCrypt shared_ptr <Pkcs5Kdf> kdf; if (CmdLine->ArgHash) { - kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash, false); + kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); } shared_ptr <Volume> normalVolume; @@ -283,6 +289,9 @@ namespace VeraCrypt normalVolumeMountOptions.Path = volumePath; hiddenVolumeMountOptions.Path = volumePath; + normalVolumeMountOptions.EMVSupportEnabled = true; + hiddenVolumeMountOptions.EMVSupportEnabled = true; + VolumeType::Enum volumeType = VolumeType::Normal; // Open both types of volumes @@ -306,8 +315,8 @@ namespace VeraCrypt options->Password, options->Pim, kdf, - false, options->Keyfiles, + options->EMVSupportEnabled, options->Protection, options->ProtectionPassword, options->ProtectionPim, @@ -331,8 +340,8 @@ namespace VeraCrypt options->Password, options->Pim, kdf, - false, options->Keyfiles, + options->EMVSupportEnabled, options->Protection, options->ProtectionPassword, options->ProtectionPim, @@ -403,14 +412,14 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize()); - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled); backupFile.Write (newHeaderBuffer); if (hiddenVolume) { // Re-encrypt hidden volume header - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled); } else { @@ -426,7 +435,7 @@ namespace VeraCrypt ShowInfo ("VOL_HEADER_BACKED_UP"); } - void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, int pim, shared_ptr <Hash> currentHash, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const + void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, int pim, shared_ptr <Hash> currentHash, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const { shared_ptr <Volume> volume; @@ -448,7 +457,7 @@ namespace VeraCrypt shared_ptr<Pkcs5Kdf> kdf; if (currentHash) { - kdf = Pkcs5Kdf::GetAlgorithm (*currentHash, truecryptMode); + kdf = Pkcs5Kdf::GetAlgorithm (*currentHash); } while (true) @@ -464,7 +473,7 @@ namespace VeraCrypt } // current PIM - if (!truecryptMode && !Preferences.NonInteractive && (pim < 0)) + if (!Preferences.NonInteractive && (pim < 0)) { pim = AskPim (_("Enter current PIM")); } @@ -478,7 +487,7 @@ namespace VeraCrypt try { keyfiles.reset (new KeyfileList); - volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, pim, kdf, truecryptMode, keyfiles); + volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, pim, kdf, keyfiles, true); } catch (PasswordException&) { @@ -488,7 +497,7 @@ namespace VeraCrypt } if (!volume.get()) - volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, pim, kdf, truecryptMode, keyfiles); + volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, pim, kdf, keyfiles, true); } catch (PasswordException &e) { @@ -523,8 +532,8 @@ namespace VeraCrypt RandomNumberGenerator::SetEnrichedByUserStatus (false); UserEnrichRandomPool(); - Core->ChangePassword (volume, newPassword, newPim, newKeyfiles, - newHash ? Pkcs5Kdf::GetAlgorithm (*newHash, false) : shared_ptr <Pkcs5Kdf>()); + Core->ChangePassword (volume, newPassword, newPim, newKeyfiles, true, + newHash ? Pkcs5Kdf::GetAlgorithm (*newHash) : shared_ptr <Pkcs5Kdf>()); ShowInfo ("PASSWORD_CHANGED"); } @@ -647,12 +656,24 @@ namespace VeraCrypt else { uint64 AvailableDiskSpace = 0; - wxLongLong diskSpace = 0; - if (wxGetDiskSpace (wxFileName (wstring (options->Path)).GetPath(), nullptr, &diskSpace)) + if (options->Path.IsDevice()) { - AvailableDiskSpace = (uint64) diskSpace.GetValue (); - if (maxVolumeSize > AvailableDiskSpace) - maxVolumeSize = AvailableDiskSpace; + AvailableDiskSpace = maxVolumeSize; + } + else + { + wxLongLong diskSpace = 0; + wxString parentDir = wxFileName (wstring (options->Path)).GetPath(); + if (parentDir.IsEmpty()) + { + parentDir = wxT("."); + } + if (wxDirExists(parentDir) && wxGetDiskSpace (parentDir, nullptr, &diskSpace)) + { + AvailableDiskSpace = (uint64) diskSpace.GetValue (); + if (maxVolumeSize > AvailableDiskSpace) + maxVolumeSize = AvailableDiskSpace; + } } if (options->Size == (uint64) (-1)) @@ -799,12 +820,13 @@ namespace VeraCrypt shared_ptr <Hash> selectedHash = hashes[AskSelection (hashes.size(), 1) - 1]; RandomNumberGenerator::SetHash (selectedHash); - options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*selectedHash, false); + options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*selectedHash); } // Filesystem options->FilesystemClusterSize = 0; + uint64 filesystemSize = layout->GetMaxDataSize (options->Size); if (options->Filesystem == VolumeCreationOptions::FilesystemType::Unknown) { @@ -818,33 +840,40 @@ namespace VeraCrypt vector <VolumeCreationOptions::FilesystemType::Enum> filesystems; - ShowInfo (L" 1) " + LangString["NONE"]); filesystems.push_back (VolumeCreationOptions::FilesystemType::None); - ShowInfo (L" 2) FAT"); filesystems.push_back (VolumeCreationOptions::FilesystemType::FAT); - + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, LangString["NONE"])); filesystems.push_back (VolumeCreationOptions::FilesystemType::None); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "FAT")); filesystems.push_back (VolumeCreationOptions::FilesystemType::FAT); #if defined (TC_LINUX) - ShowInfo (L" 3) Linux Ext2"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext2); - ShowInfo (L" 4) Linux Ext3"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext3); - ShowInfo (L" 5) Linux Ext4"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext4); - ShowInfo (L" 6) NTFS"); filesystems.push_back (VolumeCreationOptions::FilesystemType::NTFS); - ShowInfo (L" 7) exFAT"); filesystems.push_back (VolumeCreationOptions::FilesystemType::exFAT); - ShowInfo (L" 8) Btrfs"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Btrfs); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "Linux Ext2")); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext2); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "Linux Ext3")); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext3); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "Linux Ext4")); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext4); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "NTFS")); filesystems.push_back (VolumeCreationOptions::FilesystemType::NTFS); + if (VolumeCreationOptions::FilesystemType::IsFsFormatterPresent (VolumeCreationOptions::FilesystemType::exFAT)) + { + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "exFAT")); filesystems.push_back (VolumeCreationOptions::FilesystemType::exFAT); + } + if (VolumeCreationOptions::FilesystemType::IsFsFormatterPresent (VolumeCreationOptions::FilesystemType::Btrfs)) + { + // minimum size to be able to format as Btrfs is 16777216 bytes + if (filesystemSize >= VC_MIN_SMALL_BTRFS_VOLUME_SIZE) + { + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "Btrfs")); filesystems.push_back (VolumeCreationOptions::FilesystemType::Btrfs); + } + } #elif defined (TC_MACOSX) - ShowInfo (L" 3) Mac OS Extended"); filesystems.push_back (VolumeCreationOptions::FilesystemType::MacOsExt); - ShowInfo (L" 4) exFAT"); filesystems.push_back (VolumeCreationOptions::FilesystemType::exFAT); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "Mac OS Extended")); filesystems.push_back (VolumeCreationOptions::FilesystemType::MacOsExt); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "exFAT")); filesystems.push_back (VolumeCreationOptions::FilesystemType::exFAT); if (wxPlatformInfo::Get().CheckOSVersion (10, 13)) { - ShowInfo (L" 5) APFS"); filesystems.push_back (VolumeCreationOptions::FilesystemType::APFS); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "APFS")); filesystems.push_back (VolumeCreationOptions::FilesystemType::APFS); } #elif defined (TC_FREEBSD) || defined (TC_SOLARIS) - ShowInfo (L" 3) UFS"); filesystems.push_back (VolumeCreationOptions::FilesystemType::UFS); + ShowInfo (wxString::Format (L" %li) %s", filesystems.size() + 1, "UFS")); filesystems.push_back (VolumeCreationOptions::FilesystemType::UFS); #endif options->Filesystem = filesystems[AskSelection (filesystems.size(), 2) - 1]; } } - uint64 filesystemSize = layout->GetMaxDataSize (options->Size); - if (options->Filesystem == VolumeCreationOptions::FilesystemType::FAT && (filesystemSize < TC_MIN_FAT_FS_SIZE || filesystemSize > TC_MAX_FAT_SECTOR_COUNT * options->SectorSize)) { @@ -894,6 +923,7 @@ namespace VeraCrypt wxLongLong startTime = wxGetLocalTimeMillis(); VolumeCreator creator; + options->EMVSupportEnabled = true; creator.CreateVolume (options); bool volumeCreated = false; @@ -935,6 +965,7 @@ namespace VeraCrypt mountOptions.Password = options->Password; mountOptions.Pim = options->Pim; mountOptions.Keyfiles = options->Keyfiles; + mountOptions.EMVSupportEnabled = true; shared_ptr <VolumeInfo> volume = Core->MountVolume (mountOptions); finally_do_arg (shared_ptr <VolumeInfo>, volume, { Core->DismountVolume (finally_arg, true); }); @@ -1007,7 +1038,7 @@ namespace VeraCrypt foreach_ref (const Keyfile &keyfile, *keyfiles) { - SecurityToken::DeleteKeyfile (SecurityTokenKeyfilePath (FilePath (keyfile))); + SecurityToken::DeleteKeyfile (TokenKeyfilePath (FilePath (keyfile))); } } @@ -1023,7 +1054,7 @@ namespace VeraCrypt void TextUserInterface::DoShowString (const wxString &str) const { - wcout << str.c_str(); + wcout << str.c_str() << flush; } void TextUserInterface::DoShowWarning (const wxString &message) const @@ -1031,17 +1062,17 @@ namespace VeraCrypt wcerr << L"Warning: " << static_cast<wstring> (message) << endl; } - void TextUserInterface::ExportSecurityTokenKeyfile () const + void TextUserInterface::ExportTokenKeyfile () const { - wstring keyfilePath = AskString (_("Enter security token keyfile path: ")); + wstring keyfilePath = AskString (_("Enter token keyfile path: ")); if (keyfilePath.empty()) throw UserAbort (SRC_POS); - SecurityTokenKeyfile tokenKeyfile (keyfilePath); + shared_ptr<TokenKeyfile> tokenKeyfile = Token::getTokenKeyfile(keyfilePath); vector <byte> keyfileData; - SecurityToken::GetKeyfileData (tokenKeyfile, keyfileData); + tokenKeyfile->GetKeyfileData (keyfileData); BufferPtr keyfileDataBuf (&keyfileData.front(), keyfileData.size()); finally_do_arg (BufferPtr, keyfileDataBuf, { finally_arg.Erase(); }); @@ -1081,9 +1112,9 @@ namespace VeraCrypt return shared_ptr <GetStringFunctor> (new AdminPasswordRequestHandler (this)); } - void TextUserInterface::ImportSecurityTokenKeyfiles () const + void TextUserInterface::ImportTokenKeyfiles () const { - list <SecurityTokenInfo> tokens = SecurityToken::GetAvailableTokens(); + list <shared_ptr<TokenInfo>> tokens = Token::GetAvailableTokens(); if (tokens.empty()) throw_err (LangString ["NO_TOKENS_FOUND"]); @@ -1092,19 +1123,19 @@ namespace VeraCrypt if (tokens.size() == 1) { - slotId = tokens.front().SlotId; + slotId = tokens.front()->SlotId; } else { - foreach (const SecurityTokenInfo &token, tokens) + foreach (const shared_ptr<TokenInfo> &token, tokens) { wstringstream tokenLabel; - tokenLabel << L"[" << token.SlotId << L"] " << LangString["TOKEN_SLOT_ID"].c_str() << L" " << token.SlotId << L" " << token.Label; + tokenLabel << L"[" << token->SlotId << L"] " << LangString["TOKEN_SLOT_ID"].c_str() << L" " << token->SlotId << L" " << token->Label; ShowInfo (tokenLabel.str()); } - slotId = (CK_SLOT_ID) AskSelection (tokens.back().SlotId, tokens.front().SlotId); + slotId = (CK_SLOT_ID) AskSelection (tokens.back()->SlotId, tokens.front()->SlotId); } shared_ptr <KeyfileList> keyfiles; @@ -1208,14 +1239,30 @@ namespace VeraCrypt } } - void TextUserInterface::ListSecurityTokenKeyfiles () const + void TextUserInterface::ListTokenKeyfiles () const { - foreach (const SecurityTokenKeyfile &keyfile, SecurityToken::GetAvailableKeyfiles()) + foreach (const shared_ptr<TokenKeyfile> keyfile, Token::GetAvailableKeyfiles(true)) { - ShowString (wstring (SecurityTokenKeyfilePath (keyfile))); + ShowString (wstring (TokenKeyfilePath (*keyfile))); ShowString (L"\n"); } } + void TextUserInterface::ListSecurityTokenKeyfiles () const + { + foreach (const TokenKeyfile &keyfile, SecurityToken::GetAvailableKeyfiles()) + { + ShowString (wstring (TokenKeyfilePath (keyfile))); + ShowString (L"\n"); + } + } + void TextUserInterface::ListEMVTokenKeyfiles () const + { + foreach (const TokenKeyfile &keyfile, EMVToken::GetAvailableKeyfiles()) + { + ShowString (wstring (TokenKeyfilePath (keyfile))); + ShowString (L"\n"); + } + } VolumeInfoList TextUserInterface::MountAllDeviceHostedVolumes (MountOptions &options) const { @@ -1224,12 +1271,14 @@ namespace VeraCrypt if (!options.Password) options.Password = AskPassword(); - if (!options.TrueCryptMode && (options.Pim < 0)) + if (options.Pim < 0) options.Pim = AskPim (_("Enter PIM")); if (!options.Keyfiles) options.Keyfiles = AskKeyfiles(); + options.EMVSupportEnabled = true; + VolumeInfoList mountedVolumes = UserInterface::MountAllDeviceHostedVolumes (options); if (!mountedVolumes.empty()) @@ -1268,6 +1317,8 @@ namespace VeraCrypt VolumePassword password; KeyfileList keyfiles; + options.EMVSupportEnabled = true; + if ((!options.Password || options.Password->IsEmpty()) && (!options.Keyfiles || options.Keyfiles->empty()) && !Core->IsPasswordCacheEmpty()) @@ -1290,7 +1341,7 @@ namespace VeraCrypt options.Password = AskPassword (StringFormatter (_("Enter password for {0}"), wstring (*options.Path))); } - if (!options.TrueCryptMode && (options.Pim < 0)) + if (options.Pim < 0) { options.Pim = AskPim (StringFormatter (_("Enter PIM for {0}"), wstring (*options.Path))); } @@ -1309,7 +1360,7 @@ namespace VeraCrypt { if (!options.ProtectionPassword) options.ProtectionPassword = AskPassword (_("Enter password for hidden volume")); - if (!options.TrueCryptMode && (options.ProtectionPim < 0)) + if (options.ProtectionPim < 0) options.ProtectionPim = AskPim (_("Enter PIM for hidden volume")); if (!options.ProtectionKeyfiles) options.ProtectionKeyfiles = AskKeyfiles (_("Enter keyfile for hidden volume")); @@ -1342,12 +1393,14 @@ namespace VeraCrypt options.UseBackupHeaders = false; ShowInfo (e); options.Password.reset(); + options.Pim = -1; } } else { ShowInfo (e); options.Password.reset(); + options.Pim = -1; } ShowString (L"\n"); @@ -1455,7 +1508,7 @@ namespace VeraCrypt shared_ptr <Pkcs5Kdf> kdf; if (CmdLine->ArgHash) { - kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash, false); + kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); } ShowInfo (LangString["HEADER_RESTORE_EXTERNAL_INTERNAL"]); @@ -1485,6 +1538,7 @@ namespace VeraCrypt shared_ptr <Volume> volume; MountOptions options; options.Path = volumePath; + options.EMVSupportEnabled = true; while (!volume) { @@ -1501,8 +1555,8 @@ namespace VeraCrypt options.Password, options.Pim, kdf, - false, options.Keyfiles, + options.EMVSupportEnabled, options.Protection, options.ProtectionPassword, options.ProtectionPim, @@ -1530,7 +1584,7 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize()); - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); // Write volume header int headerOffset = volume->GetLayout()->GetHeaderOffset(); @@ -1580,6 +1634,7 @@ namespace VeraCrypt // Open the volume header stored in the backup file MountOptions options; + options.EMVSupportEnabled = true; shared_ptr <VolumeLayout> decryptedLayout; @@ -1607,8 +1662,8 @@ namespace VeraCrypt backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0); // Decrypt header - shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password); - if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes())) + shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled); + if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes())) { decryptedLayout = layout; break; @@ -1632,7 +1687,7 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize()); - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); // Write volume header int headerOffset = decryptedLayout->GetHeaderOffset(); @@ -1646,7 +1701,7 @@ namespace VeraCrypt if (decryptedLayout->HasBackupHeader()) { // Re-encrypt backup volume header - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); // Write backup volume header headerOffset = decryptedLayout->GetBackupHeaderOffset(); |