6 files changed, 35 insertions, 20 deletions
diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp
index 171bd165..0360921b 100644
--- a/src/Main/CommandLineInterface.cpp
+++ b/src/Main/CommandLineInterface.cpp
@@ -31,6 +31,7 @@ namespace VeraCrypt
 		ArgVolumeType (VolumeType::Unknown),
 		ArgTrueCryptMode (false),
 		ArgDisableFileSizeCheck (false),
+		ArgUseLegacyPassword (false),
 		StartBackgroundTask (false)
 	{
 		wxCmdLineParser parser;
@@ -98,6 +99,7 @@ namespace VeraCrypt
 		parser.AddParam (								_("Volume path"), wxCMD_LINE_VAL_STRING, wxCMD_LINE_PARAM_OPTIONAL);
 		parser.AddParam (								_("Mount point"), wxCMD_LINE_VAL_STRING, wxCMD_LINE_PARAM_OPTIONAL);
 		parser.AddSwitch (L"",	L"no-size-check",		_("Disable check of container size against disk free space."));
+		parser.AddSwitch (L"",	L"legacy-password-maxlength", _("Use legacy maximum password length (64 UTF-8 bytes)"));
 
 		wxString str;
 		bool param1IsVolume = false;
@@ -336,6 +338,7 @@ namespace VeraCrypt
 
 		ArgTrueCryptMode = parser.Found (L"truecrypt");
 		ArgDisableFileSizeCheck = parser.Found (L"no-size-check");
+		ArgUseLegacyPassword = parser.Found (L"legacy-password-maxlength") || ArgTrueCryptMode;		
 
 #if !defined(TC_WINDOWS) && !defined(TC_MACOSX)
 		if (parser.Found (L"fs-options", &str))
@@ -407,7 +410,7 @@ namespace VeraCrypt
 			ArgNewKeyfiles = ToKeyfileList (str);
 
 		if (parser.Found (L"new-password", &str))
-			ArgNewPassword = ToUTF8Password (str.c_str());
+			ArgNewPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 
 		if (parser.Found (L"new-pim", &str))
 		{
@@ -446,7 +449,7 @@ namespace VeraCrypt
 		{
 			if (Preferences.UseStandardInput)
 				throw_err (L"--password cannot be used with --stdin");
-			ArgPassword = ToUTF8Password (str.c_str());
+			ArgPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 		}
 
 		if (parser.Found (L"pim", &str))
@@ -487,7 +490,7 @@ namespace VeraCrypt
 
 		if (parser.Found (L"protection-password", &str))
 		{
-			ArgMountOptions.ProtectionPassword = ToUTF8Password (str.c_str());
+			ArgMountOptions.ProtectionPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 			ArgMountOptions.Protection = VolumeProtection::HiddenVolumeReadOnly;
 		}
 
@@ -601,7 +604,7 @@ namespace VeraCrypt
 
         if (parser.Found (L"token-pin", &str) && !str.IsEmpty ())
         {
-            ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len ());
+            ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len (), ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
         }
 
 		if (parser.Found (L"verbose"))
@@ -776,18 +779,18 @@ namespace VeraCrypt
 		return filteredVolumes;
 	}
 
-	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount)
+	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount, size_t maxUtf8Len)
 	{
 		if (charCount > 0)
 		{
-			shared_ptr<SecureBuffer> utf8Buffer = ToUTF8Buffer (str, charCount);
+			shared_ptr<SecureBuffer> utf8Buffer = ToUTF8Buffer (str, charCount, maxUtf8Len);
 			return shared_ptr<VolumePassword>(new VolumePassword (*utf8Buffer));
 		}
 		else
 			return shared_ptr<VolumePassword>(new VolumePassword ());
 	}
 
-	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount)
+	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount, size_t maxUtf8Len)
 	{
 		if (charCount == (size_t) -1)
 			charCount = wcslen (str);
@@ -802,8 +805,13 @@ namespace VeraCrypt
 			ulen = utf8.FromWChar ((char*) (byte*) passwordBuf, ulen, str, charCount);
 			if (wxCONV_FAILED == ulen)
 				throw PasswordUTF8Invalid (SRC_POS);
-			if (ulen > VolumePassword::MaxSize)
-				throw PasswordUTF8TooLong (SRC_POS);
+			if (ulen > maxUtf8Len)
+			{
+				if (maxUtf8Len == VolumePassword::MaxLegacySize)
+					throw PasswordLegacyUTF8TooLong (SRC_POS);
+				else
+					throw PasswordUTF8TooLong (SRC_POS);
+			}
 
 			ConstBufferPtr utf8Buffer ((byte*) passwordBuf, ulen);
 			return shared_ptr<SecureBuffer>(new SecureBuffer (utf8Buffer));
diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h
index 9fd67a27..ef4836e6 100644
--- a/src/Main/CommandLineInterface.h
+++ b/src/Main/CommandLineInterface.h
@@ -84,6 +84,7 @@ namespace VeraCrypt
 		bool ArgTrueCryptMode;
         shared_ptr<SecureBuffer> ArgTokenPin;
         bool ArgDisableFileSizeCheck;
+        bool ArgUseLegacyPassword;
 
 		bool StartBackgroundTask;
 		UserPreferences Preferences;
@@ -98,8 +99,8 @@ namespace VeraCrypt
 		CommandLineInterface &operator= (const CommandLineInterface &);
 	};
 
-	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount = (size_t) -1);
-	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount = (size_t) -1);
+	shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount, size_t maxUtf8Len);
+	shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount, size_t maxUtf8Len);
 
 	extern auto_ptr <CommandLineInterface> CmdLine;
 }
diff --git a/src/Main/Forms/VolumePasswordPanel.cpp b/src/Main/Forms/VolumePasswordPanel.cpp
index 8d5e8bc5..ac30075e 100644
--- a/src/Main/Forms/VolumePasswordPanel.cpp
+++ b/src/Main/Forms/VolumePasswordPanel.cpp
@@ -21,6 +21,7 @@ namespace VeraCrypt
 	VolumePasswordPanel::VolumePasswordPanel (wxWindow* parent, MountOptions* options, shared_ptr <VolumePassword> password, bool disableTruecryptMode, shared_ptr <KeyfileList> keyfiles, bool enableCache, bool enablePassword, bool enableKeyfiles, bool enableConfirmation, bool enablePkcs5Prf, bool isMountPassword, const wxString &passwordLabel)
 		: VolumePasswordPanelBase (parent), Keyfiles (new KeyfileList), EnablePimEntry (true)
 	{
+		size_t maxPasswordLength = CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize;
 		if (keyfiles)
 		{
 			*Keyfiles = *keyfiles;
@@ -32,8 +33,8 @@ namespace VeraCrypt
 			UseKeyfilesCheckBox->SetValue (Gui->GetPreferences().UseKeyfiles && !Keyfiles->empty());
 		}
 
-		PasswordTextCtrl->SetMaxLength (VolumePassword::MaxSize);
-		ConfirmPasswordTextCtrl->SetMaxLength (VolumePassword::MaxSize);
+		PasswordTextCtrl->SetMaxLength (maxPasswordLength);
+		ConfirmPasswordTextCtrl->SetMaxLength (maxPasswordLength);
 
 		if (!passwordLabel.empty())
 		{
@@ -195,9 +196,10 @@ namespace VeraCrypt
 		FreezeScope freeze (this);
 		bool isPim = (*textCtrl == VolumePimTextCtrl);
 		int colspan = isPim? 1 : 2;
+		size_t maxPasswordLength = CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize;
 
 		wxTextCtrl *newTextCtrl = new wxTextCtrl (this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, display ? 0 : wxTE_PASSWORD);
-		newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : VolumePassword::MaxSize);
+		newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : maxPasswordLength);
 		newTextCtrl->SetValue ((*textCtrl)->GetValue());
 		newTextCtrl->SetMinSize ((*textCtrl)->GetSize());
 
@@ -226,12 +228,12 @@ namespace VeraCrypt
 	{
 		shared_ptr <VolumePassword> password;
 		wchar_t passwordBuf[VolumePassword::MaxSize + 1];
-		size_t maxPasswordLength = bLegacyPassword? VolumePassword::MaxLegacySize: VolumePassword::MaxSize;
+		size_t maxPasswordLength = (bLegacyPassword || CmdLine->ArgUseLegacyPassword)? VolumePassword::MaxLegacySize: VolumePassword::MaxSize;
 		finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast <byte *> (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); });
 
 #ifdef TC_WINDOWS
 		int len = GetWindowText (static_cast <HWND> (textCtrl->GetHandle()), passwordBuf, VolumePassword::MaxSize + 1);
-		password = ToUTF8Password (passwordBuf, len);
+		password = ToUTF8Password (passwordBuf, len, maxPasswordLength);
 #else
 		wxString passwordStr (textCtrl->GetValue());	// A copy of the password is created here by wxWidgets, which cannot be erased
 		for (size_t i = 0; i < passwordStr.size() && i < maxPasswordLength; ++i)
@@ -239,7 +241,7 @@ namespace VeraCrypt
 			passwordBuf[i] = (wchar_t) passwordStr[i];
 			passwordStr[i] = L'X';
 		}
-		password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength);
+		password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength, maxPasswordLength);
 #endif
 		return password;
 	}
diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp
index d3372db0..32555d3b 100644
--- a/src/Main/Forms/WaitDialog.cpp
+++ b/src/Main/Forms/WaitDialog.cpp
@@ -38,6 +38,7 @@ namespace VeraCrypt
 		VC_CONVERT_EXCEPTION (PasswordEmpty);
 		VC_CONVERT_EXCEPTION (PasswordTooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8TooLong);
+		VC_CONVERT_EXCEPTION (PasswordLegacyUTF8TooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8Invalid);
 		VC_CONVERT_EXCEPTION (UnportablePassword);
 		VC_CONVERT_EXCEPTION (ElevationFailed);
diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp
index 1e007fc7..69d45af4 100644
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -125,7 +125,7 @@ namespace VeraCrypt
 
 			if (verify && verPhase)
 			{
-				shared_ptr <VolumePassword> verPassword = ToUTF8Password (passwordBuf, length);
+				shared_ptr <VolumePassword> verPassword = ToUTF8Password (passwordBuf, length, CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 
 				if (*password != *verPassword)
 				{
@@ -136,7 +136,7 @@ namespace VeraCrypt
 				}
 			}
 
-			password = ToUTF8Password (passwordBuf, length);
+			password = ToUTF8Password (passwordBuf, length, CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize);
 
 			if (!verPhase)
 			{
diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp
index ebad35da..7c29bbe0 100644
--- a/src/Main/UserInterface.cpp
+++ b/src/Main/UserInterface.cpp
@@ -464,6 +464,7 @@ namespace VeraCrypt
 		EX2MSG (PasswordOrMountOptionsIncorrect,	LangString["PASSWORD_OR_KEYFILE_OR_MODE_WRONG"] + _("\n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'Options >' > 'Mount partition using system encryption'."));
 		EX2MSG (PasswordTooLong,					StringFormatter (_("Password is longer than {0} characters."), (int) VolumePassword::MaxSize));
 		EX2MSG (PasswordUTF8TooLong,				LangString["PASSWORD_UTF8_TOO_LONG"]);
+		EX2MSG (PasswordLegacyUTF8TooLong,			LangString["LEGACY_PASSWORD_UTF8_TOO_LONG"]);
 		EX2MSG (PasswordUTF8Invalid,				LangString["PASSWORD_UTF8_INVALID"]);
 		EX2MSG (PartitionDeviceRequired,			_("Partition device required."));
 		EX2MSG (ProtectionPasswordIncorrect,		_("Incorrect password to the protected hidden volume or the hidden volume does not exist."));
@@ -908,7 +909,8 @@ namespace VeraCrypt
 			wstring pwdInput;
 			getline(wcin, pwdInput);
 
-			cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size ());
+			size_t maxUtf8Len = cmdLine.ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize;
+			cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size (), maxUtf8Len);
 		}
 
 		switch (cmdLine.ArgCommand)
@@ -1575,6 +1577,7 @@ namespace VeraCrypt
 		VC_CONVERT_EXCEPTION (PasswordEmpty);
 		VC_CONVERT_EXCEPTION (PasswordTooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8TooLong);
+		VC_CONVERT_EXCEPTION (PasswordLegacyUTF8TooLong);
 		VC_CONVERT_EXCEPTION (PasswordUTF8Invalid);
 		VC_CONVERT_EXCEPTION (UnportablePassword);
 		VC_CONVERT_EXCEPTION (ElevationFailed);