From 453ef927ef734320a715de12ec8536e3a642bc26 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 3 Mar 2019 00:18:48 +0100 Subject: Windows: Add option to use legacy maximum password length (64 characters) instead of new maximum length (128) in UI and command line. This will users who were relying on the UI truncating the passwords to the first 64 characters in the previous versions of VeraCrypt. --- src/Common/Dlgcode.c | 14 +++++++++----- src/Common/Dlgcode.h | 1 + src/Common/Language.xml | 1 + src/Common/Password.c | 2 +- src/Format/Tcformat.c | 5 ++++- src/Mount/Mount.c | 13 +++++++++++++ src/Mount/Mount.rc | 26 ++++++++++++++------------ src/Mount/Resource.h | 3 ++- 8 files changed, 45 insertions(+), 20 deletions(-) diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 27779f53..8ff2d944 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -146,6 +146,7 @@ BOOL bHideWaitingDialog = FALSE; BOOL bCmdHideWaitingDialog = FALSE; BOOL bCmdHideWaitingDialogValid = FALSE; BOOL bUseSecureDesktop = FALSE; +BOOL bUseLegacyMaxPasswordLength = FALSE; BOOL bCmdUseSecureDesktop = FALSE; BOOL bCmdUseSecureDesktopValid = FALSE; BOOL bStartOnLogon = FALSE; @@ -1232,6 +1233,7 @@ static LRESULT CALLBACK NormalPwdFieldProc (HWND hwnd, UINT message, WPARAM wPar { wchar_t *pchData = (wchar_t*)GlobalLock(h); int txtlen = 0; + int dwMaxPassLen = bUseLegacyMaxPasswordLength? MAX_LEGACY_PASSWORD : MAX_PASSWORD; while (*pchData) { if (*pchData == '\r' || *pchData == '\n') @@ -1246,7 +1248,7 @@ static LRESULT CALLBACK NormalPwdFieldProc (HWND hwnd, UINT message, WPARAM wPar if (txtlen) { int curLen = GetWindowTextLength (hwnd); - if (curLen == MAX_PASSWORD) + if (curLen == dwMaxPassLen) { EDITBALLOONTIP ebt; @@ -1261,7 +1263,7 @@ static LRESULT CALLBACK NormalPwdFieldProc (HWND hwnd, UINT message, WPARAM wPar bBlock = true; } - else if ((txtlen + curLen) > MAX_PASSWORD) + else if ((txtlen + curLen) > dwMaxPassLen) { EDITBALLOONTIP ebt; @@ -1293,6 +1295,7 @@ static LRESULT CALLBACK NormalPwdFieldProc (HWND hwnd, UINT message, WPARAM wPar BYTE vkCode = LOBYTE (vk); BYTE vkState = HIBYTE (vk); bool ctrlPressed = (vkState & 2) && !(vkState & 4); + int dwMaxPassLen = bUseLegacyMaxPasswordLength? MAX_LEGACY_PASSWORD : MAX_PASSWORD; // check if there is a selected text SendMessage (hwnd, EM_GETSEL, (WPARAM) &dwStartPos, (LPARAM) &dwEndPos); @@ -1300,7 +1303,7 @@ static LRESULT CALLBACK NormalPwdFieldProc (HWND hwnd, UINT message, WPARAM wPar if ((dwStartPos == dwEndPos) && (vkCode != VK_DELETE) && (vkCode != VK_BACK) && !ctrlPressed - && (GetWindowTextLength (hwnd) == MAX_PASSWORD)) + && (GetWindowTextLength (hwnd) == dwMaxPassLen)) { EDITBALLOONTIP ebt; @@ -1326,8 +1329,9 @@ void ToNormalPwdField (HWND hwndDlg, UINT ctrlId) { HWND hwndCtrl = GetDlgItem (hwndDlg, ctrlId); WNDPROC originalwp = (WNDPROC) GetWindowLongPtrW (hwndCtrl, GWLP_USERDATA); + DWORD dwMaxPassLen = bUseLegacyMaxPasswordLength? MAX_LEGACY_PASSWORD : MAX_PASSWORD; - SendMessage (hwndCtrl, EM_LIMITTEXT, MAX_PASSWORD, 0); + SendMessage (hwndCtrl, EM_LIMITTEXT, dwMaxPassLen, 0); // only change WNDPROC if not changed already if (!originalwp) { @@ -13077,7 +13081,7 @@ BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL BOOL bRet = FALSE; GetWindowText (GetDlgItem (hwndDlg, ctrlID), tmp, ARRAYSIZE (tmp)); - if (bLegacyPassword && (lstrlen (tmp) > MAX_LEGACY_PASSWORD)) + if ((bLegacyPassword || bUseLegacyMaxPasswordLength) && (lstrlen (tmp) > MAX_LEGACY_PASSWORD)) wmemset (&tmp[MAX_LEGACY_PASSWORD], 0, MAX_PASSWORD + 1 - MAX_LEGACY_PASSWORD); utf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, passValue, bufSize, NULL, NULL); burn (tmp, sizeof (tmp)); diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index eccb8e87..54475cb7 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -124,6 +124,7 @@ extern BOOL bHideWaitingDialog; extern BOOL bCmdHideWaitingDialog; extern BOOL bCmdHideWaitingDialogValid; extern BOOL bUseSecureDesktop; +extern BOOL bUseLegacyMaxPasswordLength; extern BOOL bCmdUseSecureDesktop; extern BOOL bCmdUseSecureDesktopValid; extern BOOL bStartOnLogon; diff --git a/src/Common/Language.xml b/src/Common/Language.xml index f62421de..8d96572c 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -1433,6 +1433,7 @@ IMPORTANT NOTES:\n - Please keep in mind that this option will not persist after a shutdown/reboot so you will need to select it again next time the machine is started.\n\n - With this option enabled and after a new device is connected, the machine will freeze and it will eventually crash with a BSOD since Windows can not access the encrypted disk after its keys are cleared from memory.\n Starting Use CPU hardware random generator as an additional source of entropy + Use legacy maximum password length (64 characters) diff --git a/src/Common/Password.c b/src/Common/Password.c index a5050d75..ca0dd468 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -112,7 +112,7 @@ BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw) wchar_t s[MAX_PASSWORD + 1]; len = GetWindowTextLength (hPassword); - if (len > MAX_PASSWORD) + if (len > (bUseLegacyMaxPasswordLength? MAX_LEGACY_PASSWORD: MAX_PASSWORD)) return FALSE; GetWindowTextW (hPassword, s, sizeof (s) / sizeof (wchar_t)); diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index cbd0eec5..b04e95c9 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -779,6 +779,8 @@ static void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, ConfigReadCompareInt ("SaveVolumeHistory", FALSE, &bHistory, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("UseLegacyMaxPasswordLength", FALSE, &bUseLegacyMaxPasswordLength, bOnlyCheckModified, pbSettingsModified); + { char szTmp[MAX_PATH] = {0}; WideCharToMultiByte (CP_UTF8, 0, SecurityTokenLibraryPath, -1, szTmp, MAX_PATH, NULL, NULL); @@ -9080,7 +9082,8 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp))) { - int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (LPSTR) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); + int iMaxPassLen = bUseLegacyMaxPasswordLength? MAX_LEGACY_PASSWORD : MAX_PASSWORD; + int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (LPSTR) CmdVolumePassword.Text, iMaxPassLen + 1, NULL, NULL); burn (szTmp, sizeof (szTmp)); if (iLen > 0) CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index cc3ae11e..c99f538a 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -891,6 +891,8 @@ void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL* ConfigReadCompareInt ("UseSecureDesktop", FALSE, &bUseSecureDesktop, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("UseLegacyMaxPasswordLength", FALSE, &bUseLegacyMaxPasswordLength, bOnlyCheckModified, pbSettingsModified); + ConfigReadCompareInt ("MountVolumesRemovable", FALSE, &defaultMountOptions.Removable, bOnlyCheckModified, pbSettingsModified); ConfigReadCompareInt ("MountVolumesReadOnly", FALSE, &defaultMountOptions.ReadOnly, bOnlyCheckModified, pbSettingsModified); @@ -1049,6 +1051,7 @@ void SaveSettings (HWND hwndDlg) ConfigWriteInt ("ShowDisconnectedNetworkDrives",bShowDisconnectedNetworkDrives); ConfigWriteInt ("HideWaitingDialog", bHideWaitingDialog); ConfigWriteInt ("UseSecureDesktop", bUseSecureDesktop); + ConfigWriteInt ("UseLegacyMaxPasswordLength", bUseLegacyMaxPasswordLength); ConfigWriteInt ("EnableBackgroundTask", bEnableBkgTask); ConfigWriteInt ("CloseBackgroundTaskOnNoVolumes", bCloseBkgTaskWhenNoVolumes); @@ -3340,6 +3343,9 @@ BOOL CALLBACK PreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM SendMessage (GetDlgItem (hwndDlg, IDC_SECURE_DESKTOP_PASSWORD_ENTRY), BM_SETCHECK, bUseSecureDesktop ? BST_CHECKED:BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_USE_LEGACY_MAX_PASSWORD_LENGTH), BM_SETCHECK, + bUseLegacyMaxPasswordLength ? BST_CHECKED:BST_UNCHECKED, 0); + SendMessage (GetDlgItem (hwndDlg, IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT), BM_SETCHECK, bCacheDuringMultipleMount ? BST_CHECKED:BST_UNCHECKED, 0); @@ -3456,6 +3462,7 @@ BOOL CALLBACK PreferencesDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM bShowDisconnectedNetworkDrives = IsButtonChecked (GetDlgItem (hwndDlg, IDC_SHOW_DISCONNECTED_NETWORK_DRIVES)); bHideWaitingDialog = IsButtonChecked (GetDlgItem (hwndDlg, IDC_HIDE_WAITING_DIALOG)); bUseSecureDesktop = IsButtonChecked (GetDlgItem (hwndDlg, IDC_SECURE_DESKTOP_PASSWORD_ENTRY)); + bUseLegacyMaxPasswordLength = IsButtonChecked (GetDlgItem (hwndDlg, IDC_USE_LEGACY_MAX_PASSWORD_LENGTH)); bCacheDuringMultipleMount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT)); bWipeCacheOnExit = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_EXIT)); bWipeCacheOnAutoDismount = IsButtonChecked (GetDlgItem (hwndDlg, IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT)); @@ -6791,6 +6798,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa bShowDisconnectedNetworkDrives = FALSE; bHideWaitingDialog = FALSE; bUseSecureDesktop = FALSE; + bUseLegacyMaxPasswordLength = FALSE; ResetWrongPwdRetryCount (); @@ -6833,6 +6841,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa // Keyfiles LoadDefaultKeyFilesParam (); RestoreDefaultKeyFilesParam (); + + // if maximum password length is set to legacy value, abort if password in command line is longer + if (bUseLegacyMaxPasswordLength && CmdVolumePasswordValid && (CmdVolumePassword.Length > MAX_LEGACY_PASSWORD)) + AbortProcess ("COMMAND_LINE_ERROR"); } if (ComServerMode) @@ -9561,6 +9573,7 @@ static BOOL StartSystemFavoritesService () bShowDisconnectedNetworkDrives = TRUE; bHideWaitingDialog = TRUE; bUseSecureDesktop = FALSE; + bUseLegacyMaxPasswordLength = FALSE; InitOSVersionInfo(); diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index 6082d2cd..9006b46f 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -41,7 +41,7 @@ IDR_MOUNT_TLB TYPELIB "Mount.tlb" // Dialog // -IDD_PREFERENCES_DLG DIALOGEX 0, 0, 336, 340 +IDD_PREFERENCES_DLG DIALOGEX 0, 0, 336, 347 STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU CAPTION "VeraCrypt - Preferences" FONT 8, "MS Shell Dlg", 400, 0, 0x1 @@ -78,30 +78,32 @@ BEGIN CONTROL "Make disconnected network drives available for mounting",IDC_SHOW_DISCONNECTED_NETWORK_DRIVES, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,208,316,10 CONTROL "Cache passwords in driver memory",IDC_PREF_CACHE_PASSWORDS, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,263,146,11 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,271,146,11 CONTROL "Wipe cached passwords on exit",IDC_PREF_WIPE_CACHE_ON_EXIT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,263,165,11 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,162,271,165,11 CONTROL "Temporarily cache password during ""Mount Favorite Volumes"" operations",IDC_PREF_TEMP_CACHE_ON_MULTIPLE_MOUNT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,277,294,11 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,285,294,11 CONTROL "Wipe cached passwords on auto-dismount",IDC_PREF_WIPE_CACHE_ON_AUTODISMOUNT, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,291,296,11 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,299,296,11 CONTROL "Include PIM when caching a password",IDC_PREF_CACHE_PIM, - "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,305,296,10 - PUSHBUTTON "More Settings...",IDC_MORE_SETTINGS,5,324,85,14 - DEFPUSHBUTTON "OK",IDOK,225,324,50,14 - PUSHBUTTON "Cancel",IDCANCEL,281,324,50,14 - GROUPBOX "Windows",IDT_WINDOWS_RELATED_SETTING,4,160,328,87 + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,313,296,10 + PUSHBUTTON "More Settings...",IDC_MORE_SETTINGS,5,331,85,14 + DEFPUSHBUTTON "OK",IDOK,225,331,50,14 + PUSHBUTTON "Cancel",IDCANCEL,281,331,50,14 + GROUPBOX "Windows",IDT_WINDOWS_RELATED_SETTING,4,160,328,97 GROUPBOX "Default Mount Options",IDT_DEFAULT_MOUNT_OPTIONS,4,3,328,26 GROUPBOX "VeraCrypt Background Task",IDT_TASKBAR_ICON,4,33,328,26 GROUPBOX "Auto-Dismount",IDT_AUTO_DISMOUNT,4,94,328,62 LTEXT "minutes",IDT_MINUTES,289,129,39,10 LTEXT "Dismount all when:",IDT_AUTO_DISMOUNT_ON,9,104,71,20 - GROUPBOX "Password Cache",IDT_PW_CACHE_OPTIONS,4,252,328,68 + GROUPBOX "Password Cache",IDT_PW_CACHE_OPTIONS,4,260,328,68 GROUPBOX "Actions to perform upon logon to Windows",IDT_LOGON,4,63,328,28 CONTROL "Don't show wait message dialog when performing operations",IDC_HIDE_WAITING_DIALOG, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,220,316,10 CONTROL "Use Secure Desktop for password entry",IDC_SECURE_DESKTOP_PASSWORD_ENTRY, "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,232,316,10 + CONTROL "Use legacy maximum password length (64 characters)",IDC_USE_LEGACY_MAX_PASSWORD_LENGTH, + "Button",BS_AUTOCHECKBOX | WS_TABSTOP,11,244,316,10 END IDD_VOLUME_PROPERTIES DIALOGEX 60, 30, 284, 224 @@ -442,7 +444,7 @@ BEGIN LEFTMARGIN, 7 RIGHTMARGIN, 329 TOPMARGIN, 7 - BOTTOMMARGIN, 338 + BOTTOMMARGIN, 345 END IDD_VOLUME_PROPERTIES, DIALOG diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h index f0903cab..d102faf4 100644 --- a/src/Mount/Resource.h +++ b/src/Mount/Resource.h @@ -194,6 +194,7 @@ #define IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION 1171 #define IDC_ENABLE_CPU_RNG 1172 #define IDC_ENABLE_RAM_ENCRYPTION 1173 +#define IDC_USE_LEGACY_MAX_PASSWORD_LENGTH 1174 #define IDM_HELP 40001 #define IDM_ABOUT 40002 #define IDM_UNMOUNT_VOLUME 40003 @@ -270,7 +271,7 @@ #define _APS_NO_MFC 1 #define _APS_NEXT_RESOURCE_VALUE 120 #define _APS_NEXT_COMMAND_VALUE 40069 -#define _APS_NEXT_CONTROL_VALUE 1174 +#define _APS_NEXT_CONTROL_VALUE 1175 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif -- cgit v1.2.3