From 034b64f4153550cbe5849bcbfc27e187377cc512 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Thu, 29 Jun 2023 00:06:20 +0200 Subject: EMV keyfile support: Overall code improvements and bug fixes --- src/Main/CommandLineInterface.cpp | 10 ++--- src/Main/CommandLineInterface.h | 4 +- src/Main/Forms/ChangePasswordDialog.cpp | 2 +- src/Main/Forms/Forms.cpp | 10 ++--- src/Main/Forms/Forms.h | 2 +- src/Main/Forms/MainFrame.cpp | 4 +- src/Main/Forms/MountOptionsDialog.cpp | 2 +- src/Main/Forms/PreferencesDialog.cpp | 2 +- src/Main/Forms/SecurityTokenKeyfilesDialog.cpp | 52 ++++++++++++++------------ src/Main/Forms/VolumeCreationWizard.cpp | 8 ++-- src/Main/Forms/WaitDialog.cpp | 20 ++++++---- src/Main/GraphicUserInterface.cpp | 18 ++++----- src/Main/GraphicUserInterface.h | 4 +- src/Main/TextUserInterface.cpp | 36 +++++++++++------- src/Main/TextUserInterface.h | 4 +- src/Main/UserInterface.cpp | 48 +++++++++++++++--------- src/Main/UserInterface.h | 4 +- src/Main/UserPreferences.cpp | 4 +- src/Main/UserPreferences.h | 4 +- 19 files changed, 135 insertions(+), 103 deletions(-) (limited to 'src/Main') diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp index dabfcad6..a7189652 100644 --- a/src/Main/CommandLineInterface.cpp +++ b/src/Main/CommandLineInterface.cpp @@ -56,7 +56,7 @@ namespace VeraCrypt parser.AddSwitch (L"", L"display-password", _("Display password while typing")); parser.AddOption (L"", L"encryption", _("Encryption algorithm")); parser.AddSwitch (L"", L"explore", _("Open explorer window for mounted volume")); - parser.AddSwitch (L"", L"export-token-keyfile",_("Export keyfile from security token")); + parser.AddSwitch (L"", L"export-token-keyfile",_("Export keyfile from token")); parser.AddOption (L"", L"filesystem", _("Filesystem type")); parser.AddSwitch (L"f", L"force", _("Force mount/dismount/overwrite")); #if !defined(TC_WINDOWS) && !defined(TC_MACOSX) @@ -67,9 +67,9 @@ namespace VeraCrypt parser.AddSwitch (L"", L"import-token-keyfiles", _("Import keyfiles to security token")); parser.AddOption (L"k", L"keyfiles", _("Keyfiles")); parser.AddSwitch (L"l", L"list", _("List mounted volumes")); - parser.AddSwitch (L"", L"list-token-keyfiles", _("List token keyfiles")); + parser.AddSwitch (L"", L"list-token-keyfiles", _("List token keyfiles")); parser.AddSwitch (L"", L"list-securitytoken-keyfiles", _("List security token keyfiles")); - parser.AddSwitch (L"", L"list-emvtoken-keyfiles", _("List emv token keyfiles")); + parser.AddSwitch (L"", L"list-emvtoken-keyfiles", _("List EMV token keyfiles")); parser.AddSwitch (L"", L"load-preferences", _("Load user preferences")); parser.AddSwitch (L"", L"mount", _("Mount volume interactively")); parser.AddOption (L"m", L"mount-options", _("VeraCrypt volume mount options")); @@ -221,13 +221,13 @@ namespace VeraCrypt if (parser.Found (L"export-token-keyfile")) { CheckCommandSingle(); - ArgCommand = CommandId::ExportSecurityTokenKeyfile; + ArgCommand = CommandId::ExportTokenKeyfile; } if (parser.Found (L"import-token-keyfiles")) { CheckCommandSingle(); - ArgCommand = CommandId::ImportSecurityTokenKeyfiles; + ArgCommand = CommandId::ImportTokenKeyfiles; } if (parser.Found (L"list")) diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h index 21fb5c89..6a31932e 100644 --- a/src/Main/CommandLineInterface.h +++ b/src/Main/CommandLineInterface.h @@ -39,9 +39,9 @@ namespace VeraCrypt DismountVolumes, DisplayVersion, DisplayVolumeProperties, - ExportSecurityTokenKeyfile, + ExportTokenKeyfile, Help, - ImportSecurityTokenKeyfiles, + ImportTokenKeyfiles, ListTokenKeyfiles, ListSecurityTokenKeyfiles, ListEMVTokenKeyfiles, diff --git a/src/Main/Forms/ChangePasswordDialog.cpp b/src/Main/Forms/ChangePasswordDialog.cpp index 0992cf3b..0b54fefc 100644 --- a/src/Main/Forms/ChangePasswordDialog.cpp +++ b/src/Main/Forms/ChangePasswordDialog.cpp @@ -204,7 +204,7 @@ namespace VeraCrypt wxBusyCursor busy; ChangePasswordThreadRoutine routine(Path, Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps, CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), CurrentPasswordPanel->GetTrueCryptMode(),CurrentPasswordPanel->GetKeyfiles(), - newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().ActivateEMVOption); + newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled); Gui->ExecuteWaitThreadRoutine (this, &routine); } diff --git a/src/Main/Forms/Forms.cpp b/src/Main/Forms/Forms.cpp index 8667a741..e92b970e 100644 --- a/src/Main/Forms/Forms.cpp +++ b/src/Main/Forms/Forms.cpp @@ -2208,13 +2208,13 @@ PreferencesDialogBase::PreferencesDialogBase( wxWindow* parent, wxWindowID id, c bSizer128->Add( sbSizer37, 0, wxEXPAND|wxALL, 5 ); - wxStaticBoxSizer* sbSizer38; - sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("IDT_EMV_OPTIONS") ), wxVERTICAL ); + wxStaticBoxSizer* sbSizer38; + sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("IDT_EMV_OPTIONS") ), wxVERTICAL ); - ActivateEMVOptionCheckBox = new wxCheckBox( sbSizer38->GetStaticBox(), wxID_ANY, _("IDC_ACTIVATE_EMV_OPTION"), wxDefaultPosition, wxDefaultSize, 0 ); - sbSizer38->Add( ActivateEMVOptionCheckBox, 0, wxALL, 5 ); + EMVSupportEnabledCheckBox = new wxCheckBox( sbSizer38->GetStaticBox(), wxID_ANY, _("IDC_ENABLE_EMV_SUPPORT"), wxDefaultPosition, wxDefaultSize, 0 ); + sbSizer38->Add( EMVSupportEnabledCheckBox, 0, wxALL, 5 ); - bSizer128->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 ); + bSizer128->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 ); bSizer127->Add( bSizer128, 1, wxEXPAND|wxALL, 5 ); diff --git a/src/Main/Forms/Forms.h b/src/Main/Forms/Forms.h index 904e96dd..60937550 100644 --- a/src/Main/Forms/Forms.h +++ b/src/Main/Forms/Forms.h @@ -593,7 +593,7 @@ namespace VeraCrypt wxTextCtrl* Pkcs11ModulePathTextCtrl; wxButton* SelectPkcs11ModuleButton; wxCheckBox* CloseSecurityTokenSessionsAfterMountCheckBox; - wxCheckBox* ActivateEMVOptionCheckBox; + wxCheckBox* EMVSupportEnabledCheckBox; wxListCtrl* HotkeyListCtrl; wxTextCtrl* HotkeyTextCtrl; wxButton* AssignHotkeyButton; diff --git a/src/Main/Forms/MainFrame.cpp b/src/Main/Forms/MainFrame.cpp index b52682ce..4b9b9bf1 100644 --- a/src/Main/Forms/MainFrame.cpp +++ b/src/Main/Forms/MainFrame.cpp @@ -683,7 +683,7 @@ namespace VeraCrypt { mountOptions.Pim = CmdLine->ArgPim; } - mountOptions.EMVOption = GetPreferences().ActivateEMVOption; + mountOptions.EMVSupportEnabled = GetPreferences().EMVSupportEnabled; Gui->MountAllFavoriteVolumes (mountOptions); } catch (exception &e) @@ -718,7 +718,7 @@ namespace VeraCrypt { mountOptions.Pim = CmdLine->ArgPim; } - mountOptions.EMVOption = GetPreferences().ActivateEMVOption; + mountOptions.EMVSupportEnabled = GetPreferences().EMVSupportEnabled; try { diff --git a/src/Main/Forms/MountOptionsDialog.cpp b/src/Main/Forms/MountOptionsDialog.cpp index 28a9919c..4b8f7ce5 100644 --- a/src/Main/Forms/MountOptionsDialog.cpp +++ b/src/Main/Forms/MountOptionsDialog.cpp @@ -193,7 +193,7 @@ namespace VeraCrypt Options.MountPoint = make_shared (mountPoint); Options.FilesystemOptions = FilesystemOptionsTextCtrl->GetValue(); - Options.EMVOption = Gui->GetPreferences().ActivateEMVOption; + Options.EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled; EndModal (wxID_OK); } diff --git a/src/Main/Forms/PreferencesDialog.cpp b/src/Main/Forms/PreferencesDialog.cpp index 6caae325..abf1d505 100644 --- a/src/Main/Forms/PreferencesDialog.cpp +++ b/src/Main/Forms/PreferencesDialog.cpp @@ -96,7 +96,7 @@ namespace VeraCrypt // Security tokens Pkcs11ModulePathTextCtrl->SetValue (wstring (Preferences.SecurityTokenModule)); TC_CHECK_BOX_VALIDATOR (CloseSecurityTokenSessionsAfterMount); - TC_CHECK_BOX_VALIDATOR (ActivateEMVOption); + TC_CHECK_BOX_VALIDATOR (EMVSupportEnabled); // System integration TC_CHECK_BOX_VALIDATOR (StartOnLogon); diff --git a/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp b/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp index 2c5896a7..d78e22fd 100644 --- a/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp +++ b/src/Main/Forms/SecurityTokenKeyfilesDialog.cpp @@ -53,7 +53,7 @@ namespace VeraCrypt wxBusyCursor busy; SecurityTokenKeyfileListCtrl->DeleteAllItems(); - SecurityTokenKeyfileList = Token::GetAvailableKeyfiles(Gui->GetPreferences().ActivateEMVOption); + SecurityTokenKeyfileList = Token::GetAvailableKeyfiles(Gui->GetPreferences().EMVSupportEnabled); size_t i = 0; foreach (const shared_ptr key, SecurityTokenKeyfileList) @@ -177,34 +177,38 @@ namespace VeraCrypt } } - void SecurityTokenKeyfilesDialog::OnListItemSelected(wxListEvent &event) { - if (event.GetItem().GetData() != (wxUIntPtr) nullptr) { - BOOL deletable = true; - foreach(long - item, Gui->GetListCtrlSelectedItems(SecurityTokenKeyfileListCtrl)) - { - TokenKeyfile *keyfile = reinterpret_cast (SecurityTokenKeyfileListCtrl->GetItemData( - item)); - if (!keyfile->Token->isEditable()) { - deletable = false; - } - } - if (deletable) { - DeleteButton->Enable(); - } - ExportButton->Enable(); - OKButton->Enable(); - } - } + void SecurityTokenKeyfilesDialog::OnListItemSelected(wxListEvent &event) + { + if (event.GetItem().GetData() != (wxUIntPtr) nullptr) + { + BOOL deletable = true; + foreach(long + item, Gui->GetListCtrlSelectedItems(SecurityTokenKeyfileListCtrl)) + { + TokenKeyfile *keyfile = reinterpret_cast (SecurityTokenKeyfileListCtrl->GetItemData(item)); + if (!keyfile->Token->isEditable()) + { + deletable = false; + break; + } + } + if (deletable) + { + DeleteButton->Enable(); + } + ExportButton->Enable(); + OKButton->Enable(); + } + } void SecurityTokenKeyfilesDialog::OnOKButtonClick () { foreach (long item, Gui->GetListCtrlSelectedItems (SecurityTokenKeyfileListCtrl)) - { - TokenKeyfile *key = reinterpret_cast (SecurityTokenKeyfileListCtrl->GetItemData(item)); + { + TokenKeyfile *key = reinterpret_cast (SecurityTokenKeyfileListCtrl->GetItemData(item)); - SelectedSecurityTokenKeyfilePaths.push_back(*key); - } + SelectedSecurityTokenKeyfilePaths.push_back(*key); + } EndModal (wxID_OK); } } diff --git a/src/Main/Forms/VolumeCreationWizard.cpp b/src/Main/Forms/VolumeCreationWizard.cpp index 0487455f..5939fc1b 100644 --- a/src/Main/Forms/VolumeCreationWizard.cpp +++ b/src/Main/Forms/VolumeCreationWizard.cpp @@ -795,7 +795,7 @@ namespace VeraCrypt shared_ptr hiddenPassword; try { - hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption); + hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled); } catch (...) { @@ -846,7 +846,7 @@ namespace VeraCrypt shared_ptr hiddenPassword; try { - hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption); + hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled); } catch (...) { @@ -1032,7 +1032,7 @@ namespace VeraCrypt options->Size = VolumeSize; options->Type = OuterVolume ? VolumeType::Normal : SelectedVolumeType; options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*SelectedHash, false); - options->EMVOption = Gui->GetPreferences().ActivateEMVOption; + options->EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled; Creator.reset (new VolumeCreator); @@ -1162,7 +1162,7 @@ namespace VeraCrypt // remember Outer password and keyfiles in order to be able to compare it with those of Hidden volume try { - OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption); + OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled); } catch (...) { diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp index c2e0be96..720c2bdc 100644 --- a/src/Main/Forms/WaitDialog.cpp +++ b/src/Main/Forms/WaitDialog.cpp @@ -9,8 +9,8 @@ #include "System.h" #include "Volume/EncryptionModeXTS.h" #include "Main/GraphicUserInterface.h" +#include "Common/PCSCException.h" #include "Common/SecurityToken.h" -#include "Common/IccDataExtractor.h" #include "WaitDialog.h" namespace VeraCrypt @@ -103,12 +103,18 @@ namespace VeraCrypt VC_CONVERT_EXCEPTION (VolumeException); VC_CONVERT_EXCEPTION (PasswordException); - VC_CONVERT_EXCEPTION (PCSCException); - VC_CONVERT_EXCEPTION (WinscardLibraryNotInitialized); - VC_CONVERT_EXCEPTION (InvalidEMVPath); - VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound); - VC_CONVERT_EXCEPTION (EMVPANNotFound); - VC_CONVERT_EXCEPTION (EMVUnknownCardType); + VC_CONVERT_EXCEPTION (PCSCException); + VC_CONVERT_EXCEPTION (CommandAPDUNotValid); + VC_CONVERT_EXCEPTION (ExtendedAPDUNotSupported); + VC_CONVERT_EXCEPTION (ScardLibraryInitializationFailed); + VC_CONVERT_EXCEPTION (EMVUnknownCardType); + VC_CONVERT_EXCEPTION (EMVSelectAIDFailed); + VC_CONVERT_EXCEPTION (EMVIccCertNotFound); + VC_CONVERT_EXCEPTION (EMVIssuerCertNotFound); + VC_CONVERT_EXCEPTION (EMVCPLCNotFound); + VC_CONVERT_EXCEPTION (InvalidEMVPath); + VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound); + VC_CONVERT_EXCEPTION (EMVPANNotFound); throw *ex; } diff --git a/src/Main/GraphicUserInterface.cpp b/src/Main/GraphicUserInterface.cpp index c76f1886..6786e9a8 100644 --- a/src/Main/GraphicUserInterface.cpp +++ b/src/Main/GraphicUserInterface.cpp @@ -193,7 +193,7 @@ namespace VeraCrypt options->Kdf, false, options->Keyfiles, - options->EMVOption, + options->EMVSupportEnabled, options->Protection, options->ProtectionPassword, options->ProtectionPim, @@ -222,7 +222,7 @@ namespace VeraCrypt options->Kdf, false, options->Keyfiles, - options->EMVOption, + options->EMVSupportEnabled, options->Protection, options->ProtectionPassword, options->ProtectionPim, @@ -317,7 +317,7 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize()); - ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVOption); + ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled); ExecuteWaitThreadRoutine (parent, &routine); @@ -326,7 +326,7 @@ namespace VeraCrypt if (hiddenVolume) { // Re-encrypt hidden volume header - ReEncryptHeaderThreadRoutine hiddenRoutine(newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVOption); + ReEncryptHeaderThreadRoutine hiddenRoutine(newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled); ExecuteWaitThreadRoutine (parent, &hiddenRoutine); } @@ -1468,7 +1468,7 @@ namespace VeraCrypt options.Kdf, options.TrueCryptMode, options.Keyfiles, - options.EMVOption, + options.EMVSupportEnabled, options.Protection, options.ProtectionPassword, options.ProtectionPim, @@ -1501,7 +1501,7 @@ namespace VeraCrypt // Re-encrypt volume header wxBusyCursor busy; SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize()); - ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption); + ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); ExecuteWaitThreadRoutine (parent, &routine); @@ -1582,7 +1582,7 @@ namespace VeraCrypt backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0); // Decrypt header - shared_ptr passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVOption); + shared_ptr passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled); Pkcs5KdfList keyDerivationFunctions = layout->GetSupportedKeyDerivationFunctions(options.TrueCryptMode); EncryptionAlgorithmList encryptionAlgorithms = layout->GetSupportedEncryptionAlgorithms(); EncryptionModeList encryptionModes = layout->GetSupportedEncryptionModes(); @@ -1616,7 +1616,7 @@ namespace VeraCrypt // Re-encrypt volume header wxBusyCursor busy; SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize()); - ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption); + ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); ExecuteWaitThreadRoutine (parent, &routine); @@ -1632,7 +1632,7 @@ namespace VeraCrypt if (decryptedLayout->HasBackupHeader()) { // Re-encrypt backup volume header - ReEncryptHeaderThreadRoutine backupRoutine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption); + ReEncryptHeaderThreadRoutine backupRoutine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); ExecuteWaitThreadRoutine (parent, &backupRoutine); diff --git a/src/Main/GraphicUserInterface.h b/src/Main/GraphicUserInterface.h index e50c6386..820a4831 100644 --- a/src/Main/GraphicUserInterface.h +++ b/src/Main/GraphicUserInterface.h @@ -46,7 +46,7 @@ namespace VeraCrypt virtual void DoShowWarning (const wxString &message) const; virtual void EndBusyState () const { wxEndBusyCursor(); } virtual void EndInteractiveBusyState (wxWindow *window) const; - virtual void ExportSecurityTokenKeyfile () const { ThrowTextModeRequired(); } + virtual void ExportTokenKeyfile () const { ThrowTextModeRequired(); } virtual wxTopLevelWindow *GetActiveWindow () const; virtual shared_ptr GetAdminPasswordRequestHandler (); virtual int GetCharHeight (wxWindow *window) const; @@ -58,7 +58,7 @@ namespace VeraCrypt virtual int GetScrollbarWidth (wxWindow *window, bool noScrollBar = false) const; virtual list GetListCtrlSelectedItems (wxListCtrl *listCtrl) const; virtual wxString GetListCtrlSubItemText (wxListCtrl *listCtrl, long itemIndex, int columnIndex) const; - virtual void ImportSecurityTokenKeyfiles () const { ThrowTextModeRequired(); } + virtual void ImportTokenKeyfiles () const { ThrowTextModeRequired(); } virtual void InitSecurityTokenLibrary () const; virtual void InsertToListCtrl (wxListCtrl *listCtrl, long itemIndex, const vector &itemFields, int imageIndex = -1, void *itemDataPtr = nullptr) const; virtual bool IsInBackgroundMode () const { return BackgroundMode; } diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp index f4f73d7f..22df8e1f 100644 --- a/src/Main/TextUserInterface.cpp +++ b/src/Main/TextUserInterface.cpp @@ -289,6 +289,9 @@ namespace VeraCrypt normalVolumeMountOptions.Path = volumePath; hiddenVolumeMountOptions.Path = volumePath; + normalVolumeMountOptions.EMVSupportEnabled = true; + hiddenVolumeMountOptions.EMVSupportEnabled = true; + VolumeType::Enum volumeType = VolumeType::Normal; // Open both types of volumes @@ -314,7 +317,7 @@ namespace VeraCrypt kdf, false, options->Keyfiles, - true, + options->EMVSupportEnabled, options->Protection, options->ProtectionPassword, options->ProtectionPim, @@ -340,7 +343,7 @@ namespace VeraCrypt kdf, false, options->Keyfiles, - true, + options->EMVSupportEnabled, options->Protection, options->ProtectionPassword, options->ProtectionPim, @@ -411,14 +414,14 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize()); - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, true); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled); backupFile.Write (newHeaderBuffer); if (hiddenVolume) { // Re-encrypt hidden volume header - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, true); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled); } else { @@ -915,7 +918,7 @@ namespace VeraCrypt wxLongLong startTime = wxGetLocalTimeMillis(); VolumeCreator creator; - options->EMVOption = true; + options->EMVSupportEnabled = true; creator.CreateVolume (options); bool volumeCreated = false; @@ -957,6 +960,7 @@ namespace VeraCrypt mountOptions.Password = options->Password; mountOptions.Pim = options->Pim; mountOptions.Keyfiles = options->Keyfiles; + mountOptions.EMVSupportEnabled = true; shared_ptr volume = Core->MountVolume (mountOptions); finally_do_arg (shared_ptr , volume, { Core->DismountVolume (finally_arg, true); }); @@ -1053,9 +1057,9 @@ namespace VeraCrypt wcerr << L"Warning: " << static_cast (message) << endl; } - void TextUserInterface::ExportSecurityTokenKeyfile () const + void TextUserInterface::ExportTokenKeyfile () const { - wstring keyfilePath = AskString (_("Enter security token keyfile path: ")); + wstring keyfilePath = AskString (_("Enter token keyfile path: ")); if (keyfilePath.empty()) throw UserAbort (SRC_POS); @@ -1103,7 +1107,7 @@ namespace VeraCrypt return shared_ptr (new AdminPasswordRequestHandler (this)); } - void TextUserInterface::ImportSecurityTokenKeyfiles () const + void TextUserInterface::ImportTokenKeyfiles () const { list > tokens = Token::GetAvailableTokens(); @@ -1268,6 +1272,8 @@ namespace VeraCrypt if (!options.Keyfiles) options.Keyfiles = AskKeyfiles(); + options.EMVSupportEnabled = true; + VolumeInfoList mountedVolumes = UserInterface::MountAllDeviceHostedVolumes (options); if (!mountedVolumes.empty()) @@ -1306,6 +1312,8 @@ namespace VeraCrypt VolumePassword password; KeyfileList keyfiles; + options.EMVSupportEnabled = true; + if ((!options.Password || options.Password->IsEmpty()) && (!options.Keyfiles || options.Keyfiles->empty()) && !Core->IsPasswordCacheEmpty()) @@ -1526,6 +1534,7 @@ namespace VeraCrypt shared_ptr volume; MountOptions options; options.Path = volumePath; + options.EMVSupportEnabled = true; while (!volume) { @@ -1544,7 +1553,7 @@ namespace VeraCrypt kdf, false, options.Keyfiles, - true, + options.EMVSupportEnabled, options.Protection, options.ProtectionPassword, options.ProtectionPim, @@ -1572,7 +1581,7 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize()); - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, true); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); // Write volume header int headerOffset = volume->GetLayout()->GetHeaderOffset(); @@ -1622,6 +1631,7 @@ namespace VeraCrypt // Open the volume header stored in the backup file MountOptions options; + options.EMVSupportEnabled = true; shared_ptr decryptedLayout; @@ -1649,7 +1659,7 @@ namespace VeraCrypt backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0); // Decrypt header - shared_ptr passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, true); + shared_ptr passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled); if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes())) { decryptedLayout = layout; @@ -1674,7 +1684,7 @@ namespace VeraCrypt // Re-encrypt volume header SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize()); - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, true); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); // Write volume header int headerOffset = decryptedLayout->GetHeaderOffset(); @@ -1688,7 +1698,7 @@ namespace VeraCrypt if (decryptedLayout->HasBackupHeader()) { // Re-encrypt backup volume header - Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, true); + Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled); // Write backup volume header headerOffset = decryptedLayout->GetBackupHeaderOffset(); diff --git a/src/Main/TextUserInterface.h b/src/Main/TextUserInterface.h index 5e64aac7..dc16fe97 100644 --- a/src/Main/TextUserInterface.h +++ b/src/Main/TextUserInterface.h @@ -44,9 +44,9 @@ namespace VeraCrypt virtual void DoShowString (const wxString &str) const; virtual void DoShowWarning (const wxString &message) const; virtual void EndBusyState () const { } - virtual void ExportSecurityTokenKeyfile () const; + virtual void ExportTokenKeyfile () const; virtual shared_ptr GetAdminPasswordRequestHandler (); - virtual void ImportSecurityTokenKeyfiles () const; + virtual void ImportTokenKeyfiles () const; #ifndef TC_NO_GUI virtual bool Initialize (int &argc, wxChar **argv) { return wxAppBase::Initialize(argc, argv); } #endif diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp index 132ad0e0..c2e95f7e 100644 --- a/src/Main/UserInterface.cpp +++ b/src/Main/UserInterface.cpp @@ -17,6 +17,7 @@ #include #include "Crypto/cpu.h" #include "Platform/PlatformTest.h" +#include "Common/PCSCException.h" #ifdef TC_UNIX #include #include "Platform/Unix/Process.h" @@ -24,7 +25,6 @@ #include "Platform/SystemInfo.h" #include "Platform/SystemException.h" #include "Common/SecurityToken.h" -#include "Common/IccDataExtractor.h" #include "Volume/EncryptionTest.h" #include "Application.h" #include "FavoriteVolume.h" @@ -501,12 +501,18 @@ namespace VeraCrypt EX2MSG (StringFormatterException, LangString["LINUX_EX2MSG_STRINGFORMATTEREXCEPTION"]); EX2MSG (TemporaryDirectoryFailure, LangString["LINUX_EX2MSG_TEMPORARYDIRECTORYFAILURE"]); EX2MSG (UnportablePassword, LangString["UNSUPPORTED_CHARS_IN_PWD"]); - - EX2MSG (WinscardLibraryNotInitialized, LangString["WINSCARD_MODULE_INIT_FAILED"]); - EX2MSG (InvalidEMVPath, LangString["INVALID_EMV_PATH"]); - EX2MSG (EMVKeyfileDataNotFound, LangString["EMV_KEYFILE_DATA_NOT_FOUND"]); - EX2MSG (EMVPANNotFound, LangString["EMV_PAN_NOT_FOUND"]); - EX2MSG (EMVUnknownCardType, LangString["EMV_UNKNOWN_CARD_TYPE"]); + + EX2MSG (CommandAPDUNotValid, LangString["COMMAND_APDU_INVALID"]); + EX2MSG (ExtendedAPDUNotSupported, LangString["EXTENDED_APDU_UNSUPPORTED"]); + EX2MSG (ScardLibraryInitializationFailed, LangString["SCARD_MODULE_INIT_FAILED"]); + EX2MSG (EMVUnknownCardType, LangString["EMV_UNKNOWN_CARD_TYPE"]); + EX2MSG (EMVSelectAIDFailed, LangString["EMV_SELECT_AID_FAILED"]); + EX2MSG (EMVIccCertNotFound, LangString["EMV_ICC_CERT_NOTFOUND"]); + EX2MSG (EMVIssuerCertNotFound, LangString["EMV_ISSUER_CERT_NOTFOUND"]); + EX2MSG (EMVCPLCNotFound, LangString["EMV_CPLC_NOTFOUND"]); + EX2MSG (InvalidEMVPath, LangString["EMV_PAN_NOTFOUND"]); + EX2MSG (EMVKeyfileDataNotFound, LangString["INVALID_EMV_PATH"]); + EX2MSG (EMVPANNotFound, LangString["EMV_KEYFILE_DATA_NOTFOUND"]); #if defined (TC_LINUX) EX2MSG (TerminalNotFound, LangString["LINUX_EX2MSG_TERMINALNOTFOUND"]); @@ -1150,7 +1156,7 @@ namespace VeraCrypt " Delete keyfiles from security tokens. See also command --list-token-keyfiles.\n" "\n" "--export-token-keyfile\n" - " Export a keyfile from a token keyfile. See also command --list-token-keyfiles.\n" + " Export a keyfile from a token. See also command --list-token-keyfiles.\n" "\n" "--import-token-keyfiles\n" " Import keyfiles to a security token. See also option --token-lib.\n" @@ -1393,12 +1399,12 @@ namespace VeraCrypt } return true; - case CommandId::ExportSecurityTokenKeyfile: - ExportSecurityTokenKeyfile(); + case CommandId::ExportTokenKeyfile: + ExportTokenKeyfile(); return true; - case CommandId::ImportSecurityTokenKeyfiles: - ImportSecurityTokenKeyfiles(); + case CommandId::ImportTokenKeyfiles: + ImportTokenKeyfiles(); return true; case CommandId::ListTokenKeyfiles: @@ -1694,12 +1700,18 @@ namespace VeraCrypt VC_CONVERT_EXCEPTION (VolumeException); VC_CONVERT_EXCEPTION (PasswordException); - VC_CONVERT_EXCEPTION (PCSCException); - VC_CONVERT_EXCEPTION (WinscardLibraryNotInitialized); - VC_CONVERT_EXCEPTION (InvalidEMVPath); - VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound); - VC_CONVERT_EXCEPTION (EMVPANNotFound); - VC_CONVERT_EXCEPTION (EMVUnknownCardType); + VC_CONVERT_EXCEPTION (PCSCException); + VC_CONVERT_EXCEPTION (CommandAPDUNotValid); + VC_CONVERT_EXCEPTION (ExtendedAPDUNotSupported); + VC_CONVERT_EXCEPTION (ScardLibraryInitializationFailed); + VC_CONVERT_EXCEPTION (EMVUnknownCardType); + VC_CONVERT_EXCEPTION (EMVSelectAIDFailed); + VC_CONVERT_EXCEPTION (EMVIccCertNotFound); + VC_CONVERT_EXCEPTION (EMVIssuerCertNotFound); + VC_CONVERT_EXCEPTION (EMVCPLCNotFound); + VC_CONVERT_EXCEPTION (InvalidEMVPath); + VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound); + VC_CONVERT_EXCEPTION (EMVPANNotFound); throw *ex; } diff --git a/src/Main/UserInterface.h b/src/Main/UserInterface.h index 4b628235..39c2be61 100644 --- a/src/Main/UserInterface.h +++ b/src/Main/UserInterface.h @@ -49,10 +49,10 @@ namespace VeraCrypt virtual void DoShowWarning (const wxString &message) const = 0; virtual void EndBusyState () const = 0; static wxString ExceptionToMessage (const exception &ex); - virtual void ExportSecurityTokenKeyfile () const = 0; + virtual void ExportTokenKeyfile () const = 0; virtual shared_ptr GetAdminPasswordRequestHandler () = 0; virtual const UserPreferences &GetPreferences () const { return Preferences; } - virtual void ImportSecurityTokenKeyfiles () const = 0; + virtual void ImportTokenKeyfiles () const = 0; virtual void Init (); virtual void InitSecurityTokenLibrary () const = 0; virtual void ListMountedVolumes (const VolumeInfoList &volumes) const; diff --git a/src/Main/UserPreferences.cpp b/src/Main/UserPreferences.cpp index d5b37bab..ef14b2c8 100644 --- a/src/Main/UserPreferences.cpp +++ b/src/Main/UserPreferences.cpp @@ -79,7 +79,7 @@ namespace VeraCrypt TC_CONFIG_SET (CloseBackgroundTaskOnNoVolumes); TC_CONFIG_SET (CloseExplorerWindowsOnDismount); TC_CONFIG_SET (CloseSecurityTokenSessionsAfterMount); - TC_CONFIG_SET (ActivateEMVOption); + TC_CONFIG_SET (EMVSupportEnabled); TC_CONFIG_SET (DisableKernelEncryptionModeWarning); TC_CONFIG_SET (DismountOnInactivity); TC_CONFIG_SET (DismountOnLogOff); @@ -198,7 +198,7 @@ namespace VeraCrypt TC_CONFIG_ADD (CloseBackgroundTaskOnNoVolumes); TC_CONFIG_ADD (CloseExplorerWindowsOnDismount); TC_CONFIG_ADD (CloseSecurityTokenSessionsAfterMount); - TC_CONFIG_ADD (ActivateEMVOption); + TC_CONFIG_ADD (EMVSupportEnabled); TC_CONFIG_ADD (DisableKernelEncryptionModeWarning); TC_CONFIG_ADD (DismountOnInactivity); TC_CONFIG_ADD (DismountOnLogOff); diff --git a/src/Main/UserPreferences.h b/src/Main/UserPreferences.h index bc9cc0c7..6d53fb5f 100644 --- a/src/Main/UserPreferences.h +++ b/src/Main/UserPreferences.h @@ -31,7 +31,7 @@ namespace VeraCrypt CloseBackgroundTaskOnNoVolumes (true), CloseExplorerWindowsOnDismount (true), CloseSecurityTokenSessionsAfterMount (false), - ActivateEMVOption (false), + EMVSupportEnabled (false), DisableKernelEncryptionModeWarning (false), DismountOnInactivity (false), DismountOnLogOff (true), @@ -73,7 +73,7 @@ namespace VeraCrypt bool CloseBackgroundTaskOnNoVolumes; bool CloseExplorerWindowsOnDismount; bool CloseSecurityTokenSessionsAfterMount; - bool ActivateEMVOption; + bool EMVSupportEnabled; bool DisableKernelEncryptionModeWarning; bool DismountOnInactivity; bool DismountOnLogOff; -- cgit v1.2.3