From a7d5b6a4774c92736c89e8d6122b13c75c8d17c8 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sun, 3 Nov 2019 22:54:23 +0100 Subject: Linux/MacOSX: Add switch to force the use of legacy maximum password length (64 UTF8 bytes) The switch is --legacy-password-maxlength --- src/Main/CommandLineInterface.cpp | 26 +++++++++++++++++--------- src/Main/CommandLineInterface.h | 5 +++-- src/Main/Forms/VolumePasswordPanel.cpp | 14 ++++++++------ src/Main/Forms/WaitDialog.cpp | 1 + src/Main/TextUserInterface.cpp | 4 ++-- src/Main/UserInterface.cpp | 5 ++++- 6 files changed, 35 insertions(+), 20 deletions(-) (limited to 'src/Main') diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp index 171bd165..0360921b 100644 --- a/src/Main/CommandLineInterface.cpp +++ b/src/Main/CommandLineInterface.cpp @@ -31,6 +31,7 @@ namespace VeraCrypt ArgVolumeType (VolumeType::Unknown), ArgTrueCryptMode (false), ArgDisableFileSizeCheck (false), + ArgUseLegacyPassword (false), StartBackgroundTask (false) { wxCmdLineParser parser; @@ -98,6 +99,7 @@ namespace VeraCrypt parser.AddParam ( _("Volume path"), wxCMD_LINE_VAL_STRING, wxCMD_LINE_PARAM_OPTIONAL); parser.AddParam ( _("Mount point"), wxCMD_LINE_VAL_STRING, wxCMD_LINE_PARAM_OPTIONAL); parser.AddSwitch (L"", L"no-size-check", _("Disable check of container size against disk free space.")); + parser.AddSwitch (L"", L"legacy-password-maxlength", _("Use legacy maximum password length (64 UTF-8 bytes)")); wxString str; bool param1IsVolume = false; @@ -336,6 +338,7 @@ namespace VeraCrypt ArgTrueCryptMode = parser.Found (L"truecrypt"); ArgDisableFileSizeCheck = parser.Found (L"no-size-check"); + ArgUseLegacyPassword = parser.Found (L"legacy-password-maxlength") || ArgTrueCryptMode; #if !defined(TC_WINDOWS) && !defined(TC_MACOSX) if (parser.Found (L"fs-options", &str)) @@ -407,7 +410,7 @@ namespace VeraCrypt ArgNewKeyfiles = ToKeyfileList (str); if (parser.Found (L"new-password", &str)) - ArgNewPassword = ToUTF8Password (str.c_str()); + ArgNewPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize); if (parser.Found (L"new-pim", &str)) { @@ -446,7 +449,7 @@ namespace VeraCrypt { if (Preferences.UseStandardInput) throw_err (L"--password cannot be used with --stdin"); - ArgPassword = ToUTF8Password (str.c_str()); + ArgPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize); } if (parser.Found (L"pim", &str)) @@ -487,7 +490,7 @@ namespace VeraCrypt if (parser.Found (L"protection-password", &str)) { - ArgMountOptions.ProtectionPassword = ToUTF8Password (str.c_str()); + ArgMountOptions.ProtectionPassword = ToUTF8Password (str.c_str(), -1, ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize); ArgMountOptions.Protection = VolumeProtection::HiddenVolumeReadOnly; } @@ -601,7 +604,7 @@ namespace VeraCrypt if (parser.Found (L"token-pin", &str) && !str.IsEmpty ()) { - ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len ()); + ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len (), ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize); } if (parser.Found (L"verbose")) @@ -776,18 +779,18 @@ namespace VeraCrypt return filteredVolumes; } - shared_ptr ToUTF8Password (const wchar_t* str, size_t charCount) + shared_ptr ToUTF8Password (const wchar_t* str, size_t charCount, size_t maxUtf8Len) { if (charCount > 0) { - shared_ptr utf8Buffer = ToUTF8Buffer (str, charCount); + shared_ptr utf8Buffer = ToUTF8Buffer (str, charCount, maxUtf8Len); return shared_ptr(new VolumePassword (*utf8Buffer)); } else return shared_ptr(new VolumePassword ()); } - shared_ptr ToUTF8Buffer (const wchar_t* str, size_t charCount) + shared_ptr ToUTF8Buffer (const wchar_t* str, size_t charCount, size_t maxUtf8Len) { if (charCount == (size_t) -1) charCount = wcslen (str); @@ -802,8 +805,13 @@ namespace VeraCrypt ulen = utf8.FromWChar ((char*) (byte*) passwordBuf, ulen, str, charCount); if (wxCONV_FAILED == ulen) throw PasswordUTF8Invalid (SRC_POS); - if (ulen > VolumePassword::MaxSize) - throw PasswordUTF8TooLong (SRC_POS); + if (ulen > maxUtf8Len) + { + if (maxUtf8Len == VolumePassword::MaxLegacySize) + throw PasswordLegacyUTF8TooLong (SRC_POS); + else + throw PasswordUTF8TooLong (SRC_POS); + } ConstBufferPtr utf8Buffer ((byte*) passwordBuf, ulen); return shared_ptr(new SecureBuffer (utf8Buffer)); diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h index 9fd67a27..ef4836e6 100644 --- a/src/Main/CommandLineInterface.h +++ b/src/Main/CommandLineInterface.h @@ -84,6 +84,7 @@ namespace VeraCrypt bool ArgTrueCryptMode; shared_ptr ArgTokenPin; bool ArgDisableFileSizeCheck; + bool ArgUseLegacyPassword; bool StartBackgroundTask; UserPreferences Preferences; @@ -98,8 +99,8 @@ namespace VeraCrypt CommandLineInterface &operator= (const CommandLineInterface &); }; - shared_ptr ToUTF8Password (const wchar_t* str, size_t charCount = (size_t) -1); - shared_ptr ToUTF8Buffer (const wchar_t* str, size_t charCount = (size_t) -1); + shared_ptr ToUTF8Password (const wchar_t* str, size_t charCount, size_t maxUtf8Len); + shared_ptr ToUTF8Buffer (const wchar_t* str, size_t charCount, size_t maxUtf8Len); extern auto_ptr CmdLine; } diff --git a/src/Main/Forms/VolumePasswordPanel.cpp b/src/Main/Forms/VolumePasswordPanel.cpp index 8d5e8bc5..ac30075e 100644 --- a/src/Main/Forms/VolumePasswordPanel.cpp +++ b/src/Main/Forms/VolumePasswordPanel.cpp @@ -21,6 +21,7 @@ namespace VeraCrypt VolumePasswordPanel::VolumePasswordPanel (wxWindow* parent, MountOptions* options, shared_ptr password, bool disableTruecryptMode, shared_ptr keyfiles, bool enableCache, bool enablePassword, bool enableKeyfiles, bool enableConfirmation, bool enablePkcs5Prf, bool isMountPassword, const wxString &passwordLabel) : VolumePasswordPanelBase (parent), Keyfiles (new KeyfileList), EnablePimEntry (true) { + size_t maxPasswordLength = CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize; if (keyfiles) { *Keyfiles = *keyfiles; @@ -32,8 +33,8 @@ namespace VeraCrypt UseKeyfilesCheckBox->SetValue (Gui->GetPreferences().UseKeyfiles && !Keyfiles->empty()); } - PasswordTextCtrl->SetMaxLength (VolumePassword::MaxSize); - ConfirmPasswordTextCtrl->SetMaxLength (VolumePassword::MaxSize); + PasswordTextCtrl->SetMaxLength (maxPasswordLength); + ConfirmPasswordTextCtrl->SetMaxLength (maxPasswordLength); if (!passwordLabel.empty()) { @@ -195,9 +196,10 @@ namespace VeraCrypt FreezeScope freeze (this); bool isPim = (*textCtrl == VolumePimTextCtrl); int colspan = isPim? 1 : 2; + size_t maxPasswordLength = CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize; wxTextCtrl *newTextCtrl = new wxTextCtrl (this, wxID_ANY, wxEmptyString, wxDefaultPosition, wxDefaultSize, display ? 0 : wxTE_PASSWORD); - newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : VolumePassword::MaxSize); + newTextCtrl->SetMaxLength (isPim? MAX_PIM_DIGITS : maxPasswordLength); newTextCtrl->SetValue ((*textCtrl)->GetValue()); newTextCtrl->SetMinSize ((*textCtrl)->GetSize()); @@ -226,12 +228,12 @@ namespace VeraCrypt { shared_ptr password; wchar_t passwordBuf[VolumePassword::MaxSize + 1]; - size_t maxPasswordLength = bLegacyPassword? VolumePassword::MaxLegacySize: VolumePassword::MaxSize; + size_t maxPasswordLength = (bLegacyPassword || CmdLine->ArgUseLegacyPassword)? VolumePassword::MaxLegacySize: VolumePassword::MaxSize; finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); }); #ifdef TC_WINDOWS int len = GetWindowText (static_cast (textCtrl->GetHandle()), passwordBuf, VolumePassword::MaxSize + 1); - password = ToUTF8Password (passwordBuf, len); + password = ToUTF8Password (passwordBuf, len, maxPasswordLength); #else wxString passwordStr (textCtrl->GetValue()); // A copy of the password is created here by wxWidgets, which cannot be erased for (size_t i = 0; i < passwordStr.size() && i < maxPasswordLength; ++i) @@ -239,7 +241,7 @@ namespace VeraCrypt passwordBuf[i] = (wchar_t) passwordStr[i]; passwordStr[i] = L'X'; } - password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength); + password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength, maxPasswordLength); #endif return password; } diff --git a/src/Main/Forms/WaitDialog.cpp b/src/Main/Forms/WaitDialog.cpp index d3372db0..32555d3b 100644 --- a/src/Main/Forms/WaitDialog.cpp +++ b/src/Main/Forms/WaitDialog.cpp @@ -38,6 +38,7 @@ namespace VeraCrypt VC_CONVERT_EXCEPTION (PasswordEmpty); VC_CONVERT_EXCEPTION (PasswordTooLong); VC_CONVERT_EXCEPTION (PasswordUTF8TooLong); + VC_CONVERT_EXCEPTION (PasswordLegacyUTF8TooLong); VC_CONVERT_EXCEPTION (PasswordUTF8Invalid); VC_CONVERT_EXCEPTION (UnportablePassword); VC_CONVERT_EXCEPTION (ElevationFailed); diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp index 1e007fc7..69d45af4 100644 --- a/src/Main/TextUserInterface.cpp +++ b/src/Main/TextUserInterface.cpp @@ -125,7 +125,7 @@ namespace VeraCrypt if (verify && verPhase) { - shared_ptr verPassword = ToUTF8Password (passwordBuf, length); + shared_ptr verPassword = ToUTF8Password (passwordBuf, length, CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize); if (*password != *verPassword) { @@ -136,7 +136,7 @@ namespace VeraCrypt } } - password = ToUTF8Password (passwordBuf, length); + password = ToUTF8Password (passwordBuf, length, CmdLine->ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize); if (!verPhase) { diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp index ebad35da..7c29bbe0 100644 --- a/src/Main/UserInterface.cpp +++ b/src/Main/UserInterface.cpp @@ -464,6 +464,7 @@ namespace VeraCrypt EX2MSG (PasswordOrMountOptionsIncorrect, LangString["PASSWORD_OR_KEYFILE_OR_MODE_WRONG"] + _("\n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'Options >' > 'Mount partition using system encryption'.")); EX2MSG (PasswordTooLong, StringFormatter (_("Password is longer than {0} characters."), (int) VolumePassword::MaxSize)); EX2MSG (PasswordUTF8TooLong, LangString["PASSWORD_UTF8_TOO_LONG"]); + EX2MSG (PasswordLegacyUTF8TooLong, LangString["LEGACY_PASSWORD_UTF8_TOO_LONG"]); EX2MSG (PasswordUTF8Invalid, LangString["PASSWORD_UTF8_INVALID"]); EX2MSG (PartitionDeviceRequired, _("Partition device required.")); EX2MSG (ProtectionPasswordIncorrect, _("Incorrect password to the protected hidden volume or the hidden volume does not exist.")); @@ -908,7 +909,8 @@ namespace VeraCrypt wstring pwdInput; getline(wcin, pwdInput); - cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size ()); + size_t maxUtf8Len = cmdLine.ArgUseLegacyPassword? VolumePassword::MaxLegacySize : VolumePassword::MaxSize; + cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size (), maxUtf8Len); } switch (cmdLine.ArgCommand) @@ -1575,6 +1577,7 @@ namespace VeraCrypt VC_CONVERT_EXCEPTION (PasswordEmpty); VC_CONVERT_EXCEPTION (PasswordTooLong); VC_CONVERT_EXCEPTION (PasswordUTF8TooLong); + VC_CONVERT_EXCEPTION (PasswordLegacyUTF8TooLong); VC_CONVERT_EXCEPTION (PasswordUTF8Invalid); VC_CONVERT_EXCEPTION (UnportablePassword); VC_CONVERT_EXCEPTION (ElevationFailed); -- cgit v1.2.3