From ece26c74815c431b0c489a24292e7834181463a7 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Wed, 23 Mar 2016 00:14:07 +0100 Subject: Windows: Implement passing smart card PIN as command line argument (/tokenpin switch) when explicitly mounting a volume. --- src/Mount/Mount.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) (limited to 'src/Mount/Mount.c') diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 6bb02d79..fbf631f8 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -129,6 +129,7 @@ int nSelectedDriveIndex = -1; /* Item number of selected drive */ int cmdUnmountDrive = -2; /* Volume drive letter to unmount (-1 = all) */ Password VolumePassword; /* Password used for mounting volumes */ Password CmdVolumePassword; /* Password passed from command line */ +char CmdTokenPin [SecurityToken::MaxPasswordLength + 1] = {0}; int VolumePkcs5 = 0; int CmdVolumePkcs5 = 0; int VolumePim = -1; @@ -237,6 +238,7 @@ static void localcleanup (void) burn (&mountOptions, sizeof (mountOptions)); burn (&defaultMountOptions, sizeof (defaultMountOptions)); burn (szFileName, sizeof(szFileName)); + burn (&CmdTokenPin, sizeof (CmdTokenPin)); /* Cleanup common code resources */ cleanup (); @@ -6334,7 +6336,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa BOOL reportBadPasswd = CmdVolumePassword.Length > 0; if (FirstCmdKeyFile) - KeyFilesApply (hwndDlg, &CmdVolumePassword, FirstCmdKeyFile, szFileName); + KeyFilesApplyWithPin (hwndDlg, &CmdVolumePassword, CmdTokenPin, FirstCmdKeyFile, szFileName); mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &CmdVolumePassword, EffectiveVolumePkcs5, CmdVolumePim, EffectiveVolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, @@ -6379,7 +6381,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa WaitCursor (); if (KeyFilesEnable && FirstKeyFile) - KeyFilesApply (hwndDlg, &VolumePassword, FirstKeyFile, szFileName); + KeyFilesApplyWithPin (hwndDlg, &VolumePassword, CmdTokenPin, FirstKeyFile, szFileName); mounted = MountVolume (hwndDlg, szDriveLetter[0] - L'A', szFileName, &VolumePassword, VolumePkcs5, VolumePim, VolumeTrueCryptMode, bCacheInDriver, bIncludePimInCache, bForceMount, &mountOptions, FALSE, TRUE); @@ -8136,6 +8138,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) OptionQuit, OptionSilent, OptionTokenLib, + OptionTokenPin, OptionVolume, CommandWipeCache, OptionPkcs5, @@ -8163,6 +8166,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) { OptionQuit, L"/quit", L"/q", FALSE }, { OptionSilent, L"/silent", L"/s", FALSE }, { OptionTokenLib, L"/tokenlib", NULL, FALSE }, + { OptionTokenPin, L"/tokenpin", NULL, FALSE }, { OptionTrueCryptMode, L"/truecrypt", L"/tc", FALSE }, { OptionVolume, L"/volume", L"/v", FALSE }, { CommandWipeCache, L"/wipecache", L"/w", FALSE }, @@ -8449,6 +8453,20 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) break; + case OptionTokenPin: + { + wchar_t szTmp[SecurityToken::MaxPasswordLength + 1] = {0}; + if (GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, szTmp, ARRAYSIZE (szTmp)) == HAS_ARGUMENT) + { + if (0 == WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, CmdTokenPin, array_capacity (CmdTokenPin), nullptr, nullptr)) + AbortProcess ("COMMAND_LINE_ERROR"); + } + else + AbortProcess ("COMMAND_LINE_ERROR"); + } + + break; + case CommandWipeCache: bWipe = TRUE; break; @@ -8667,6 +8685,7 @@ int WINAPI wWinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, wchar_t *lpsz VirtualLock (&mountOptions, sizeof (mountOptions)); VirtualLock (&defaultMountOptions, sizeof (defaultMountOptions)); VirtualLock (&szFileName, sizeof(szFileName)); + VirtualLock (&CmdTokenPin, sizeof (CmdTokenPin)); DetectX86Features (); -- cgit v1.2.3