mirror of
https://github.com/veracrypt/VeraCrypt.git
synced 2025-11-12 11:28:26 -06:00
EMV keyfile support: Overall code improvements and bug fixes
This commit is contained in:
Mounir IDRASSI
@@ -56,7 +56,7 @@ namespace VeraCrypt
|
||||
parser.AddSwitch (L"", L"display-password", _("Display password while typing"));
|
||||
parser.AddOption (L"", L"encryption", _("Encryption algorithm"));
|
||||
parser.AddSwitch (L"", L"explore", _("Open explorer window for mounted volume"));
|
||||
parser.AddSwitch (L"", L"export-token-keyfile",_("Export keyfile from security token"));
|
||||
parser.AddSwitch (L"", L"export-token-keyfile",_("Export keyfile from token"));
|
||||
parser.AddOption (L"", L"filesystem", _("Filesystem type"));
|
||||
parser.AddSwitch (L"f", L"force", _("Force mount/dismount/overwrite"));
|
||||
#if !defined(TC_WINDOWS) && !defined(TC_MACOSX)
|
||||
@@ -67,9 +67,9 @@ namespace VeraCrypt
|
||||
parser.AddSwitch (L"", L"import-token-keyfiles", _("Import keyfiles to security token"));
|
||||
parser.AddOption (L"k", L"keyfiles", _("Keyfiles"));
|
||||
parser.AddSwitch (L"l", L"list", _("List mounted volumes"));
|
||||
parser.AddSwitch (L"", L"list-token-keyfiles", _("List token keyfiles"));
|
||||
parser.AddSwitch (L"", L"list-token-keyfiles", _("List token keyfiles"));
|
||||
parser.AddSwitch (L"", L"list-securitytoken-keyfiles", _("List security token keyfiles"));
|
||||
parser.AddSwitch (L"", L"list-emvtoken-keyfiles", _("List emv token keyfiles"));
|
||||
parser.AddSwitch (L"", L"list-emvtoken-keyfiles", _("List EMV token keyfiles"));
|
||||
parser.AddSwitch (L"", L"load-preferences", _("Load user preferences"));
|
||||
parser.AddSwitch (L"", L"mount", _("Mount volume interactively"));
|
||||
parser.AddOption (L"m", L"mount-options", _("VeraCrypt volume mount options"));
|
||||
@@ -221,13 +221,13 @@ namespace VeraCrypt
|
||||
if (parser.Found (L"export-token-keyfile"))
|
||||
{
|
||||
CheckCommandSingle();
|
||||
ArgCommand = CommandId::ExportSecurityTokenKeyfile;
|
||||
ArgCommand = CommandId::ExportTokenKeyfile;
|
||||
}
|
||||
|
||||
if (parser.Found (L"import-token-keyfiles"))
|
||||
{
|
||||
CheckCommandSingle();
|
||||
ArgCommand = CommandId::ImportSecurityTokenKeyfiles;
|
||||
ArgCommand = CommandId::ImportTokenKeyfiles;
|
||||
}
|
||||
|
||||
if (parser.Found (L"list"))
|
||||
|
||||
@@ -39,9 +39,9 @@ namespace VeraCrypt
|
||||
DismountVolumes,
|
||||
DisplayVersion,
|
||||
DisplayVolumeProperties,
|
||||
ExportSecurityTokenKeyfile,
|
||||
ExportTokenKeyfile,
|
||||
Help,
|
||||
ImportSecurityTokenKeyfiles,
|
||||
ImportTokenKeyfiles,
|
||||
ListTokenKeyfiles,
|
||||
ListSecurityTokenKeyfiles,
|
||||
ListEMVTokenKeyfiles,
|
||||
|
||||
@@ -204,7 +204,7 @@ namespace VeraCrypt
|
||||
wxBusyCursor busy;
|
||||
ChangePasswordThreadRoutine routine(Path, Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps,
|
||||
CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), CurrentPasswordPanel->GetTrueCryptMode(),CurrentPasswordPanel->GetKeyfiles(),
|
||||
newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().ActivateEMVOption);
|
||||
newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled);
|
||||
Gui->ExecuteWaitThreadRoutine (this, &routine);
|
||||
}
|
||||
|
||||
|
||||
@@ -2208,13 +2208,13 @@ PreferencesDialogBase::PreferencesDialogBase( wxWindow* parent, wxWindowID id, c
|
||||
|
||||
bSizer128->Add( sbSizer37, 0, wxEXPAND|wxALL, 5 );
|
||||
|
||||
wxStaticBoxSizer* sbSizer38;
|
||||
sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("IDT_EMV_OPTIONS") ), wxVERTICAL );
|
||||
wxStaticBoxSizer* sbSizer38;
|
||||
sbSizer38 = new wxStaticBoxSizer( new wxStaticBox( SecurityTokensPage, wxID_ANY, _("IDT_EMV_OPTIONS") ), wxVERTICAL );
|
||||
|
||||
ActivateEMVOptionCheckBox = new wxCheckBox( sbSizer38->GetStaticBox(), wxID_ANY, _("IDC_ACTIVATE_EMV_OPTION"), wxDefaultPosition, wxDefaultSize, 0 );
|
||||
sbSizer38->Add( ActivateEMVOptionCheckBox, 0, wxALL, 5 );
|
||||
EMVSupportEnabledCheckBox = new wxCheckBox( sbSizer38->GetStaticBox(), wxID_ANY, _("IDC_ENABLE_EMV_SUPPORT"), wxDefaultPosition, wxDefaultSize, 0 );
|
||||
sbSizer38->Add( EMVSupportEnabledCheckBox, 0, wxALL, 5 );
|
||||
|
||||
bSizer128->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 );
|
||||
bSizer128->Add( sbSizer38, 0, wxEXPAND|wxALL, 5 );
|
||||
|
||||
bSizer127->Add( bSizer128, 1, wxEXPAND|wxALL, 5 );
|
||||
|
||||
|
||||
@@ -593,7 +593,7 @@ namespace VeraCrypt
|
||||
wxTextCtrl* Pkcs11ModulePathTextCtrl;
|
||||
wxButton* SelectPkcs11ModuleButton;
|
||||
wxCheckBox* CloseSecurityTokenSessionsAfterMountCheckBox;
|
||||
wxCheckBox* ActivateEMVOptionCheckBox;
|
||||
wxCheckBox* EMVSupportEnabledCheckBox;
|
||||
wxListCtrl* HotkeyListCtrl;
|
||||
wxTextCtrl* HotkeyTextCtrl;
|
||||
wxButton* AssignHotkeyButton;
|
||||
|
||||
@@ -683,7 +683,7 @@ namespace VeraCrypt
|
||||
{
|
||||
mountOptions.Pim = CmdLine->ArgPim;
|
||||
}
|
||||
mountOptions.EMVOption = GetPreferences().ActivateEMVOption;
|
||||
mountOptions.EMVSupportEnabled = GetPreferences().EMVSupportEnabled;
|
||||
Gui->MountAllFavoriteVolumes (mountOptions);
|
||||
}
|
||||
catch (exception &e)
|
||||
@@ -718,7 +718,7 @@ namespace VeraCrypt
|
||||
{
|
||||
mountOptions.Pim = CmdLine->ArgPim;
|
||||
}
|
||||
mountOptions.EMVOption = GetPreferences().ActivateEMVOption;
|
||||
mountOptions.EMVSupportEnabled = GetPreferences().EMVSupportEnabled;
|
||||
|
||||
try
|
||||
{
|
||||
|
||||
@@ -193,7 +193,7 @@ namespace VeraCrypt
|
||||
Options.MountPoint = make_shared <DirectoryPath> (mountPoint);
|
||||
|
||||
Options.FilesystemOptions = FilesystemOptionsTextCtrl->GetValue();
|
||||
Options.EMVOption = Gui->GetPreferences().ActivateEMVOption;
|
||||
Options.EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled;
|
||||
|
||||
EndModal (wxID_OK);
|
||||
}
|
||||
|
||||
@@ -96,7 +96,7 @@ namespace VeraCrypt
|
||||
// Security tokens
|
||||
Pkcs11ModulePathTextCtrl->SetValue (wstring (Preferences.SecurityTokenModule));
|
||||
TC_CHECK_BOX_VALIDATOR (CloseSecurityTokenSessionsAfterMount);
|
||||
TC_CHECK_BOX_VALIDATOR (ActivateEMVOption);
|
||||
TC_CHECK_BOX_VALIDATOR (EMVSupportEnabled);
|
||||
|
||||
// System integration
|
||||
TC_CHECK_BOX_VALIDATOR (StartOnLogon);
|
||||
|
||||
@@ -53,7 +53,7 @@ namespace VeraCrypt
|
||||
wxBusyCursor busy;
|
||||
|
||||
SecurityTokenKeyfileListCtrl->DeleteAllItems();
|
||||
SecurityTokenKeyfileList = Token::GetAvailableKeyfiles(Gui->GetPreferences().ActivateEMVOption);
|
||||
SecurityTokenKeyfileList = Token::GetAvailableKeyfiles(Gui->GetPreferences().EMVSupportEnabled);
|
||||
|
||||
size_t i = 0;
|
||||
foreach (const shared_ptr<TokenKeyfile> key, SecurityTokenKeyfileList)
|
||||
@@ -177,34 +177,38 @@ namespace VeraCrypt
|
||||
}
|
||||
}
|
||||
|
||||
void SecurityTokenKeyfilesDialog::OnListItemSelected(wxListEvent &event) {
|
||||
if (event.GetItem().GetData() != (wxUIntPtr) nullptr) {
|
||||
BOOL deletable = true;
|
||||
foreach(long
|
||||
item, Gui->GetListCtrlSelectedItems(SecurityTokenKeyfileListCtrl))
|
||||
{
|
||||
TokenKeyfile *keyfile = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(
|
||||
item));
|
||||
if (!keyfile->Token->isEditable()) {
|
||||
deletable = false;
|
||||
}
|
||||
}
|
||||
if (deletable) {
|
||||
DeleteButton->Enable();
|
||||
}
|
||||
ExportButton->Enable();
|
||||
OKButton->Enable();
|
||||
}
|
||||
}
|
||||
void SecurityTokenKeyfilesDialog::OnListItemSelected(wxListEvent &event)
|
||||
{
|
||||
if (event.GetItem().GetData() != (wxUIntPtr) nullptr)
|
||||
{
|
||||
BOOL deletable = true;
|
||||
foreach(long
|
||||
item, Gui->GetListCtrlSelectedItems(SecurityTokenKeyfileListCtrl))
|
||||
{
|
||||
TokenKeyfile *keyfile = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(item));
|
||||
if (!keyfile->Token->isEditable())
|
||||
{
|
||||
deletable = false;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (deletable)
|
||||
{
|
||||
DeleteButton->Enable();
|
||||
}
|
||||
ExportButton->Enable();
|
||||
OKButton->Enable();
|
||||
}
|
||||
}
|
||||
|
||||
void SecurityTokenKeyfilesDialog::OnOKButtonClick ()
|
||||
{
|
||||
foreach (long item, Gui->GetListCtrlSelectedItems (SecurityTokenKeyfileListCtrl))
|
||||
{
|
||||
TokenKeyfile *key = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(item));
|
||||
{
|
||||
TokenKeyfile *key = reinterpret_cast <TokenKeyfile *> (SecurityTokenKeyfileListCtrl->GetItemData(item));
|
||||
|
||||
SelectedSecurityTokenKeyfilePaths.push_back(*key);
|
||||
}
|
||||
SelectedSecurityTokenKeyfilePaths.push_back(*key);
|
||||
}
|
||||
EndModal (wxID_OK);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -795,7 +795,7 @@ namespace VeraCrypt
|
||||
shared_ptr <VolumePassword> hiddenPassword;
|
||||
try
|
||||
{
|
||||
hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption);
|
||||
hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled);
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
@@ -846,7 +846,7 @@ namespace VeraCrypt
|
||||
shared_ptr <VolumePassword> hiddenPassword;
|
||||
try
|
||||
{
|
||||
hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption);
|
||||
hiddenPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled);
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
@@ -1032,7 +1032,7 @@ namespace VeraCrypt
|
||||
options->Size = VolumeSize;
|
||||
options->Type = OuterVolume ? VolumeType::Normal : SelectedVolumeType;
|
||||
options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*SelectedHash, false);
|
||||
options->EMVOption = Gui->GetPreferences().ActivateEMVOption;
|
||||
options->EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled;
|
||||
|
||||
|
||||
Creator.reset (new VolumeCreator);
|
||||
@@ -1162,7 +1162,7 @@ namespace VeraCrypt
|
||||
// remember Outer password and keyfiles in order to be able to compare it with those of Hidden volume
|
||||
try
|
||||
{
|
||||
OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().ActivateEMVOption);
|
||||
OuterPassword = Keyfile::ApplyListToPassword (Keyfiles, Password, Gui->GetPreferences().EMVSupportEnabled);
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
|
||||
@@ -9,8 +9,8 @@
|
||||
#include "System.h"
|
||||
#include "Volume/EncryptionModeXTS.h"
|
||||
#include "Main/GraphicUserInterface.h"
|
||||
#include "Common/PCSCException.h"
|
||||
#include "Common/SecurityToken.h"
|
||||
#include "Common/IccDataExtractor.h"
|
||||
#include "WaitDialog.h"
|
||||
|
||||
namespace VeraCrypt
|
||||
@@ -103,12 +103,18 @@ namespace VeraCrypt
|
||||
VC_CONVERT_EXCEPTION (VolumeException);
|
||||
VC_CONVERT_EXCEPTION (PasswordException);
|
||||
|
||||
VC_CONVERT_EXCEPTION (PCSCException);
|
||||
VC_CONVERT_EXCEPTION (WinscardLibraryNotInitialized);
|
||||
VC_CONVERT_EXCEPTION (InvalidEMVPath);
|
||||
VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVPANNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVUnknownCardType);
|
||||
VC_CONVERT_EXCEPTION (PCSCException);
|
||||
VC_CONVERT_EXCEPTION (CommandAPDUNotValid);
|
||||
VC_CONVERT_EXCEPTION (ExtendedAPDUNotSupported);
|
||||
VC_CONVERT_EXCEPTION (ScardLibraryInitializationFailed);
|
||||
VC_CONVERT_EXCEPTION (EMVUnknownCardType);
|
||||
VC_CONVERT_EXCEPTION (EMVSelectAIDFailed);
|
||||
VC_CONVERT_EXCEPTION (EMVIccCertNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVIssuerCertNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVCPLCNotFound);
|
||||
VC_CONVERT_EXCEPTION (InvalidEMVPath);
|
||||
VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVPANNotFound);
|
||||
|
||||
throw *ex;
|
||||
}
|
||||
|
||||
@@ -193,7 +193,7 @@ namespace VeraCrypt
|
||||
options->Kdf,
|
||||
false,
|
||||
options->Keyfiles,
|
||||
options->EMVOption,
|
||||
options->EMVSupportEnabled,
|
||||
options->Protection,
|
||||
options->ProtectionPassword,
|
||||
options->ProtectionPim,
|
||||
@@ -222,7 +222,7 @@ namespace VeraCrypt
|
||||
options->Kdf,
|
||||
false,
|
||||
options->Keyfiles,
|
||||
options->EMVOption,
|
||||
options->EMVSupportEnabled,
|
||||
options->Protection,
|
||||
options->ProtectionPassword,
|
||||
options->ProtectionPim,
|
||||
@@ -317,7 +317,7 @@ namespace VeraCrypt
|
||||
|
||||
// Re-encrypt volume header
|
||||
SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize());
|
||||
ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVOption);
|
||||
ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled);
|
||||
|
||||
ExecuteWaitThreadRoutine (parent, &routine);
|
||||
|
||||
@@ -326,7 +326,7 @@ namespace VeraCrypt
|
||||
if (hiddenVolume)
|
||||
{
|
||||
// Re-encrypt hidden volume header
|
||||
ReEncryptHeaderThreadRoutine hiddenRoutine(newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVOption);
|
||||
ReEncryptHeaderThreadRoutine hiddenRoutine(newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled);
|
||||
|
||||
ExecuteWaitThreadRoutine (parent, &hiddenRoutine);
|
||||
}
|
||||
@@ -1468,7 +1468,7 @@ namespace VeraCrypt
|
||||
options.Kdf,
|
||||
options.TrueCryptMode,
|
||||
options.Keyfiles,
|
||||
options.EMVOption,
|
||||
options.EMVSupportEnabled,
|
||||
options.Protection,
|
||||
options.ProtectionPassword,
|
||||
options.ProtectionPim,
|
||||
@@ -1501,7 +1501,7 @@ namespace VeraCrypt
|
||||
// Re-encrypt volume header
|
||||
wxBusyCursor busy;
|
||||
SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize());
|
||||
ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption);
|
||||
ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
|
||||
|
||||
ExecuteWaitThreadRoutine (parent, &routine);
|
||||
|
||||
@@ -1582,7 +1582,7 @@ namespace VeraCrypt
|
||||
backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0);
|
||||
|
||||
// Decrypt header
|
||||
shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVOption);
|
||||
shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled);
|
||||
Pkcs5KdfList keyDerivationFunctions = layout->GetSupportedKeyDerivationFunctions(options.TrueCryptMode);
|
||||
EncryptionAlgorithmList encryptionAlgorithms = layout->GetSupportedEncryptionAlgorithms();
|
||||
EncryptionModeList encryptionModes = layout->GetSupportedEncryptionModes();
|
||||
@@ -1616,7 +1616,7 @@ namespace VeraCrypt
|
||||
// Re-encrypt volume header
|
||||
wxBusyCursor busy;
|
||||
SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize());
|
||||
ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption);
|
||||
ReEncryptHeaderThreadRoutine routine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
|
||||
|
||||
ExecuteWaitThreadRoutine (parent, &routine);
|
||||
|
||||
@@ -1632,7 +1632,7 @@ namespace VeraCrypt
|
||||
if (decryptedLayout->HasBackupHeader())
|
||||
{
|
||||
// Re-encrypt backup volume header
|
||||
ReEncryptHeaderThreadRoutine backupRoutine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVOption);
|
||||
ReEncryptHeaderThreadRoutine backupRoutine(newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
|
||||
|
||||
ExecuteWaitThreadRoutine (parent, &backupRoutine);
|
||||
|
||||
|
||||
@@ -46,7 +46,7 @@ namespace VeraCrypt
|
||||
virtual void DoShowWarning (const wxString &message) const;
|
||||
virtual void EndBusyState () const { wxEndBusyCursor(); }
|
||||
virtual void EndInteractiveBusyState (wxWindow *window) const;
|
||||
virtual void ExportSecurityTokenKeyfile () const { ThrowTextModeRequired(); }
|
||||
virtual void ExportTokenKeyfile () const { ThrowTextModeRequired(); }
|
||||
virtual wxTopLevelWindow *GetActiveWindow () const;
|
||||
virtual shared_ptr <GetStringFunctor> GetAdminPasswordRequestHandler ();
|
||||
virtual int GetCharHeight (wxWindow *window) const;
|
||||
@@ -58,7 +58,7 @@ namespace VeraCrypt
|
||||
virtual int GetScrollbarWidth (wxWindow *window, bool noScrollBar = false) const;
|
||||
virtual list <long> GetListCtrlSelectedItems (wxListCtrl *listCtrl) const;
|
||||
virtual wxString GetListCtrlSubItemText (wxListCtrl *listCtrl, long itemIndex, int columnIndex) const;
|
||||
virtual void ImportSecurityTokenKeyfiles () const { ThrowTextModeRequired(); }
|
||||
virtual void ImportTokenKeyfiles () const { ThrowTextModeRequired(); }
|
||||
virtual void InitSecurityTokenLibrary () const;
|
||||
virtual void InsertToListCtrl (wxListCtrl *listCtrl, long itemIndex, const vector <wstring> &itemFields, int imageIndex = -1, void *itemDataPtr = nullptr) const;
|
||||
virtual bool IsInBackgroundMode () const { return BackgroundMode; }
|
||||
|
||||
@@ -289,6 +289,9 @@ namespace VeraCrypt
|
||||
normalVolumeMountOptions.Path = volumePath;
|
||||
hiddenVolumeMountOptions.Path = volumePath;
|
||||
|
||||
normalVolumeMountOptions.EMVSupportEnabled = true;
|
||||
hiddenVolumeMountOptions.EMVSupportEnabled = true;
|
||||
|
||||
VolumeType::Enum volumeType = VolumeType::Normal;
|
||||
|
||||
// Open both types of volumes
|
||||
@@ -314,7 +317,7 @@ namespace VeraCrypt
|
||||
kdf,
|
||||
false,
|
||||
options->Keyfiles,
|
||||
true,
|
||||
options->EMVSupportEnabled,
|
||||
options->Protection,
|
||||
options->ProtectionPassword,
|
||||
options->ProtectionPim,
|
||||
@@ -340,7 +343,7 @@ namespace VeraCrypt
|
||||
kdf,
|
||||
false,
|
||||
options->Keyfiles,
|
||||
true,
|
||||
options->EMVSupportEnabled,
|
||||
options->Protection,
|
||||
options->ProtectionPassword,
|
||||
options->ProtectionPim,
|
||||
@@ -411,14 +414,14 @@ namespace VeraCrypt
|
||||
|
||||
// Re-encrypt volume header
|
||||
SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize());
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, true);
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles, normalVolumeMountOptions.EMVSupportEnabled);
|
||||
|
||||
backupFile.Write (newHeaderBuffer);
|
||||
|
||||
if (hiddenVolume)
|
||||
{
|
||||
// Re-encrypt hidden volume header
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, true);
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles, hiddenVolumeMountOptions.EMVSupportEnabled);
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -915,7 +918,7 @@ namespace VeraCrypt
|
||||
wxLongLong startTime = wxGetLocalTimeMillis();
|
||||
|
||||
VolumeCreator creator;
|
||||
options->EMVOption = true;
|
||||
options->EMVSupportEnabled = true;
|
||||
creator.CreateVolume (options);
|
||||
|
||||
bool volumeCreated = false;
|
||||
@@ -957,6 +960,7 @@ namespace VeraCrypt
|
||||
mountOptions.Password = options->Password;
|
||||
mountOptions.Pim = options->Pim;
|
||||
mountOptions.Keyfiles = options->Keyfiles;
|
||||
mountOptions.EMVSupportEnabled = true;
|
||||
|
||||
shared_ptr <VolumeInfo> volume = Core->MountVolume (mountOptions);
|
||||
finally_do_arg (shared_ptr <VolumeInfo>, volume, { Core->DismountVolume (finally_arg, true); });
|
||||
@@ -1053,9 +1057,9 @@ namespace VeraCrypt
|
||||
wcerr << L"Warning: " << static_cast<wstring> (message) << endl;
|
||||
}
|
||||
|
||||
void TextUserInterface::ExportSecurityTokenKeyfile () const
|
||||
void TextUserInterface::ExportTokenKeyfile () const
|
||||
{
|
||||
wstring keyfilePath = AskString (_("Enter security token keyfile path: "));
|
||||
wstring keyfilePath = AskString (_("Enter token keyfile path: "));
|
||||
|
||||
if (keyfilePath.empty())
|
||||
throw UserAbort (SRC_POS);
|
||||
@@ -1103,7 +1107,7 @@ namespace VeraCrypt
|
||||
return shared_ptr <GetStringFunctor> (new AdminPasswordRequestHandler (this));
|
||||
}
|
||||
|
||||
void TextUserInterface::ImportSecurityTokenKeyfiles () const
|
||||
void TextUserInterface::ImportTokenKeyfiles () const
|
||||
{
|
||||
list <shared_ptr<TokenInfo>> tokens = Token::GetAvailableTokens();
|
||||
|
||||
@@ -1268,6 +1272,8 @@ namespace VeraCrypt
|
||||
if (!options.Keyfiles)
|
||||
options.Keyfiles = AskKeyfiles();
|
||||
|
||||
options.EMVSupportEnabled = true;
|
||||
|
||||
VolumeInfoList mountedVolumes = UserInterface::MountAllDeviceHostedVolumes (options);
|
||||
|
||||
if (!mountedVolumes.empty())
|
||||
@@ -1306,6 +1312,8 @@ namespace VeraCrypt
|
||||
VolumePassword password;
|
||||
KeyfileList keyfiles;
|
||||
|
||||
options.EMVSupportEnabled = true;
|
||||
|
||||
if ((!options.Password || options.Password->IsEmpty())
|
||||
&& (!options.Keyfiles || options.Keyfiles->empty())
|
||||
&& !Core->IsPasswordCacheEmpty())
|
||||
@@ -1526,6 +1534,7 @@ namespace VeraCrypt
|
||||
shared_ptr <Volume> volume;
|
||||
MountOptions options;
|
||||
options.Path = volumePath;
|
||||
options.EMVSupportEnabled = true;
|
||||
|
||||
while (!volume)
|
||||
{
|
||||
@@ -1544,7 +1553,7 @@ namespace VeraCrypt
|
||||
kdf,
|
||||
false,
|
||||
options.Keyfiles,
|
||||
true,
|
||||
options.EMVSupportEnabled,
|
||||
options.Protection,
|
||||
options.ProtectionPassword,
|
||||
options.ProtectionPim,
|
||||
@@ -1572,7 +1581,7 @@ namespace VeraCrypt
|
||||
|
||||
// Re-encrypt volume header
|
||||
SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize());
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, true);
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
|
||||
|
||||
// Write volume header
|
||||
int headerOffset = volume->GetLayout()->GetHeaderOffset();
|
||||
@@ -1622,6 +1631,7 @@ namespace VeraCrypt
|
||||
|
||||
// Open the volume header stored in the backup file
|
||||
MountOptions options;
|
||||
options.EMVSupportEnabled = true;
|
||||
|
||||
shared_ptr <VolumeLayout> decryptedLayout;
|
||||
|
||||
@@ -1649,7 +1659,7 @@ namespace VeraCrypt
|
||||
backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0);
|
||||
|
||||
// Decrypt header
|
||||
shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, true);
|
||||
shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled);
|
||||
if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
|
||||
{
|
||||
decryptedLayout = layout;
|
||||
@@ -1674,7 +1684,7 @@ namespace VeraCrypt
|
||||
|
||||
// Re-encrypt volume header
|
||||
SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize());
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, true);
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
|
||||
|
||||
// Write volume header
|
||||
int headerOffset = decryptedLayout->GetHeaderOffset();
|
||||
@@ -1688,7 +1698,7 @@ namespace VeraCrypt
|
||||
if (decryptedLayout->HasBackupHeader())
|
||||
{
|
||||
// Re-encrypt backup volume header
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, true);
|
||||
Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles, options.EMVSupportEnabled);
|
||||
|
||||
// Write backup volume header
|
||||
headerOffset = decryptedLayout->GetBackupHeaderOffset();
|
||||
|
||||
@@ -44,9 +44,9 @@ namespace VeraCrypt
|
||||
virtual void DoShowString (const wxString &str) const;
|
||||
virtual void DoShowWarning (const wxString &message) const;
|
||||
virtual void EndBusyState () const { }
|
||||
virtual void ExportSecurityTokenKeyfile () const;
|
||||
virtual void ExportTokenKeyfile () const;
|
||||
virtual shared_ptr <GetStringFunctor> GetAdminPasswordRequestHandler ();
|
||||
virtual void ImportSecurityTokenKeyfiles () const;
|
||||
virtual void ImportTokenKeyfiles () const;
|
||||
#ifndef TC_NO_GUI
|
||||
virtual bool Initialize (int &argc, wxChar **argv) { return wxAppBase::Initialize(argc, argv); }
|
||||
#endif
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
#include <wx/cmdline.h>
|
||||
#include "Crypto/cpu.h"
|
||||
#include "Platform/PlatformTest.h"
|
||||
#include "Common/PCSCException.h"
|
||||
#ifdef TC_UNIX
|
||||
#include <errno.h>
|
||||
#include "Platform/Unix/Process.h"
|
||||
@@ -24,7 +25,6 @@
|
||||
#include "Platform/SystemInfo.h"
|
||||
#include "Platform/SystemException.h"
|
||||
#include "Common/SecurityToken.h"
|
||||
#include "Common/IccDataExtractor.h"
|
||||
#include "Volume/EncryptionTest.h"
|
||||
#include "Application.h"
|
||||
#include "FavoriteVolume.h"
|
||||
@@ -501,12 +501,18 @@ namespace VeraCrypt
|
||||
EX2MSG (StringFormatterException, LangString["LINUX_EX2MSG_STRINGFORMATTEREXCEPTION"]);
|
||||
EX2MSG (TemporaryDirectoryFailure, LangString["LINUX_EX2MSG_TEMPORARYDIRECTORYFAILURE"]);
|
||||
EX2MSG (UnportablePassword, LangString["UNSUPPORTED_CHARS_IN_PWD"]);
|
||||
|
||||
EX2MSG (WinscardLibraryNotInitialized, LangString["WINSCARD_MODULE_INIT_FAILED"]);
|
||||
EX2MSG (InvalidEMVPath, LangString["INVALID_EMV_PATH"]);
|
||||
EX2MSG (EMVKeyfileDataNotFound, LangString["EMV_KEYFILE_DATA_NOT_FOUND"]);
|
||||
EX2MSG (EMVPANNotFound, LangString["EMV_PAN_NOT_FOUND"]);
|
||||
EX2MSG (EMVUnknownCardType, LangString["EMV_UNKNOWN_CARD_TYPE"]);
|
||||
|
||||
EX2MSG (CommandAPDUNotValid, LangString["COMMAND_APDU_INVALID"]);
|
||||
EX2MSG (ExtendedAPDUNotSupported, LangString["EXTENDED_APDU_UNSUPPORTED"]);
|
||||
EX2MSG (ScardLibraryInitializationFailed, LangString["SCARD_MODULE_INIT_FAILED"]);
|
||||
EX2MSG (EMVUnknownCardType, LangString["EMV_UNKNOWN_CARD_TYPE"]);
|
||||
EX2MSG (EMVSelectAIDFailed, LangString["EMV_SELECT_AID_FAILED"]);
|
||||
EX2MSG (EMVIccCertNotFound, LangString["EMV_ICC_CERT_NOTFOUND"]);
|
||||
EX2MSG (EMVIssuerCertNotFound, LangString["EMV_ISSUER_CERT_NOTFOUND"]);
|
||||
EX2MSG (EMVCPLCNotFound, LangString["EMV_CPLC_NOTFOUND"]);
|
||||
EX2MSG (InvalidEMVPath, LangString["EMV_PAN_NOTFOUND"]);
|
||||
EX2MSG (EMVKeyfileDataNotFound, LangString["INVALID_EMV_PATH"]);
|
||||
EX2MSG (EMVPANNotFound, LangString["EMV_KEYFILE_DATA_NOTFOUND"]);
|
||||
|
||||
#if defined (TC_LINUX)
|
||||
EX2MSG (TerminalNotFound, LangString["LINUX_EX2MSG_TERMINALNOTFOUND"]);
|
||||
@@ -1150,7 +1156,7 @@ namespace VeraCrypt
|
||||
" Delete keyfiles from security tokens. See also command --list-token-keyfiles.\n"
|
||||
"\n"
|
||||
"--export-token-keyfile\n"
|
||||
" Export a keyfile from a token keyfile. See also command --list-token-keyfiles.\n"
|
||||
" Export a keyfile from a token. See also command --list-token-keyfiles.\n"
|
||||
"\n"
|
||||
"--import-token-keyfiles\n"
|
||||
" Import keyfiles to a security token. See also option --token-lib.\n"
|
||||
@@ -1393,12 +1399,12 @@ namespace VeraCrypt
|
||||
}
|
||||
return true;
|
||||
|
||||
case CommandId::ExportSecurityTokenKeyfile:
|
||||
ExportSecurityTokenKeyfile();
|
||||
case CommandId::ExportTokenKeyfile:
|
||||
ExportTokenKeyfile();
|
||||
return true;
|
||||
|
||||
case CommandId::ImportSecurityTokenKeyfiles:
|
||||
ImportSecurityTokenKeyfiles();
|
||||
case CommandId::ImportTokenKeyfiles:
|
||||
ImportTokenKeyfiles();
|
||||
return true;
|
||||
|
||||
case CommandId::ListTokenKeyfiles:
|
||||
@@ -1694,12 +1700,18 @@ namespace VeraCrypt
|
||||
VC_CONVERT_EXCEPTION (VolumeException);
|
||||
VC_CONVERT_EXCEPTION (PasswordException);
|
||||
|
||||
VC_CONVERT_EXCEPTION (PCSCException);
|
||||
VC_CONVERT_EXCEPTION (WinscardLibraryNotInitialized);
|
||||
VC_CONVERT_EXCEPTION (InvalidEMVPath);
|
||||
VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVPANNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVUnknownCardType);
|
||||
VC_CONVERT_EXCEPTION (PCSCException);
|
||||
VC_CONVERT_EXCEPTION (CommandAPDUNotValid);
|
||||
VC_CONVERT_EXCEPTION (ExtendedAPDUNotSupported);
|
||||
VC_CONVERT_EXCEPTION (ScardLibraryInitializationFailed);
|
||||
VC_CONVERT_EXCEPTION (EMVUnknownCardType);
|
||||
VC_CONVERT_EXCEPTION (EMVSelectAIDFailed);
|
||||
VC_CONVERT_EXCEPTION (EMVIccCertNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVIssuerCertNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVCPLCNotFound);
|
||||
VC_CONVERT_EXCEPTION (InvalidEMVPath);
|
||||
VC_CONVERT_EXCEPTION (EMVKeyfileDataNotFound);
|
||||
VC_CONVERT_EXCEPTION (EMVPANNotFound);
|
||||
|
||||
throw *ex;
|
||||
}
|
||||
|
||||
@@ -49,10 +49,10 @@ namespace VeraCrypt
|
||||
virtual void DoShowWarning (const wxString &message) const = 0;
|
||||
virtual void EndBusyState () const = 0;
|
||||
static wxString ExceptionToMessage (const exception &ex);
|
||||
virtual void ExportSecurityTokenKeyfile () const = 0;
|
||||
virtual void ExportTokenKeyfile () const = 0;
|
||||
virtual shared_ptr <GetStringFunctor> GetAdminPasswordRequestHandler () = 0;
|
||||
virtual const UserPreferences &GetPreferences () const { return Preferences; }
|
||||
virtual void ImportSecurityTokenKeyfiles () const = 0;
|
||||
virtual void ImportTokenKeyfiles () const = 0;
|
||||
virtual void Init ();
|
||||
virtual void InitSecurityTokenLibrary () const = 0;
|
||||
virtual void ListMountedVolumes (const VolumeInfoList &volumes) const;
|
||||
|
||||
@@ -79,7 +79,7 @@ namespace VeraCrypt
|
||||
TC_CONFIG_SET (CloseBackgroundTaskOnNoVolumes);
|
||||
TC_CONFIG_SET (CloseExplorerWindowsOnDismount);
|
||||
TC_CONFIG_SET (CloseSecurityTokenSessionsAfterMount);
|
||||
TC_CONFIG_SET (ActivateEMVOption);
|
||||
TC_CONFIG_SET (EMVSupportEnabled);
|
||||
TC_CONFIG_SET (DisableKernelEncryptionModeWarning);
|
||||
TC_CONFIG_SET (DismountOnInactivity);
|
||||
TC_CONFIG_SET (DismountOnLogOff);
|
||||
@@ -198,7 +198,7 @@ namespace VeraCrypt
|
||||
TC_CONFIG_ADD (CloseBackgroundTaskOnNoVolumes);
|
||||
TC_CONFIG_ADD (CloseExplorerWindowsOnDismount);
|
||||
TC_CONFIG_ADD (CloseSecurityTokenSessionsAfterMount);
|
||||
TC_CONFIG_ADD (ActivateEMVOption);
|
||||
TC_CONFIG_ADD (EMVSupportEnabled);
|
||||
TC_CONFIG_ADD (DisableKernelEncryptionModeWarning);
|
||||
TC_CONFIG_ADD (DismountOnInactivity);
|
||||
TC_CONFIG_ADD (DismountOnLogOff);
|
||||
|
||||
@@ -31,7 +31,7 @@ namespace VeraCrypt
|
||||
CloseBackgroundTaskOnNoVolumes (true),
|
||||
CloseExplorerWindowsOnDismount (true),
|
||||
CloseSecurityTokenSessionsAfterMount (false),
|
||||
ActivateEMVOption (false),
|
||||
EMVSupportEnabled (false),
|
||||
DisableKernelEncryptionModeWarning (false),
|
||||
DismountOnInactivity (false),
|
||||
DismountOnLogOff (true),
|
||||
@@ -73,7 +73,7 @@ namespace VeraCrypt
|
||||
bool CloseBackgroundTaskOnNoVolumes;
|
||||
bool CloseExplorerWindowsOnDismount;
|
||||
bool CloseSecurityTokenSessionsAfterMount;
|
||||
bool ActivateEMVOption;
|
||||
bool EMVSupportEnabled;
|
||||
bool DisableKernelEncryptionModeWarning;
|
||||
bool DismountOnInactivity;
|
||||
bool DismountOnLogOff;
|
||||
|
||||
Reference in New Issue
Block a user