Linux/MacOSX: Implement passing smart card PIN as command line argument (--token-pin switch)

2025-11-11 11:08:02 -06:00 · 2016-05-28 23:53:55 +02:00
parent 3f806010d2
commit a0d8b8a3b7
6 changed files with 39 additions and 0 deletions
--- a/src/Common/SecurityToken.cpp
+++ b/src/Common/SecurityToken.cpp
@@ -517,6 +517,7 @@ namespace VeraCrypt
 						size_t cmdPinLen = strlen (cmdPin);
 						burn (cmdPin, cmdPinLen);
 					}
+					PinCallback->notifyIncorrectPin ();
 					(*WarningCallback) (Pkcs11Exception (CKR_PIN_INCORRECT));
 					continue;
 				}
--- a/src/Common/SecurityToken.h
+++ b/src/Common/SecurityToken.h
@@ -170,6 +170,7 @@ namespace VeraCrypt
 	{
 		virtual ~GetPinFunctor () { }
 		virtual void operator() (string &str) = 0;
+		virtual void notifyIncorrectPin () = 0;
 	};

 	struct SendExceptionFunctor
--- a/src/Main/CommandLineInterface.cpp
+++ b/src/Main/CommandLineInterface.cpp
@@ -89,6 +89,7 @@ namespace VeraCrypt
 		parser.AddSwitch (L"",	L"test",				_("Test internal algorithms"));
 		parser.AddSwitch (L"t", L"text",				_("Use text user interface"));
 		parser.AddOption (L"",	L"token-lib",			_("Security token library"));
+        parser.AddOption (L"",	L"token-pin",			_("Security token PIN"));
 		parser.AddSwitch (L"v", L"verbose",				_("Enable verbose output"));
 		parser.AddSwitch (L"",	L"version",				_("Display version information"));
 		parser.AddSwitch (L"",	L"volume-properties",	_("Display volume properties"));
@@ -593,6 +594,11 @@ namespace VeraCrypt
 		if (parser.Found (L"token-lib", &str))
 			Preferences.SecurityTokenModule = wstring (str);

+        if (parser.Found (L"token-pin", &str) && !str.IsEmpty ())
+        {
+            ArgTokenPin = ToUTF8Buffer (str.c_str(), str.Len ());
+        }
+
 		if (parser.Found (L"verbose"))
 			Preferences.Verbose = true;

--- a/src/Main/CommandLineInterface.h
+++ b/src/Main/CommandLineInterface.h
@@ -82,6 +82,7 @@ namespace VeraCrypt
 		VolumeInfoList ArgVolumes;
 		VolumeType::Enum ArgVolumeType;
 		bool ArgTrueCryptMode;
+        shared_ptr<SecureBuffer> ArgTokenPin;

 		bool StartBackgroundTask;
 		UserPreferences Preferences;
--- a/src/Main/GraphicUserInterface.cpp
+++ b/src/Main/GraphicUserInterface.cpp
@@ -537,6 +537,13 @@ namespace VeraCrypt
 		{
 			virtual void operator() (string &passwordStr)
 			{
+                if (CmdLine->ArgTokenPin && CmdLine->ArgTokenPin->IsAllocated ())
+                {
+        			passwordStr.clear();
+        			passwordStr.insert (0, (char*) CmdLine->ArgTokenPin->Ptr (), CmdLine->ArgTokenPin->Size());
+                    return;
+                }
+
 				if (Gui->GetPreferences().NonInteractive)
 					throw MissingArgument (SRC_POS);

@@ -563,6 +570,14 @@ namespace VeraCrypt

 				StringConverter::ToSingle (wPassword, passwordStr);
 			}
+
+			virtual void notifyIncorrectPin ()
+			{
+				if (CmdLine->ArgTokenPin && CmdLine->ArgTokenPin->IsAllocated ())
+				{
+					CmdLine->ArgTokenPin->Free ();
+				}
+			}
 		};

 		struct WarningHandler : public SendExceptionFunctor
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -1053,6 +1053,13 @@ namespace VeraCrypt

 			virtual void operator() (string &passwordStr)
 			{
+                if (CmdLine->ArgTokenPin && CmdLine->ArgTokenPin->IsAllocated ())
+                {
+        			passwordStr.clear();
+        			passwordStr.insert (0, (char*) CmdLine->ArgTokenPin->Ptr (), CmdLine->ArgTokenPin->Size());
+                    return;
+                }
+
 				if (UI->GetPreferences().NonInteractive)
 					throw MissingArgument (SRC_POS);

@@ -1069,6 +1076,14 @@ namespace VeraCrypt
 				StringConverter::ToSingle (wPassword, passwordStr);
 			}

+			virtual void notifyIncorrectPin ()
+			{
+				if (CmdLine->ArgTokenPin && CmdLine->ArgTokenPin->IsAllocated ())
+				{
+					CmdLine->ArgTokenPin->Free ();
+				}
+			}
+
 			const TextUserInterface *UI;
 		};