mirror of
https://github.com/veracrypt/VeraCrypt
synced 2024-11-28 14:03:29 +01:00
Linux/MacOSX: Implement Unicode passwords suppport. Make validation of parameters in GUI more robust.
This commit is contained in:
Mounir IDRASSI
parent
cfadb231d2
commit
efa436974d
@ -376,7 +376,7 @@ namespace VeraCrypt
|
||||
ArgNewKeyfiles = ToKeyfileList (str);
|
||||
|
||||
if (parser.Found (L"new-password", &str))
|
||||
ArgNewPassword.reset (new VolumePassword (wstring (str)));
|
||||
ArgNewPassword = ToUTF8Password (str);
|
||||
|
||||
if (parser.Found (L"new-pim", &str))
|
||||
{
|
||||
@ -415,7 +415,7 @@ namespace VeraCrypt
|
||||
{
|
||||
if (Preferences.UseStandardInput)
|
||||
throw_err (L"--password cannot be used with --stdin");
|
||||
ArgPassword.reset (new VolumePassword (wstring (str)));
|
||||
ArgPassword = ToUTF8Password (str);
|
||||
}
|
||||
|
||||
if (parser.Found (L"pim", &str))
|
||||
@ -456,7 +456,7 @@ namespace VeraCrypt
|
||||
|
||||
if (parser.Found (L"protection-password", &str))
|
||||
{
|
||||
ArgMountOptions.ProtectionPassword.reset (new VolumePassword (wstring (str)));
|
||||
ArgMountOptions.ProtectionPassword = ToUTF8Password (str);
|
||||
ArgMountOptions.Protection = VolumeProtection::HiddenVolumeReadOnly;
|
||||
}
|
||||
|
||||
@ -713,5 +713,41 @@ namespace VeraCrypt
|
||||
return filteredVolumes;
|
||||
}
|
||||
|
||||
shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount)
|
||||
{
|
||||
if (charCount > 0)
|
||||
{
|
||||
shared_ptr<SecureBuffer> utf8Buffer = ToUTF8Buffer (str, charCount);
|
||||
return shared_ptr<VolumePassword>(new VolumePassword (*utf8Buffer));
|
||||
}
|
||||
else
|
||||
return shared_ptr<VolumePassword>(new VolumePassword ());
|
||||
}
|
||||
|
||||
shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount)
|
||||
{
|
||||
if (charCount == (size_t) -1)
|
||||
charCount = wcslen (str);
|
||||
|
||||
if (charCount > 0)
|
||||
{
|
||||
wxMBConvUTF8 utf8;
|
||||
size_t ulen = utf8.FromWChar (NULL, 0, str, charCount);
|
||||
if (wxCONV_FAILED == ulen)
|
||||
throw PasswordUTF8Invalid (SRC_POS);
|
||||
SecureBuffer passwordBuf(ulen);
|
||||
ulen = utf8.FromWChar ((char*) (byte*) passwordBuf, ulen, str, charCount);
|
||||
if (wxCONV_FAILED == ulen)
|
||||
throw PasswordUTF8Invalid (SRC_POS);
|
||||
if (ulen > VolumePassword::MaxSize)
|
||||
throw PasswordUTF8TooLong (SRC_POS);
|
||||
|
||||
ConstBufferPtr utf8Buffer ((byte*) passwordBuf, ulen);
|
||||
return shared_ptr<SecureBuffer>(new SecureBuffer (utf8Buffer));
|
||||
}
|
||||
else
|
||||
return shared_ptr<SecureBuffer>(new SecureBuffer ());
|
||||
}
|
||||
|
||||
auto_ptr <CommandLineInterface> CmdLine;
|
||||
}
|
||||
|
||||
@ -96,6 +96,9 @@ namespace VeraCrypt
|
||||
CommandLineInterface &operator= (const CommandLineInterface &);
|
||||
};
|
||||
|
||||
shared_ptr<VolumePassword> ToUTF8Password (const wchar_t* str, size_t charCount = (size_t) -1);
|
||||
shared_ptr<SecureBuffer> ToUTF8Buffer (const wchar_t* str, size_t charCount = (size_t) -1);
|
||||
|
||||
extern auto_ptr <CommandLineInterface> CmdLine;
|
||||
}
|
||||
|
||||
|
||||
@ -85,11 +85,11 @@ namespace VeraCrypt
|
||||
|
||||
try
|
||||
{
|
||||
shared_ptr <Pkcs5Kdf> currentKdf = CurrentPasswordPanel->GetPkcs5Kdf();
|
||||
if (currentKdf && CurrentPasswordPanel->GetTrueCryptMode() && (currentKdf->GetName() == L"HMAC-SHA-256"))
|
||||
bool bUnsupportedKdf = false;
|
||||
shared_ptr <Pkcs5Kdf> currentKdf = CurrentPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf);
|
||||
if (bUnsupportedKdf)
|
||||
{
|
||||
Gui->ShowWarning (LangString ["ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE"]);
|
||||
event.Skip();
|
||||
return;
|
||||
}
|
||||
|
||||
@ -97,15 +97,23 @@ namespace VeraCrypt
|
||||
int newPim = 0;
|
||||
if (DialogMode == Mode::ChangePasswordAndKeyfiles)
|
||||
{
|
||||
newPassword = NewPasswordPanel->GetPassword();
|
||||
try
|
||||
{
|
||||
newPassword = NewPasswordPanel->GetPassword();
|
||||
}
|
||||
catch (PasswordException& e)
|
||||
{
|
||||
Gui->ShowWarning (e);
|
||||
NewPasswordPanel->SetFocusToPasswordTextCtrl();
|
||||
return;
|
||||
}
|
||||
newPim = NewPasswordPanel->GetVolumePim();
|
||||
newPassword->CheckPortability();
|
||||
|
||||
if (newPassword->Size() > 0)
|
||||
{
|
||||
if (newPassword->Size() < VolumePassword::WarningSizeThreshold)
|
||||
{
|
||||
if (newPim < 485)
|
||||
if (newPim > 0 && newPim < 485)
|
||||
{
|
||||
Gui->ShowError ("PIM_REQUIRE_LONG_PASSWORD");
|
||||
return;
|
||||
@ -117,7 +125,7 @@ namespace VeraCrypt
|
||||
return;
|
||||
}
|
||||
}
|
||||
else if (newPim < 485)
|
||||
else if (newPim > 0 && newPim < 485)
|
||||
{
|
||||
if (!Gui->AskYesNo (LangString ["PIM_SMALL_WARNING"], false, true))
|
||||
{
|
||||
@ -141,7 +149,7 @@ namespace VeraCrypt
|
||||
|
||||
/* force the display of the random enriching interface */
|
||||
RandomNumberGenerator::SetEnrichedByUserStatus (false);
|
||||
Gui->UserEnrichRandomPool (this, NewPasswordPanel->GetPkcs5Kdf() ? NewPasswordPanel->GetPkcs5Kdf()->GetHash() : shared_ptr <Hash>());
|
||||
Gui->UserEnrichRandomPool (this, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf) ? NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf)->GetHash() : shared_ptr <Hash>());
|
||||
|
||||
{
|
||||
#ifdef TC_UNIX
|
||||
@ -162,8 +170,8 @@ namespace VeraCrypt
|
||||
#endif
|
||||
wxBusyCursor busy;
|
||||
ChangePasswordThreadRoutine routine(Path, Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps,
|
||||
CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(), CurrentPasswordPanel->GetTrueCryptMode(),CurrentPasswordPanel->GetKeyfiles(),
|
||||
newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(), NewPasswordPanel->GetHeaderWipeCount());
|
||||
CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), CurrentPasswordPanel->GetTrueCryptMode(),CurrentPasswordPanel->GetKeyfiles(),
|
||||
newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(bUnsupportedKdf), NewPasswordPanel->GetHeaderWipeCount());
|
||||
Gui->ExecuteWaitThreadRoutine (this, &routine);
|
||||
}
|
||||
|
||||
@ -208,26 +216,34 @@ namespace VeraCrypt
|
||||
{
|
||||
bool ok = true;
|
||||
|
||||
bool passwordEmpty = CurrentPasswordPanel->GetPassword()->IsEmpty();
|
||||
bool keyfilesEmpty = !CurrentPasswordPanel->GetKeyfiles() || CurrentPasswordPanel->GetKeyfiles()->empty();
|
||||
|
||||
if (passwordEmpty && keyfilesEmpty)
|
||||
ok = false;
|
||||
|
||||
if (DialogMode == Mode::RemoveAllKeyfiles && (passwordEmpty || keyfilesEmpty))
|
||||
ok = false;
|
||||
|
||||
if (DialogMode == Mode::ChangePasswordAndKeyfiles || DialogMode == Mode::ChangeKeyfiles)
|
||||
try
|
||||
{
|
||||
bool newKeyfilesEmpty = !NewPasswordPanel->GetKeyfiles() || NewPasswordPanel->GetKeyfiles()->empty();
|
||||
|
||||
if (DialogMode == Mode::ChangeKeyfiles
|
||||
&& ((passwordEmpty && newKeyfilesEmpty) || (keyfilesEmpty && newKeyfilesEmpty)))
|
||||
bool passwordEmpty = CurrentPasswordPanel->GetPassword()->IsEmpty();
|
||||
bool keyfilesEmpty = !CurrentPasswordPanel->GetKeyfiles() || CurrentPasswordPanel->GetKeyfiles()->empty();
|
||||
|
||||
if (passwordEmpty && keyfilesEmpty)
|
||||
ok = false;
|
||||
|
||||
if (DialogMode == Mode::ChangePasswordAndKeyfiles
|
||||
&& ((NewPasswordPanel->GetPassword()->IsEmpty() && newKeyfilesEmpty) || !NewPasswordPanel->PasswordsMatch()))
|
||||
if (DialogMode == Mode::RemoveAllKeyfiles && (passwordEmpty || keyfilesEmpty))
|
||||
ok = false;
|
||||
|
||||
if (DialogMode == Mode::ChangePasswordAndKeyfiles || DialogMode == Mode::ChangeKeyfiles)
|
||||
{
|
||||
bool newKeyfilesEmpty = !NewPasswordPanel->GetKeyfiles() || NewPasswordPanel->GetKeyfiles()->empty();
|
||||
|
||||
if (DialogMode == Mode::ChangeKeyfiles
|
||||
&& ((passwordEmpty && newKeyfilesEmpty) || (keyfilesEmpty && newKeyfilesEmpty)))
|
||||
ok = false;
|
||||
|
||||
if (DialogMode == Mode::ChangePasswordAndKeyfiles
|
||||
&& ((NewPasswordPanel->GetPassword()->IsEmpty() && newKeyfilesEmpty) || !NewPasswordPanel->PasswordsMatch()))
|
||||
ok = false;
|
||||
}
|
||||
}
|
||||
catch (PasswordException&)
|
||||
{
|
||||
ok = false;
|
||||
}
|
||||
|
||||
OKButton->Enable (ok);
|
||||
|
||||
@ -86,11 +86,25 @@ namespace VeraCrypt
|
||||
|
||||
void MountOptionsDialog::OnOKButtonClick (wxCommandEvent& event)
|
||||
{
|
||||
bool bUnsupportedKdf = false;
|
||||
TransferDataFromWindow();
|
||||
|
||||
Options.Password = PasswordPanel->GetPassword();
|
||||
try
|
||||
{
|
||||
Options.Password = PasswordPanel->GetPassword();
|
||||
}
|
||||
catch (PasswordException& e)
|
||||
{
|
||||
Gui->ShowWarning (e);
|
||||
return;
|
||||
}
|
||||
Options.Pim = PasswordPanel->GetVolumePim();
|
||||
Options.Kdf = PasswordPanel->GetPkcs5Kdf();
|
||||
Options.Kdf = PasswordPanel->GetPkcs5Kdf(bUnsupportedKdf);
|
||||
if (bUnsupportedKdf)
|
||||
{
|
||||
Gui->ShowWarning (LangString ["ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE"]);
|
||||
return;
|
||||
}
|
||||
Options.TrueCryptMode = PasswordPanel->GetTrueCryptMode();
|
||||
Options.Keyfiles = PasswordPanel->GetKeyfiles();
|
||||
|
||||
@ -100,10 +114,23 @@ namespace VeraCrypt
|
||||
}
|
||||
else if (ProtectionCheckBox->IsChecked())
|
||||
{
|
||||
try
|
||||
{
|
||||
Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword();
|
||||
}
|
||||
catch (PasswordException& e)
|
||||
{
|
||||
Gui->ShowWarning (e);
|
||||
return;
|
||||
}
|
||||
Options.Protection = VolumeProtection::HiddenVolumeReadOnly;
|
||||
Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword();
|
||||
Options.ProtectionPim = ProtectionPasswordPanel->GetVolumePim();
|
||||
Options.ProtectionKdf = ProtectionPasswordPanel->GetPkcs5Kdf();
|
||||
Options.ProtectionKdf = ProtectionPasswordPanel->GetPkcs5Kdf(Options.TrueCryptMode, bUnsupportedKdf);
|
||||
if (bUnsupportedKdf)
|
||||
{
|
||||
Gui->ShowWarning (LangString ["ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE"]);
|
||||
return;
|
||||
}
|
||||
Options.ProtectionKeyfiles = ProtectionPasswordPanel->GetKeyfiles();
|
||||
}
|
||||
else
|
||||
@ -117,23 +144,6 @@ namespace VeraCrypt
|
||||
|
||||
Options.FilesystemOptions = FilesystemOptionsTextCtrl->GetValue();
|
||||
|
||||
try
|
||||
{
|
||||
if (Options.Password)
|
||||
Options.Password->CheckPortability();
|
||||
}
|
||||
catch (UnportablePassword &)
|
||||
{
|
||||
Gui->ShowWarning (LangString ["UNSUPPORTED_CHARS_IN_PWD_RECOM"]);
|
||||
}
|
||||
|
||||
if (Options.TrueCryptMode && Options.Kdf && (Options.Kdf->GetName() == L"HMAC-SHA-256"))
|
||||
{
|
||||
Gui->ShowWarning (LangString ["ALGO_NOT_SUPPORTED_FOR_TRUECRYPT_MODE"]);
|
||||
event.Skip();
|
||||
return;
|
||||
}
|
||||
|
||||
EndModal (wxID_OK);
|
||||
}
|
||||
|
||||
|
||||
@ -733,22 +733,21 @@ namespace VeraCrypt
|
||||
case Step::VolumePassword:
|
||||
{
|
||||
VolumePasswordWizardPage *page = dynamic_cast <VolumePasswordWizardPage *> (GetCurrentPage());
|
||||
Password = page->GetPassword();
|
||||
try
|
||||
{
|
||||
Password = page->GetPassword();
|
||||
}
|
||||
catch (PasswordException& e)
|
||||
{
|
||||
Gui->ShowWarning (e);
|
||||
return GetCurrentStep();
|
||||
}
|
||||
|
||||
Kdf = page->GetPkcs5Kdf();
|
||||
Keyfiles = page->GetKeyfiles();
|
||||
|
||||
if (forward && Password && !Password->IsEmpty())
|
||||
{
|
||||
try
|
||||
{
|
||||
Password->CheckPortability();
|
||||
}
|
||||
catch (UnportablePassword &e)
|
||||
{
|
||||
Gui->ShowError (e);
|
||||
return GetCurrentStep();
|
||||
}
|
||||
|
||||
if (Password->Size() < VolumePassword::WarningSizeThreshold)
|
||||
{
|
||||
if (!Gui->AskYesNo (LangString["PASSWORD_LENGTH_WARNING"], false, true))
|
||||
|
||||
@ -231,7 +231,7 @@ namespace VeraCrypt
|
||||
|
||||
#ifdef TC_WINDOWS
|
||||
int len = GetWindowText (static_cast <HWND> (textCtrl->GetHandle()), passwordBuf, VolumePassword::MaxSize + 1);
|
||||
password.reset (new VolumePassword (passwordBuf, len));
|
||||
password = ToUTF8Password (passwordBuf, len);
|
||||
#else
|
||||
wxString passwordStr (textCtrl->GetValue()); // A copy of the password is created here by wxWidgets, which cannot be erased
|
||||
for (size_t i = 0; i < passwordStr.size() && i < VolumePassword::MaxSize; ++i)
|
||||
@ -239,19 +239,33 @@ namespace VeraCrypt
|
||||
passwordBuf[i] = (wchar_t) passwordStr[i];
|
||||
passwordStr[i] = L'X';
|
||||
}
|
||||
password.reset (new VolumePassword (passwordBuf, passwordStr.size() <= VolumePassword::MaxSize ? passwordStr.size() : VolumePassword::MaxSize));
|
||||
password = ToUTF8Password (passwordBuf, passwordStr.size() <= VolumePassword::MaxSize ? passwordStr.size() : VolumePassword::MaxSize);
|
||||
#endif
|
||||
return password;
|
||||
}
|
||||
|
||||
shared_ptr <Pkcs5Kdf> VolumePasswordPanel::GetPkcs5Kdf () const
|
||||
shared_ptr <Pkcs5Kdf> VolumePasswordPanel::GetPkcs5Kdf (bool &bUnsupportedKdf) const
|
||||
{
|
||||
return GetPkcs5Kdf (GetTrueCryptMode(), bUnsupportedKdf);
|
||||
}
|
||||
|
||||
shared_ptr <Pkcs5Kdf> VolumePasswordPanel::GetPkcs5Kdf (bool bTrueCryptMode, bool &bUnsupportedKdf) const
|
||||
{
|
||||
bUnsupportedKdf = false;
|
||||
try
|
||||
{
|
||||
return Pkcs5Kdf::GetAlgorithm (wstring (Pkcs5PrfChoice->GetStringSelection()), GetTrueCryptMode());
|
||||
int index = Pkcs5PrfChoice->GetSelection ();
|
||||
if ((wxNOT_FOUND == index) || (0 == index))
|
||||
{
|
||||
// auto-detection
|
||||
return shared_ptr <Pkcs5Kdf> ();
|
||||
}
|
||||
else
|
||||
return Pkcs5Kdf::GetAlgorithm (wstring (Pkcs5PrfChoice->GetStringSelection()), bTrueCryptMode);
|
||||
}
|
||||
catch (ParameterIncorrect&)
|
||||
{
|
||||
bUnsupportedKdf = true;
|
||||
return shared_ptr <Pkcs5Kdf> ();
|
||||
}
|
||||
}
|
||||
@ -419,7 +433,14 @@ namespace VeraCrypt
|
||||
bool VolumePasswordPanel::PasswordsMatch () const
|
||||
{
|
||||
assert (ConfirmPasswordStaticText->IsShown());
|
||||
return *GetPassword (PasswordTextCtrl) == *GetPassword (ConfirmPasswordTextCtrl);
|
||||
try
|
||||
{
|
||||
return *GetPassword (PasswordTextCtrl) == *GetPassword (ConfirmPasswordTextCtrl);
|
||||
}
|
||||
catch (PasswordException&)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
void VolumePasswordPanel::WipeTextCtrl (wxTextCtrl *textCtrl)
|
||||
|
||||
@ -28,7 +28,8 @@ namespace VeraCrypt
|
||||
void AddKeyfile (shared_ptr <Keyfile> keyfile);
|
||||
shared_ptr <KeyfileList> GetKeyfiles () const { return UseKeyfilesCheckBox->IsChecked() ? Keyfiles : shared_ptr <KeyfileList> (); }
|
||||
shared_ptr <VolumePassword> GetPassword () const;
|
||||
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf () const;
|
||||
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf (bool &bUnsupportedKdf) const;
|
||||
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf (bool bTrueCryptMode, bool &bUnsupportedKdf) const;
|
||||
int GetVolumePim () const;
|
||||
bool GetTrueCryptMode () const;
|
||||
int GetHeaderWipeCount () const;
|
||||
|
||||
@ -35,9 +35,16 @@ namespace VeraCrypt
|
||||
if (ConfirmationMode && !PasswordPanel->PasswordsMatch())
|
||||
return false;
|
||||
|
||||
shared_ptr <KeyfileList> keyfiles (GetKeyfiles());
|
||||
shared_ptr <VolumePassword> password (GetPassword());
|
||||
try
|
||||
{
|
||||
shared_ptr <KeyfileList> keyfiles (GetKeyfiles());
|
||||
shared_ptr <VolumePassword> password (GetPassword());
|
||||
|
||||
return (password && !GetPassword()->IsEmpty()) || (keyfiles && !keyfiles->empty());
|
||||
return (password && !GetPassword()->IsEmpty()) || (keyfiles && !keyfiles->empty());
|
||||
}
|
||||
catch (PasswordException&)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -30,7 +30,7 @@ namespace VeraCrypt
|
||||
bool IsPimSelected () const { return PasswordPanel->IsUsePimChecked ();}
|
||||
void SetPimSelected (bool selected) const { PasswordPanel->SetUsePimChecked (selected);}
|
||||
|
||||
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf () const { return PasswordPanel->GetPkcs5Kdf(); }
|
||||
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf () const { bool bUnsupportedKdf; return PasswordPanel->GetPkcs5Kdf(bUnsupportedKdf); }
|
||||
bool IsValid ();
|
||||
void SetMaxStaticTextWidth (int width) { InfoStaticText->Wrap (width); }
|
||||
void SetPageText (const wxString &text) { InfoStaticText->SetLabel (text); }
|
||||
|
||||
@ -37,6 +37,8 @@ namespace VeraCrypt
|
||||
VC_CONVERT_EXCEPTION (ProtectionPasswordKeyfilesIncorrect);
|
||||
VC_CONVERT_EXCEPTION (PasswordEmpty);
|
||||
VC_CONVERT_EXCEPTION (PasswordTooLong);
|
||||
VC_CONVERT_EXCEPTION (PasswordUTF8TooLong);
|
||||
VC_CONVERT_EXCEPTION (PasswordUTF8Invalid);
|
||||
VC_CONVERT_EXCEPTION (UnportablePassword);
|
||||
VC_CONVERT_EXCEPTION (ElevationFailed);
|
||||
VC_CONVERT_EXCEPTION (RootDeviceUnavailable);
|
||||
|
||||
@ -97,7 +97,7 @@ namespace VeraCrypt
|
||||
wchar_t passwordBuf[4096];
|
||||
finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast <byte *> (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); });
|
||||
|
||||
make_shared_auto (VolumePassword, password);
|
||||
shared_ptr<VolumePassword> password;
|
||||
|
||||
bool verPhase = false;
|
||||
while (true)
|
||||
@ -113,8 +113,7 @@ namespace VeraCrypt
|
||||
|
||||
if (!verPhase && length < 1)
|
||||
{
|
||||
password->Set (passwordBuf, 0);
|
||||
return password;
|
||||
return shared_ptr <VolumePassword>(new VolumePassword ());
|
||||
}
|
||||
|
||||
for (size_t i = 0; i < length && i < VolumePassword::MaxSize; ++i)
|
||||
@ -125,8 +124,7 @@ namespace VeraCrypt
|
||||
|
||||
if (verify && verPhase)
|
||||
{
|
||||
make_shared_auto (VolumePassword, verPassword);
|
||||
verPassword->Set (passwordBuf, length);
|
||||
shared_ptr <VolumePassword> verPassword = ToUTF8Password (passwordBuf, length);
|
||||
|
||||
if (*password != *verPassword)
|
||||
{
|
||||
@ -137,26 +135,10 @@ namespace VeraCrypt
|
||||
}
|
||||
}
|
||||
|
||||
password->Set (passwordBuf, length);
|
||||
password = ToUTF8Password (passwordBuf, length);
|
||||
|
||||
if (!verPhase)
|
||||
{
|
||||
try
|
||||
{
|
||||
password->CheckPortability();
|
||||
}
|
||||
catch (UnportablePassword &e)
|
||||
{
|
||||
if (verify)
|
||||
{
|
||||
ShowError (e);
|
||||
verPhase = false;
|
||||
continue;
|
||||
}
|
||||
|
||||
ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM");
|
||||
}
|
||||
|
||||
if (verify)
|
||||
{
|
||||
if (password->Size() < VolumePassword::WarningSizeThreshold)
|
||||
@ -433,14 +415,7 @@ namespace VeraCrypt
|
||||
// Current password
|
||||
if (!passwordInteractive)
|
||||
{
|
||||
try
|
||||
{
|
||||
password->CheckPortability();
|
||||
}
|
||||
catch (UnportablePassword &)
|
||||
{
|
||||
ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM");
|
||||
}
|
||||
|
||||
}
|
||||
else if (!Preferences.NonInteractive)
|
||||
{
|
||||
@ -487,9 +462,7 @@ namespace VeraCrypt
|
||||
}
|
||||
|
||||
// New password
|
||||
if (newPassword.get())
|
||||
newPassword->CheckPortability();
|
||||
else if (!Preferences.NonInteractive)
|
||||
if (!newPassword.get() && !Preferences.NonInteractive)
|
||||
newPassword = AskPassword (_("Enter new password"), true);
|
||||
|
||||
// New PIM
|
||||
@ -790,9 +763,6 @@ namespace VeraCrypt
|
||||
options->Password = AskPassword (_("Enter password"), true);
|
||||
}
|
||||
|
||||
if (options->Password)
|
||||
options->Password->CheckPortability();
|
||||
|
||||
// PIM
|
||||
if ((options->Pim < 0) && !Preferences.NonInteractive)
|
||||
{
|
||||
@ -1189,18 +1159,6 @@ namespace VeraCrypt
|
||||
{
|
||||
options.Password = AskPassword (StringFormatter (_("Enter password for {0}"), wstring (*options.Path)));
|
||||
}
|
||||
else
|
||||
{
|
||||
try
|
||||
{
|
||||
if (options.Password)
|
||||
options.Password->CheckPortability();
|
||||
}
|
||||
catch (UnportablePassword &)
|
||||
{
|
||||
ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM");
|
||||
}
|
||||
}
|
||||
|
||||
if (!options.TrueCryptMode && (options.Pim < 0))
|
||||
{
|
||||
|
||||
@ -462,6 +462,8 @@ namespace VeraCrypt
|
||||
EX2MSG (PasswordOrKeyboardLayoutIncorrect, LangString["PASSWORD_OR_KEYFILE_WRONG"] + _("\n\nNote that pre-boot authentication passwords need to be typed in the pre-boot environment where non-US keyboard layouts are not available. Therefore, pre-boot authentication passwords must always be typed using the standard US keyboard layout (otherwise, the password will be typed incorrectly in most cases). However, note that you do NOT need a real US keyboard; you just need to change the keyboard layout in your operating system."));
|
||||
EX2MSG (PasswordOrMountOptionsIncorrect, LangString["PASSWORD_OR_KEYFILE_OR_MODE_WRONG"] + _("\n\nNote: If you are attempting to mount a partition located on an encrypted system drive without pre-boot authentication or to mount the encrypted system partition of an operating system that is not running, you can do so by selecting 'Options >' > 'Mount partition using system encryption'."));
|
||||
EX2MSG (PasswordTooLong, StringFormatter (_("Password is longer than {0} characters."), (int) VolumePassword::MaxSize));
|
||||
EX2MSG (PasswordUTF8TooLong, LangString["PASSWORD_UTF8_TOO_LONG"]);
|
||||
EX2MSG (PasswordUTF8Invalid, LangString["PASSWORD_UTF8_INVALID"]);
|
||||
EX2MSG (PartitionDeviceRequired, _("Partition device required."));
|
||||
EX2MSG (ProtectionPasswordIncorrect, _("Incorrect password to the protected hidden volume or the hidden volume does not exist."));
|
||||
EX2MSG (ProtectionPasswordKeyfilesIncorrect,_("Incorrect keyfile(s) and/or password to the protected hidden volume or the hidden volume does not exist."));
|
||||
@ -897,7 +899,7 @@ namespace VeraCrypt
|
||||
wstring pwdInput;
|
||||
wcin >> pwdInput;
|
||||
|
||||
cmdLine.ArgPassword = make_shared<VolumePassword> (pwdInput);
|
||||
cmdLine.ArgPassword = ToUTF8Password ( pwdInput.c_str (), pwdInput.size ());
|
||||
}
|
||||
|
||||
switch (cmdLine.ArgCommand)
|
||||
@ -1549,6 +1551,8 @@ namespace VeraCrypt
|
||||
VC_CONVERT_EXCEPTION (ProtectionPasswordKeyfilesIncorrect);
|
||||
VC_CONVERT_EXCEPTION (PasswordEmpty);
|
||||
VC_CONVERT_EXCEPTION (PasswordTooLong);
|
||||
VC_CONVERT_EXCEPTION (PasswordUTF8TooLong);
|
||||
VC_CONVERT_EXCEPTION (PasswordUTF8Invalid);
|
||||
VC_CONVERT_EXCEPTION (UnportablePassword);
|
||||
VC_CONVERT_EXCEPTION (ElevationFailed);
|
||||
VC_CONVERT_EXCEPTION (RootDeviceUnavailable);
|
||||
|
||||
@ -58,11 +58,15 @@ namespace VeraCrypt
|
||||
void Buffer::CopyFrom (const ConstBufferPtr &bufferPtr)
|
||||
{
|
||||
if (!IsAllocated ())
|
||||
Allocate (bufferPtr.Size());
|
||||
{
|
||||
if (bufferPtr.Size())
|
||||
Allocate (bufferPtr.Size());
|
||||
}
|
||||
else if (bufferPtr.Size() > DataSize)
|
||||
throw ParameterTooLarge (SRC_POS);
|
||||
|
||||
Memory::Copy (DataPtr, bufferPtr.Get(), bufferPtr.Size());
|
||||
if (bufferPtr.Size())
|
||||
Memory::Copy (DataPtr, bufferPtr.Get(), bufferPtr.Size());
|
||||
}
|
||||
|
||||
void Buffer::Erase ()
|
||||
|
||||
@ -790,7 +790,7 @@ namespace VeraCrypt
|
||||
|
||||
void EncryptionTest::TestPkcs5 ()
|
||||
{
|
||||
VolumePassword password ("password", 8);
|
||||
VolumePassword password ((byte*) "password", 8);
|
||||
static const byte saltData[] = { 0x12, 0x34, 0x56, 0x78 };
|
||||
ConstBufferPtr salt (saltData, sizeof (saltData));
|
||||
Buffer derivedKey (4);
|
||||
|
||||
@ -16,31 +16,11 @@
|
||||
|
||||
namespace VeraCrypt
|
||||
{
|
||||
VolumePassword::VolumePassword () : PasswordSize (0), Unportable (false)
|
||||
VolumePassword::VolumePassword () : PasswordSize (0)
|
||||
{
|
||||
AllocateBuffer ();
|
||||
}
|
||||
|
||||
VolumePassword::VolumePassword (const char *password, size_t size)
|
||||
{
|
||||
Set ((const byte *) password, size);
|
||||
}
|
||||
|
||||
VolumePassword::VolumePassword (const byte *password, size_t size)
|
||||
{
|
||||
Set (password, size);
|
||||
}
|
||||
|
||||
VolumePassword::VolumePassword (const wchar_t *password, size_t charCount)
|
||||
{
|
||||
Set (password, charCount);
|
||||
}
|
||||
|
||||
VolumePassword::VolumePassword (const wstring &password)
|
||||
{
|
||||
Set (password.c_str(), password.size());
|
||||
}
|
||||
|
||||
VolumePassword::~VolumePassword ()
|
||||
{
|
||||
}
|
||||
@ -51,12 +31,6 @@ namespace VeraCrypt
|
||||
PasswordBuffer.Allocate (MaxSize);
|
||||
}
|
||||
|
||||
void VolumePassword::CheckPortability () const
|
||||
{
|
||||
if (Unportable || !IsPortable())
|
||||
throw UnportablePassword (SRC_POS);
|
||||
}
|
||||
|
||||
void VolumePassword::Deserialize (shared_ptr <Stream> stream)
|
||||
{
|
||||
Serializer sr (stream);
|
||||
@ -69,16 +43,6 @@ namespace VeraCrypt
|
||||
sr.Deserialize ("WipeData", wipeBuffer);
|
||||
}
|
||||
|
||||
bool VolumePassword::IsPortable () const
|
||||
{
|
||||
for (size_t i = 0; i < PasswordSize; i++)
|
||||
{
|
||||
if (PasswordBuffer[i] >= 0x7f || PasswordBuffer[i] < 0x20)
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
void VolumePassword::Serialize (shared_ptr <Stream> stream) const
|
||||
{
|
||||
Serializable::Serialize (stream);
|
||||
@ -99,61 +63,11 @@ namespace VeraCrypt
|
||||
if (size > MaxSize)
|
||||
throw PasswordTooLong (SRC_POS);
|
||||
|
||||
PasswordBuffer.CopyFrom (ConstBufferPtr (password, size));
|
||||
PasswordBuffer.Erase ();
|
||||
if (size > 0)
|
||||
PasswordBuffer.CopyFrom (ConstBufferPtr (password, size));
|
||||
|
||||
PasswordSize = size;
|
||||
|
||||
Unportable = !IsPortable();
|
||||
}
|
||||
|
||||
void VolumePassword::Set (const wchar_t *password, size_t charCount)
|
||||
{
|
||||
if (charCount > MaxSize)
|
||||
throw PasswordTooLong (SRC_POS);
|
||||
|
||||
union Conv
|
||||
{
|
||||
byte b[sizeof (wchar_t)];
|
||||
wchar_t c;
|
||||
};
|
||||
|
||||
Conv conv;
|
||||
conv.c = L'A';
|
||||
|
||||
int lsbPos = -1;
|
||||
for (size_t i = 0; i < sizeof (conv.b); ++i)
|
||||
{
|
||||
if (conv.b[i] == L'A')
|
||||
{
|
||||
lsbPos = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (lsbPos == -1)
|
||||
throw ParameterIncorrect (SRC_POS);
|
||||
|
||||
bool unportable = false;
|
||||
byte passwordBuf[MaxSize];
|
||||
for (size_t i = 0; i < charCount; ++i)
|
||||
{
|
||||
conv.c = password[i];
|
||||
passwordBuf[i] = conv.b[lsbPos];
|
||||
for (int j = 0; j < (int) sizeof (wchar_t); ++j)
|
||||
{
|
||||
if (j != lsbPos && conv.b[j] != 0)
|
||||
unportable = true;
|
||||
}
|
||||
}
|
||||
|
||||
Set (passwordBuf, charCount);
|
||||
|
||||
if (unportable)
|
||||
Unportable = true;
|
||||
}
|
||||
|
||||
void VolumePassword::Set (const ConstBufferPtr &password)
|
||||
{
|
||||
Set (password, password.Size());
|
||||
}
|
||||
|
||||
void VolumePassword::Set (const VolumePassword &password)
|
||||
|
||||
@ -22,10 +22,8 @@ namespace VeraCrypt
|
||||
{
|
||||
public:
|
||||
VolumePassword ();
|
||||
VolumePassword (const byte *password, size_t size);
|
||||
VolumePassword (const char *password, size_t size);
|
||||
VolumePassword (const wchar_t *password, size_t charCount);
|
||||
VolumePassword (const wstring &password);
|
||||
VolumePassword (const byte *password, size_t size) { Set (password, size); }
|
||||
VolumePassword (const SecureBuffer &password) { Set (password.Ptr (), password.Size ()); }
|
||||
VolumePassword (const VolumePassword &password) { Set (password); }
|
||||
virtual ~VolumePassword ();
|
||||
|
||||
@ -35,13 +33,10 @@ namespace VeraCrypt
|
||||
|
||||
operator BufferPtr () const { return BufferPtr (PasswordBuffer); }
|
||||
|
||||
void CheckPortability () const;
|
||||
byte *DataPtr () const { return PasswordBuffer; }
|
||||
bool IsEmpty () const { return PasswordSize == 0; }
|
||||
size_t Size () const { return PasswordSize; }
|
||||
void Set (const byte *password, size_t size);
|
||||
void Set (const wchar_t *password, size_t charCount);
|
||||
void Set (const ConstBufferPtr &password);
|
||||
void Set (const VolumePassword &password);
|
||||
|
||||
TC_SERIALIZABLE (VolumePassword);
|
||||
@ -51,12 +46,10 @@ namespace VeraCrypt
|
||||
|
||||
protected:
|
||||
void AllocateBuffer ();
|
||||
bool IsPortable () const;
|
||||
|
||||
SecureBuffer PasswordBuffer;
|
||||
|
||||
size_t PasswordSize;
|
||||
bool Unportable;
|
||||
};
|
||||
|
||||
struct PasswordException : public Exception
|
||||
@ -86,6 +79,8 @@ namespace VeraCrypt
|
||||
TC_EXCEPTION_NODECL (ProtectionPasswordKeyfilesIncorrect); \
|
||||
TC_EXCEPTION (PasswordEmpty); \
|
||||
TC_EXCEPTION (PasswordTooLong); \
|
||||
TC_EXCEPTION (PasswordUTF8TooLong); \
|
||||
TC_EXCEPTION (PasswordUTF8Invalid); \
|
||||
TC_EXCEPTION (UnportablePassword);
|
||||
|
||||
TC_EXCEPTION_SET;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user