VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Volume
diff options
context:
space:
mode:
authormmauv <99472743+mmauv@users.noreply.github.com>2023-06-28 22:51:43 +0200
committerGitHub <noreply@github.com>2023-06-28 22:51:43 +0200
commit502ab9112a7624dbd7c1c90c2e12ed45512b8b3c (patch)
tree951e70be174df6f1d214f37e5ca10c49519b7d73 /src/Volume
parentf4e109afcfcdd7ad067158b66d08787f371a6bc4 (diff)
downloadVeraCrypt-502ab9112a7624dbd7c1c90c2e12ed45512b8b3c.tar.gz
VeraCrypt-502ab9112a7624dbd7c1c90c2e12ed45512b8b3c.zip
Add EMV functionality (#1080)
* Add basic strcture needed for EMV implementation * Add demo EMV functionality with C code pasted in a very dirty and unsafe way. NOT FINAL * Refactor IccExtractor Structure * Fix Makefile * fix include file * move global variables from h to c * revert to memcpy * fix icc data recovery functions * Add EMV functionalities on windows * Make EMVToken structures like SecurityToken * Define constants instead of hard coded values * Token structures created with inheritance * refactor TokenKeyfile to use inherit. + polymor. * add Token.h + Token.cpp in modules in VS2010 * Add a comment at each use of SecurityToken class or objects * SecurityTokenKeyfilesDialog preparation * Implemennt GetAvailableTokens in Token class on windows * merge * up (patching for Windows) * foreach Token.cpp corrected * Display EMV keyfiles on first window in graphic interface * Add token to Windows UI * EMVToken selection on OKButton on Linux * Keyfile.cpp optimization * Move getKeyfileData in the token class * EMV::Token GetAvailableKeyfiles() base * Move getKeyfileData in the token class on unix * Remove test comments * Warnings resolved * RemoveeSecurityTokenLibraryNotInitialized exception if at least one emv token is detected * Adding new files * Remove old files and add the new version to the windows project * Change make_shared to shared_ptr constructor * IccExtractor integration working on linux * Throwing card not EMV execption * catch error when not EMV type in EMVToken::GetAvailableKeyfiles * Change types to compile on windows * list all keyfiles, security keyfiles and emv keyfiles in command line * Change type to be coherent and remove old todo comments * Remove todo comments * Change indentation and resolve a bug from previous commit * Use polymorphism for GetKeyfileData and add export option for EMVTokens on Linux * Linux : Allow to export EMV Tokens in command lines, Windows : Disable the delete button when EMV Keyfiles are selected * Remove SlotId from TokenInfo as it is already in Token * Correct errors on Linux * Disable delete option if one EMV Token is selected on Linux * Fix bug enabling delete button if nothing is selected * emv data used as reference then burnt * use of normal files in linux corrected * help updated * help updated for export functionnality * option EMV added to graphic interface but not yet working * Bug fix : Allow to use multiple EMV on windows * EMV Option added to UserPreferences * EMV Option working for Linux * EMV option added to Windows (not working yet) * [NOT TESTED] EMV option for Windows * Working EMV option on Windows * EMV Option for data extraction working for volume creation * EMV Option for data extraction working for Mount * EMV Option for data extraction working for mounting favorites volumes * EMV Option for extraction working for Changing volume password, Set Derivation Key Algorithm and Add or remove keyfile from volume * Windows : re-checking EMV Option when getting data * Removing error catches in the IccDataExtractor classe (It only throws error now). Changing GetPan signature to resemble the other functions signatures more * Changing EMV errors - Only throwing ICCExtractionException from outside of the ICC module. - Catching all TLVExceptions and PCSCExceptions to throw the right ICCExtractionException - Deleting APDU exceptions. * First version of the documentation * Adding function pointers for winscard library (but it crashes VeraCrypt) * Debugging function pointers * The import of the library on windows work as expected now * Reverting EMVToken.cpp changes used to test to library import * Searching for the System32 path instead of hard codding it * Fixing the bug were VeraCrypt crashes if there is no readers when "add Token files" is clicked * Winscard library not initialized in object constructor anymore to delay it after EMVOption check * Remove winscard lib from windows dependencies * Properly displaying errors * Adding a dot in Language.xml * Catching TLVException * Removing unused code * Remove unusefull comments * Trying to fix 0x1f error * Update IccDataExtractor.cpp * Delete History.xml * Fix get data without get pan * Cleanup code * changes for linux compilation but linking not working * error handling for linux * erasing emv data * Burn PAN * Burn PAN from memory * Uncomment selfcheck before merging master * burn corrected * EMV errors handling for Linux * EMV working for Linux CLI * Doc : Winscard Linux package and VeraCrypt versions --------- Co-authored-by: doriandu45 <d45.poubelle@gmail.com> Co-authored-by: red4game <redemgaiming@gmail.com> Co-authored-by: Brice.Namy <brice.namy@insa-rennes.fr> Co-authored-by: vocthor <pieceo108@gmail.com> Co-authored-by: vocthor <67202139+vocthor@users.noreply.github.com> Co-authored-by: Andrei COCAN <andrei.cocan@insa-rennes.fr> Co-authored-by: AndreiCocan <95496161+AndreiCocan@users.noreply.github.com> Co-authored-by: francoisLEROUX <francois3443@gmail.com>
Diffstat (limited to 'src/Volume')
-rw-r--r--src/Volume/Keyfile.cpp84
-rw-r--r--src/Volume/Keyfile.h4
-rw-r--r--src/Volume/Volume.cpp9
-rw-r--r--src/Volume/Volume.h4
-rw-r--r--src/Volume/Volume.make4
5 files changed, 53 insertions, 52 deletions
diff --git a/src/Volume/Keyfile.cpp b/src/Volume/Keyfile.cpp
index d171458c..9527fd11 100644
--- a/src/Volume/Keyfile.cpp
+++ b/src/Volume/Keyfile.cpp
@@ -12,13 +12,13 @@
#include "Platform/Serializer.h"
#include "Common/SecurityToken.h"
+#include "Common/EMVToken.h"
#include "Crc32.h"
#include "Keyfile.h"
#include "VolumeException.h"
-
namespace VeraCrypt
{
- void Keyfile::Apply (const BufferPtr &pool) const
+ void Keyfile::Apply (const BufferPtr &pool, bool EMVOption) const
{
if (Path.IsDirectory())
throw ParameterIncorrect (SRC_POS);
@@ -32,61 +32,57 @@ namespace VeraCrypt
SecureBuffer keyfileBuf (File::GetOptimalReadSize());
- if (SecurityToken::IsKeyfilePathValid (Path))
- {
- // Apply keyfile generated by a security token
- vector <byte> keyfileData;
- SecurityToken::GetKeyfileData (SecurityTokenKeyfile (wstring (Path)), keyfileData);
+ std::wcout << wstring (Path) << std::endl;
+ if (Token::IsKeyfilePathValid (Path, EMVOption)) {
+ // Apply keyfile generated by a security token
+ vector <byte> keyfileData;
+ Token::getTokenKeyfile(wstring(Path))->GetKeyfileData(keyfileData);
- if (keyfileData.size() < MinProcessedLength)
- throw InsufficientData (SRC_POS, Path);
+ if (keyfileData.size() < MinProcessedLength)
+ throw InsufficientData(SRC_POS, Path);
- for (size_t i = 0; i < keyfileData.size(); i++)
- {
- uint32 crc = crc32.Process (keyfileData[i]);
+ for (size_t i = 0; i < keyfileData.size(); i++) {
+ uint32 crc = crc32.Process(keyfileData[i]);
- pool[poolPos++] += (byte) (crc >> 24);
- pool[poolPos++] += (byte) (crc >> 16);
- pool[poolPos++] += (byte) (crc >> 8);
- pool[poolPos++] += (byte) crc;
+ pool[poolPos++] += (byte)(crc >> 24);
+ pool[poolPos++] += (byte)(crc >> 16);
+ pool[poolPos++] += (byte)(crc >> 8);
+ pool[poolPos++] += (byte) crc;
- if (poolPos >= pool.Size())
- poolPos = 0;
-
- if (++totalLength >= MaxProcessedLength)
- break;
- }
+ if (poolPos >= pool.Size())
+ poolPos = 0;
- burn (&keyfileData.front(), keyfileData.size());
- goto done;
- }
+ if (++totalLength >= MaxProcessedLength)
+ break;
+ }
- file.Open (Path, File::OpenRead, File::ShareRead);
- while ((readLength = file.Read (keyfileBuf)) > 0)
- {
- for (size_t i = 0; i < readLength; i++)
- {
- uint32 crc = crc32.Process (keyfileBuf[i]);
+ burn(&keyfileData.front(), keyfileData.size());
+ goto done;
+ }
- pool[poolPos++] += (byte) (crc >> 24);
- pool[poolPos++] += (byte) (crc >> 16);
- pool[poolPos++] += (byte) (crc >> 8);
- pool[poolPos++] += (byte) crc;
+ file.Open (Path, File::OpenRead, File::ShareRead);
- if (poolPos >= pool.Size())
- poolPos = 0;
+ while ((readLength = file.Read (keyfileBuf)) > 0) {
+ for (size_t i = 0; i < readLength; i++) {
+ uint32 crc = crc32.Process(keyfileBuf[i]);
+ pool[poolPos++] += (byte)(crc >> 24);
+ pool[poolPos++] += (byte)(crc >> 16);
+ pool[poolPos++] += (byte)(crc >> 8);
+ pool[poolPos++] += (byte) crc;
+ if (poolPos >= pool.Size())
+ poolPos = 0;
+ if (++totalLength >= MaxProcessedLength)
+ goto done;
+ }
+ }
+ done:
- if (++totalLength >= MaxProcessedLength)
- goto done;
- }
- }
-done:
if (totalLength < MinProcessedLength)
throw InsufficientData (SRC_POS, Path);
}
- shared_ptr <VolumePassword> Keyfile::ApplyListToPassword (shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> password)
+ shared_ptr <VolumePassword> Keyfile::ApplyListToPassword (shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> password, bool EMVOption)
{
if (!password)
password.reset (new VolumePassword);
@@ -143,7 +139,7 @@ done:
// Apply all keyfiles
foreach_ref (const Keyfile &k, keyfilesExp)
{
- k.Apply (keyfilePool);
+ k.Apply (keyfilePool, EMVOption);
}
newPassword->Set (keyfilePool);
diff --git a/src/Volume/Keyfile.h b/src/Volume/Keyfile.h
index 04674178..bf0a524b 100644
--- a/src/Volume/Keyfile.h
+++ b/src/Volume/Keyfile.h
@@ -29,7 +29,7 @@ namespace VeraCrypt
virtual ~Keyfile () { };
operator FilesystemPath () const { return Path; }
- static shared_ptr <VolumePassword> ApplyListToPassword (shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> password);
+ static shared_ptr <VolumePassword> ApplyListToPassword (shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> password, bool EMVOption = false);
static shared_ptr <KeyfileList> DeserializeList (shared_ptr <Stream> stream, const string &name);
static void SerializeList (shared_ptr <Stream> stream, const string &name, shared_ptr <KeyfileList> keyfiles);
static bool WasHiddenFilePresentInKeyfilePath() { bool r = HiddenFileWasPresentInKeyfilePath; HiddenFileWasPresentInKeyfilePath = false; return r; }
@@ -38,7 +38,7 @@ namespace VeraCrypt
static const size_t MaxProcessedLength = 1024 * 1024;
protected:
- void Apply (const BufferPtr &pool) const;
+ void Apply (const BufferPtr &pool, bool EMVOption) const;
static bool HiddenFileWasPresentInKeyfilePath;
diff --git a/src/Volume/Volume.cpp b/src/Volume/Volume.cpp
index c4a21b3e..6fb906b6 100644
--- a/src/Volume/Volume.cpp
+++ b/src/Volume/Volume.cpp
@@ -71,7 +71,7 @@ namespace VeraCrypt
return EA->GetMode();
}
- void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, bool EMVOption, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr <Pkcs5Kdf> protectionKdf, shared_ptr <KeyfileList> protectionKeyfiles, bool sharedAccessAllowed, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
make_shared_auto (File, file);
@@ -102,10 +102,10 @@ namespace VeraCrypt
throw;
}
- return Open (file, password, pim, kdf, truecryptMode, keyfiles, protection, protectionPassword, protectionPim, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
+ return Open (file, password, pim, kdf, truecryptMode, keyfiles, EMVOption, protection, protectionPassword, protectionPim, protectionKdf,protectionKeyfiles, volumeType, useBackupHeaders, partitionInSystemEncryptionScope);
}
- void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
+ void Volume::Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, bool EMVOption, VolumeProtection::Enum protection, shared_ptr <VolumePassword> protectionPassword, int protectionPim, shared_ptr <Pkcs5Kdf> protectionKdf,shared_ptr <KeyfileList> protectionKeyfiles, VolumeType::Enum volumeType, bool useBackupHeaders, bool partitionInSystemEncryptionScope)
{
if (!volumeFile)
throw ParameterIncorrect (SRC_POS);
@@ -121,7 +121,7 @@ namespace VeraCrypt
try
{
VolumeHostSize = VolumeFile->Length();
- shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (keyfiles, password);
+ shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (keyfiles, password, EMVOption);
bool skipLayoutV1Normal = false;
@@ -249,6 +249,7 @@ namespace VeraCrypt
protectedVolume.Open (VolumeFile,
protectionPassword, protectionPim, protectionKdf, truecryptMode, protectionKeyfiles,
+ EMVOption,
VolumeProtection::ReadOnly,
shared_ptr <VolumePassword> (), 0, shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> (),
VolumeType::Hidden,
diff --git a/src/Volume/Volume.h b/src/Volume/Volume.h
index a743a161..85fdbe41 100644
--- a/src/Volume/Volume.h
+++ b/src/Volume/Volume.h
@@ -123,8 +123,8 @@ namespace VeraCrypt
uint64 GetVolumeCreationTime () const { return Header->GetVolumeCreationTime(); }
bool IsHiddenVolumeProtectionTriggered () const { return HiddenVolumeProtectionTriggered; }
bool IsInSystemEncryptionScope () const { return SystemEncryption; }
- void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
- void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (const VolumePath &volumePath, bool preserveTimestamps, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, bool EMVOption, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (),shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), bool sharedAccessAllowed = false, VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
+ void Open (shared_ptr <File> volumeFile, shared_ptr <VolumePassword> password, int pim, shared_ptr <Pkcs5Kdf> kdf, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, bool EMVOption, VolumeProtection::Enum protection = VolumeProtection::None, shared_ptr <VolumePassword> protectionPassword = shared_ptr <VolumePassword> (), int protectionPim = 0, shared_ptr <Pkcs5Kdf> protectionKdf = shared_ptr <Pkcs5Kdf> (), shared_ptr <KeyfileList> protectionKeyfiles = shared_ptr <KeyfileList> (), VolumeType::Enum volumeType = VolumeType::Unknown, bool useBackupHeaders = false, bool partitionInSystemEncryptionScope = false);
void ReadSectors (const BufferPtr &buffer, uint64 byteOffset);
void ReEncryptHeader (bool backupHeader, const ConstBufferPtr &newSalt, const ConstBufferPtr &newHeaderKey, shared_ptr <Pkcs5Kdf> newPkcs5Kdf);
void WriteSectors (const ConstBufferPtr &buffer, uint64 byteOffset);
diff --git a/src/Volume/Volume.make b/src/Volume/Volume.make
index 91f40fb7..03e06eaa 100644
--- a/src/Volume/Volume.make
+++ b/src/Volume/Volume.make
@@ -96,11 +96,15 @@ OBJS += ../Crypto/kuznyechik_simd.o
OBJSNOOPT += ../Crypto/jitterentropy-base.o0
+OBJS += ../Common/Token.o
OBJS += ../Common/Crc.o
+OBJS += ../Common/TLVParser.o
+OBJS += ../Common/EMVToken.o
OBJS += ../Common/Endian.o
OBJS += ../Common/GfMul.o
OBJS += ../Common/Pkcs5.o
OBJS += ../Common/SecurityToken.o
+OBJS += ../Common/IccDataExtractor.o
VolumeLibrary: Volume.a