diff options
-rw-r--r-- | src/Common/Dlgcode.c | 4 | ||||
-rw-r--r-- | src/Common/Dlgcode.h | 2 | ||||
-rw-r--r-- | src/ExpandVolume/WinMain.cpp | 5 | ||||
-rw-r--r-- | src/Format/Tcformat.c | 12 | ||||
-rw-r--r-- | src/Main/Forms/MountOptionsDialog.cpp | 4 | ||||
-rw-r--r-- | src/Main/Forms/VolumePasswordPanel.cpp | 11 | ||||
-rw-r--r-- | src/Main/Forms/VolumePasswordPanel.h | 4 | ||||
-rw-r--r-- | src/Mount/Mount.c | 43 |
8 files changed, 57 insertions, 28 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 44cf623b..c8efe2a7 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -13047,13 +13047,15 @@ void SetPim (HWND hwndDlg, UINT ctrlId, int pim) SetDlgItemText (hwndDlg, ctrlId, L""); } -BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError) +BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bLegacyPassword, BOOL bShowError) { wchar_t tmp [MAX_PASSWORD + 1]; int utf8Len; BOOL bRet = FALSE; GetWindowText (GetDlgItem (hwndDlg, ctrlID), tmp, ARRAYSIZE (tmp)); + if (bLegacyPassword && (lstrlen (tmp) > MAX_LEGACY_PASSWORD)) + wmemset (&tmp[MAX_LEGACY_PASSWORD], 0, MAX_PASSWORD + 1 - MAX_LEGACY_PASSWORD); utf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, passValue, bufSize, NULL, NULL); burn (tmp, sizeof (tmp)); if (utf8Len > 0) diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index 00a49239..e97e50cf 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -515,7 +515,7 @@ BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath); BOOL IsApplicationInstalled (const wchar_t *appName); int GetPim (HWND hwndDlg, UINT ctrlId, int defaultPim); void SetPim (HWND hwndDlg, UINT ctrlId, int pim); -BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError); +BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bLegacyPassword, BOOL bShowError); void SetPassword (HWND hwndDlg, UINT ctrlID, char* passValue); void HandleShowPasswordFieldAction (HWND hwndDlg, UINT checkBoxId, UINT edit1Id, UINT edit2Id); HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid); diff --git a/src/ExpandVolume/WinMain.cpp b/src/ExpandVolume/WinMain.cpp index f6735891..7823ad12 100644 --- a/src/ExpandVolume/WinMain.cpp +++ b/src/ExpandVolume/WinMain.cpp @@ -673,17 +673,18 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA if (lw == IDOK) { + BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, PasswordDlgVolume); - if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE)) + if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, bTrueCryptMode, TRUE)) szXPwd->Length = (unsigned __int32) (strlen ((char *) szXPwd->Text)); else return 1; bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + *truecryptMode = bTrueCryptMode; *pim = GetPim (hwndDlg, IDC_PIM, 0); diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index e91a5bf6..cbd0eec5 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -5755,7 +5755,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa { if (hw == EN_CHANGE) { - GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE); + GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE, FALSE); volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); return 1; } @@ -7575,7 +7575,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa } // Store the password in case we need to restore it after keyfile is applied to it - if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), TRUE)) + if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE, TRUE)) return 1; if (!SysEncInEffect ()) @@ -7684,7 +7684,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa { WaitCursor (); - if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, TRUE)) + if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE, TRUE)) { NormalCursor (); return 1; @@ -7696,7 +7696,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa volumePim = GetPim (hCurPage, IDC_PIM, 0); // Store the password in case we need to restore it after keyfile is applied to it - if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, sizeof (szRawPassword), TRUE)) + if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, sizeof (szRawPassword), FALSE, TRUE)) { NormalCursor (); return 1; @@ -8791,7 +8791,7 @@ ovf_end: else if (nCurPageNo == PASSWORD_PAGE) { // Store the password in case we need to restore it after keyfile is applied to it - GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE); + GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE, FALSE); VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT), GetDlgItem (hCurPage, IDC_PASSWORD), @@ -8833,7 +8833,7 @@ ovf_end: || nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE) { // Store the password in case we need to restore it after keyfile is applied to it - GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, MAX_PASSWORD + 1, FALSE); + GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, MAX_PASSWORD + 1, FALSE, FALSE); memcpy (volumePassword.Text, szRawPassword, MAX_PASSWORD + 1); volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text); diff --git a/src/Main/Forms/MountOptionsDialog.cpp b/src/Main/Forms/MountOptionsDialog.cpp index c980133f..c54ff8e6 100644 --- a/src/Main/Forms/MountOptionsDialog.cpp +++ b/src/Main/Forms/MountOptionsDialog.cpp @@ -133,7 +133,7 @@ namespace VeraCrypt try { - Options.Password = PasswordPanel->GetPassword(); + Options.Password = PasswordPanel->GetPassword(Options.PartitionInSystemEncryptionScope); } catch (PasswordException& e) { @@ -165,7 +165,7 @@ namespace VeraCrypt { try { - Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword(); + Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword(Options.TrueCryptMode); } catch (PasswordException& e) { diff --git a/src/Main/Forms/VolumePasswordPanel.cpp b/src/Main/Forms/VolumePasswordPanel.cpp index 9bce4c75..2859762c 100644 --- a/src/Main/Forms/VolumePasswordPanel.cpp +++ b/src/Main/Forms/VolumePasswordPanel.cpp @@ -219,15 +219,16 @@ namespace VeraCrypt SetPimValidator (); } - shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword () const + shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword (bool bForceLegacyPassword) const { - return GetPassword (PasswordTextCtrl); + return GetPassword (PasswordTextCtrl, bForceLegacyPassword || GetTrueCryptMode()); } - shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword (wxTextCtrl *textCtrl) const + shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword (wxTextCtrl *textCtrl, bool bLegacyPassword) const { shared_ptr <VolumePassword> password; wchar_t passwordBuf[VolumePassword::MaxSize + 1]; + size_t maxPasswordLength = bLegacyPassword? VolumePassword::MaxLegacySize: VolumePassword::MaxSize; finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast <byte *> (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); }); #ifdef TC_WINDOWS @@ -235,12 +236,12 @@ namespace VeraCrypt password = ToUTF8Password (passwordBuf, len); #else wxString passwordStr (textCtrl->GetValue()); // A copy of the password is created here by wxWidgets, which cannot be erased - for (size_t i = 0; i < passwordStr.size() && i < VolumePassword::MaxSize; ++i) + for (size_t i = 0; i < passwordStr.size() && i < maxPasswordLength; ++i) { passwordBuf[i] = (wchar_t) passwordStr[i]; passwordStr[i] = L'X'; } - password = ToUTF8Password (passwordBuf, passwordStr.size() <= VolumePassword::MaxSize ? passwordStr.size() : VolumePassword::MaxSize); + password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength); #endif return password; } diff --git a/src/Main/Forms/VolumePasswordPanel.h b/src/Main/Forms/VolumePasswordPanel.h index 83efc2ff..cac6c37b 100644 --- a/src/Main/Forms/VolumePasswordPanel.h +++ b/src/Main/Forms/VolumePasswordPanel.h @@ -27,7 +27,7 @@ namespace VeraCrypt void AddKeyfile (shared_ptr <Keyfile> keyfile); shared_ptr <KeyfileList> GetKeyfiles () const { return UseKeyfilesCheckBox->IsChecked() ? Keyfiles : shared_ptr <KeyfileList> (); } - shared_ptr <VolumePassword> GetPassword () const; + shared_ptr <VolumePassword> GetPassword (bool bForceLegacyPassword = false) const; shared_ptr <Pkcs5Kdf> GetPkcs5Kdf (bool &bUnsupportedKdf) const; shared_ptr <Pkcs5Kdf> GetPkcs5Kdf (bool bTrueCryptMode, bool &bUnsupportedKdf) const; int GetVolumePim () const; @@ -49,7 +49,7 @@ namespace VeraCrypt protected: void SetPimValidator (); void DisplayPassword (bool display, wxTextCtrl **textCtrl, int row); - shared_ptr <VolumePassword> GetPassword (wxTextCtrl *textCtrl) const; + shared_ptr <VolumePassword> GetPassword (wxTextCtrl *textCtrl, bool bLegacyPassword = false) const; void OnAddKeyfileDirMenuItemSelected (wxCommandEvent& event); void OnAddKeyfilesMenuItemSelected (wxCommandEvent& event); void OnAddSecurityTokenSignatureMenuItemSelected (wxCommandEvent& event); diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 4756874a..1ada1b86 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -2733,7 +2733,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR GetVolumePath (hParent, szFileName, ARRAYSIZE (szFileName)); - if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, sizeof (oldPassword.Text), TRUE)) + if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, sizeof (oldPassword.Text), truecryptMode, TRUE)) oldPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text); else { @@ -2751,7 +2751,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR break; default: - if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) newPassword.Text, sizeof (newPassword.Text), TRUE)) + if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) newPassword.Text, sizeof (newPassword.Text), FALSE, TRUE)) newPassword.Length = (unsigned __int32) strlen ((char *) newPassword.Text); else return 1; @@ -3155,17 +3155,18 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa if (lw == IDOK) { + BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles) KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, wcslen (PasswordDlgVolume) > 0 ? PasswordDlgVolume : NULL); - if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE)) + if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, bTrueCryptMode, TRUE)) szXPwd->Length = (unsigned __int32) strlen ((char *) szXPwd->Text); else return 1; bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE)); *pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0); - *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE); + *truecryptMode = bTrueCryptMode; *pim = GetPim (hwndDlg, IDC_PIM, 0); @@ -3717,7 +3718,7 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM { GetPassword (hwndDlg, IDC_PASSWORD_PROT_HIDVOL, (LPSTR) mountOptions->ProtectedHidVolPassword.Text, MAX_PASSWORD + 1, - FALSE); + FALSE, FALSE); mountOptions->ProtectedHidVolPassword.Length = (unsigned __int32) strlen ((char *) mountOptions->ProtectedHidVolPassword.Text); @@ -8798,6 +8799,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) wchar_t **lpszCommandLineArgs = NULL; /* Array of command line arguments */ int nNoCommandLineArgs; /* The number of arguments in the array */ wchar_t tmpPath[MAX_PATH * 2]; + wchar_t CmdRawPassword[MAX_PASSWORD + 1]; /* Raw value of password passed from command line */ /* Defaults */ mountOptions.PreserveTimestamp = TRUE; @@ -9119,19 +9121,20 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) case OptionPassword: { - wchar_t szTmp[MAX_PASSWORD + 1]; if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs, - szTmp, ARRAYSIZE (szTmp))) + CmdRawPassword, ARRAYSIZE (CmdRawPassword))) { - int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); - burn (szTmp, sizeof (szTmp)); + int iLen = WideCharToMultiByte (CP_UTF8, 0, CmdRawPassword, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); if (iLen > 0) { CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); CmdVolumePasswordValid = TRUE; } else + { + burn (CmdRawPassword, sizeof (CmdRawPassword)); AbortProcess ("COMMAND_LINE_ERROR"); + } } else AbortProcess ("COMMAND_LINE_ERROR"); @@ -9285,6 +9288,28 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine) } } + if (CmdVolumePasswordValid && (CmdVolumeTrueCryptMode || (CmdMountOptionsValid && bPrebootPasswordDlgMode))) + { + /* truncate the password to 64 first characer in case of TrueCrypt Mode or System Encryption */ + if (lstrlen (CmdRawPassword) > MAX_LEGACY_PASSWORD) + { + int iLen; + wmemset (&CmdRawPassword[MAX_LEGACY_PASSWORD], 0, MAX_PASSWORD + 1 - MAX_LEGACY_PASSWORD); + iLen = WideCharToMultiByte (CP_UTF8, 0, CmdRawPassword, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL); + if (iLen > 0) + { + CmdVolumePassword.Length = (unsigned __int32) (iLen - 1); + } + else + { + burn (CmdRawPassword, sizeof (CmdRawPassword)); + AbortProcess ("COMMAND_LINE_ERROR"); + } + } + } + + burn (CmdRawPassword, sizeof (CmdRawPassword)); + /* Free up the command line arguments */ while (--nNoCommandLineArgs >= 0) { |