VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/Common/Dlgcode.c4
-rw-r--r--src/Common/Dlgcode.h2
-rw-r--r--src/ExpandVolume/WinMain.cpp5
-rw-r--r--src/Format/Tcformat.c12
-rw-r--r--src/Main/Forms/MountOptionsDialog.cpp4
-rw-r--r--src/Main/Forms/VolumePasswordPanel.cpp11
-rw-r--r--src/Main/Forms/VolumePasswordPanel.h4
-rw-r--r--src/Mount/Mount.c43
8 files changed, 57 insertions, 28 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c
index 44cf623b..c8efe2a7 100644
--- a/src/Common/Dlgcode.c
+++ b/src/Common/Dlgcode.c
@@ -13047,13 +13047,15 @@ void SetPim (HWND hwndDlg, UINT ctrlId, int pim)
SetDlgItemText (hwndDlg, ctrlId, L"");
}
-BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError)
+BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bLegacyPassword, BOOL bShowError)
{
wchar_t tmp [MAX_PASSWORD + 1];
int utf8Len;
BOOL bRet = FALSE;
GetWindowText (GetDlgItem (hwndDlg, ctrlID), tmp, ARRAYSIZE (tmp));
+ if (bLegacyPassword && (lstrlen (tmp) > MAX_LEGACY_PASSWORD))
+ wmemset (&tmp[MAX_LEGACY_PASSWORD], 0, MAX_PASSWORD + 1 - MAX_LEGACY_PASSWORD);
utf8Len = WideCharToMultiByte (CP_UTF8, 0, tmp, -1, passValue, bufSize, NULL, NULL);
burn (tmp, sizeof (tmp));
if (utf8Len > 0)
diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h
index 00a49239..e97e50cf 100644
--- a/src/Common/Dlgcode.h
+++ b/src/Common/Dlgcode.h
@@ -515,7 +515,7 @@ BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath);
BOOL IsApplicationInstalled (const wchar_t *appName);
int GetPim (HWND hwndDlg, UINT ctrlId, int defaultPim);
void SetPim (HWND hwndDlg, UINT ctrlId, int pim);
-BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bShowError);
+BOOL GetPassword (HWND hwndDlg, UINT ctrlID, char* passValue, int bufSize, BOOL bLegacyPassword, BOOL bShowError);
void SetPassword (HWND hwndDlg, UINT ctrlID, char* passValue);
void HandleShowPasswordFieldAction (HWND hwndDlg, UINT checkBoxId, UINT edit1Id, UINT edit2Id);
HKEY OpenDeviceClassRegKey (const GUID *deviceClassGuid);
diff --git a/src/ExpandVolume/WinMain.cpp b/src/ExpandVolume/WinMain.cpp
index f6735891..7823ad12 100644
--- a/src/ExpandVolume/WinMain.cpp
+++ b/src/ExpandVolume/WinMain.cpp
@@ -673,17 +673,18 @@ BOOL CALLBACK ExtcvPasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARA
if (lw == IDOK)
{
+ BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles)
KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, PasswordDlgVolume);
- if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE))
+ if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, bTrueCryptMode, TRUE))
szXPwd->Length = (unsigned __int32) (strlen ((char *) szXPwd->Text));
else
return 1;
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
- *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
+ *truecryptMode = bTrueCryptMode;
*pim = GetPim (hwndDlg, IDC_PIM, 0);
diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c
index e91a5bf6..cbd0eec5 100644
--- a/src/Format/Tcformat.c
+++ b/src/Format/Tcformat.c
@@ -5755,7 +5755,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (hw == EN_CHANGE)
{
- GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE);
+ GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE, FALSE);
volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
return 1;
}
@@ -7575,7 +7575,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
}
// Store the password in case we need to restore it after keyfile is applied to it
- if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), TRUE))
+ if (!GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE, TRUE))
return 1;
if (!SysEncInEffect ())
@@ -7684,7 +7684,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
WaitCursor ();
- if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, TRUE))
+ if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, (char*) volumePassword.Text, MAX_PASSWORD + 1, FALSE, TRUE))
{
NormalCursor ();
return 1;
@@ -7696,7 +7696,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
volumePim = GetPim (hCurPage, IDC_PIM, 0);
// Store the password in case we need to restore it after keyfile is applied to it
- if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, sizeof (szRawPassword), TRUE))
+ if (!GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, sizeof (szRawPassword), FALSE, TRUE))
{
NormalCursor ();
return 1;
@@ -8791,7 +8791,7 @@ ovf_end:
else if (nCurPageNo == PASSWORD_PAGE)
{
// Store the password in case we need to restore it after keyfile is applied to it
- GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE);
+ GetPassword (hCurPage, IDC_PASSWORD, szRawPassword, sizeof (szRawPassword), FALSE, FALSE);
VerifyPasswordAndUpdate (hwndDlg, GetDlgItem (MainDlg, IDC_NEXT),
GetDlgItem (hCurPage, IDC_PASSWORD),
@@ -8833,7 +8833,7 @@ ovf_end:
|| nCurPageNo == NONSYS_INPLACE_ENC_RESUME_PASSWORD_PAGE)
{
// Store the password in case we need to restore it after keyfile is applied to it
- GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, MAX_PASSWORD + 1, FALSE);
+ GetPassword (hCurPage, IDC_PASSWORD_DIRECT, szRawPassword, MAX_PASSWORD + 1, FALSE, FALSE);
memcpy (volumePassword.Text, szRawPassword, MAX_PASSWORD + 1);
volumePassword.Length = (unsigned __int32) strlen ((char *) volumePassword.Text);
diff --git a/src/Main/Forms/MountOptionsDialog.cpp b/src/Main/Forms/MountOptionsDialog.cpp
index c980133f..c54ff8e6 100644
--- a/src/Main/Forms/MountOptionsDialog.cpp
+++ b/src/Main/Forms/MountOptionsDialog.cpp
@@ -133,7 +133,7 @@ namespace VeraCrypt
try
{
- Options.Password = PasswordPanel->GetPassword();
+ Options.Password = PasswordPanel->GetPassword(Options.PartitionInSystemEncryptionScope);
}
catch (PasswordException& e)
{
@@ -165,7 +165,7 @@ namespace VeraCrypt
{
try
{
- Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword();
+ Options.ProtectionPassword = ProtectionPasswordPanel->GetPassword(Options.TrueCryptMode);
}
catch (PasswordException& e)
{
diff --git a/src/Main/Forms/VolumePasswordPanel.cpp b/src/Main/Forms/VolumePasswordPanel.cpp
index 9bce4c75..2859762c 100644
--- a/src/Main/Forms/VolumePasswordPanel.cpp
+++ b/src/Main/Forms/VolumePasswordPanel.cpp
@@ -219,15 +219,16 @@ namespace VeraCrypt
SetPimValidator ();
}
- shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword () const
+ shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword (bool bForceLegacyPassword) const
{
- return GetPassword (PasswordTextCtrl);
+ return GetPassword (PasswordTextCtrl, bForceLegacyPassword || GetTrueCryptMode());
}
- shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword (wxTextCtrl *textCtrl) const
+ shared_ptr <VolumePassword> VolumePasswordPanel::GetPassword (wxTextCtrl *textCtrl, bool bLegacyPassword) const
{
shared_ptr <VolumePassword> password;
wchar_t passwordBuf[VolumePassword::MaxSize + 1];
+ size_t maxPasswordLength = bLegacyPassword? VolumePassword::MaxLegacySize: VolumePassword::MaxSize;
finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast <byte *> (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); });
#ifdef TC_WINDOWS
@@ -235,12 +236,12 @@ namespace VeraCrypt
password = ToUTF8Password (passwordBuf, len);
#else
wxString passwordStr (textCtrl->GetValue()); // A copy of the password is created here by wxWidgets, which cannot be erased
- for (size_t i = 0; i < passwordStr.size() && i < VolumePassword::MaxSize; ++i)
+ for (size_t i = 0; i < passwordStr.size() && i < maxPasswordLength; ++i)
{
passwordBuf[i] = (wchar_t) passwordStr[i];
passwordStr[i] = L'X';
}
- password = ToUTF8Password (passwordBuf, passwordStr.size() <= VolumePassword::MaxSize ? passwordStr.size() : VolumePassword::MaxSize);
+ password = ToUTF8Password (passwordBuf, passwordStr.size() <= maxPasswordLength ? passwordStr.size() : maxPasswordLength);
#endif
return password;
}
diff --git a/src/Main/Forms/VolumePasswordPanel.h b/src/Main/Forms/VolumePasswordPanel.h
index 83efc2ff..cac6c37b 100644
--- a/src/Main/Forms/VolumePasswordPanel.h
+++ b/src/Main/Forms/VolumePasswordPanel.h
@@ -27,7 +27,7 @@ namespace VeraCrypt
void AddKeyfile (shared_ptr <Keyfile> keyfile);
shared_ptr <KeyfileList> GetKeyfiles () const { return UseKeyfilesCheckBox->IsChecked() ? Keyfiles : shared_ptr <KeyfileList> (); }
- shared_ptr <VolumePassword> GetPassword () const;
+ shared_ptr <VolumePassword> GetPassword (bool bForceLegacyPassword = false) const;
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf (bool &bUnsupportedKdf) const;
shared_ptr <Pkcs5Kdf> GetPkcs5Kdf (bool bTrueCryptMode, bool &bUnsupportedKdf) const;
int GetVolumePim () const;
@@ -49,7 +49,7 @@ namespace VeraCrypt
protected:
void SetPimValidator ();
void DisplayPassword (bool display, wxTextCtrl **textCtrl, int row);
- shared_ptr <VolumePassword> GetPassword (wxTextCtrl *textCtrl) const;
+ shared_ptr <VolumePassword> GetPassword (wxTextCtrl *textCtrl, bool bLegacyPassword = false) const;
void OnAddKeyfileDirMenuItemSelected (wxCommandEvent& event);
void OnAddKeyfilesMenuItemSelected (wxCommandEvent& event);
void OnAddSecurityTokenSignatureMenuItemSelected (wxCommandEvent& event);
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 4756874a..1ada1b86 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -2733,7 +2733,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
GetVolumePath (hParent, szFileName, ARRAYSIZE (szFileName));
- if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, sizeof (oldPassword.Text), TRUE))
+ if (GetPassword (hwndDlg, IDC_OLD_PASSWORD, (LPSTR) oldPassword.Text, sizeof (oldPassword.Text), truecryptMode, TRUE))
oldPassword.Length = (unsigned __int32) strlen ((char *) oldPassword.Text);
else
{
@@ -2751,7 +2751,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
break;
default:
- if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) newPassword.Text, sizeof (newPassword.Text), TRUE))
+ if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) newPassword.Text, sizeof (newPassword.Text), FALSE, TRUE))
newPassword.Length = (unsigned __int32) strlen ((char *) newPassword.Text);
else
return 1;
@@ -3155,17 +3155,18 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
if (lw == IDOK)
{
+ BOOL bTrueCryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
if (mountOptions.ProtectHiddenVolume && hidVolProtKeyFilesParam.EnableKeyFiles)
KeyFilesApply (hwndDlg, &mountOptions.ProtectedHidVolPassword, hidVolProtKeyFilesParam.FirstKeyFile, wcslen (PasswordDlgVolume) > 0 ? PasswordDlgVolume : NULL);
- if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, TRUE))
+ if (GetPassword (hwndDlg, IDC_PASSWORD, (LPSTR) szXPwd->Text, MAX_PASSWORD + 1, bTrueCryptMode, TRUE))
szXPwd->Length = (unsigned __int32) strlen ((char *) szXPwd->Text);
else
return 1;
bCacheInDriver = IsButtonChecked (GetDlgItem (hwndDlg, IDC_CACHE));
*pkcs5 = (int) SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETITEMDATA, SendMessage (GetDlgItem (hwndDlg, IDC_PKCS5_PRF_ID), CB_GETCURSEL, 0, 0), 0);
- *truecryptMode = GetCheckBox (hwndDlg, IDC_TRUECRYPT_MODE);
+ *truecryptMode = bTrueCryptMode;
*pim = GetPim (hwndDlg, IDC_PIM, 0);
@@ -3717,7 +3718,7 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
{
GetPassword (hwndDlg, IDC_PASSWORD_PROT_HIDVOL,
(LPSTR) mountOptions->ProtectedHidVolPassword.Text, MAX_PASSWORD + 1,
- FALSE);
+ FALSE, FALSE);
mountOptions->ProtectedHidVolPassword.Length = (unsigned __int32) strlen ((char *) mountOptions->ProtectedHidVolPassword.Text);
@@ -8798,6 +8799,7 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
wchar_t **lpszCommandLineArgs = NULL; /* Array of command line arguments */
int nNoCommandLineArgs; /* The number of arguments in the array */
wchar_t tmpPath[MAX_PATH * 2];
+ wchar_t CmdRawPassword[MAX_PASSWORD + 1]; /* Raw value of password passed from command line */
/* Defaults */
mountOptions.PreserveTimestamp = TRUE;
@@ -9119,19 +9121,20 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
case OptionPassword:
{
- wchar_t szTmp[MAX_PASSWORD + 1];
if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i, nNoCommandLineArgs,
- szTmp, ARRAYSIZE (szTmp)))
+ CmdRawPassword, ARRAYSIZE (CmdRawPassword)))
{
- int iLen = WideCharToMultiByte (CP_UTF8, 0, szTmp, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL);
- burn (szTmp, sizeof (szTmp));
+ int iLen = WideCharToMultiByte (CP_UTF8, 0, CmdRawPassword, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL);
if (iLen > 0)
{
CmdVolumePassword.Length = (unsigned __int32) (iLen - 1);
CmdVolumePasswordValid = TRUE;
}
else
+ {
+ burn (CmdRawPassword, sizeof (CmdRawPassword));
AbortProcess ("COMMAND_LINE_ERROR");
+ }
}
else
AbortProcess ("COMMAND_LINE_ERROR");
@@ -9285,6 +9288,28 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
}
}
+ if (CmdVolumePasswordValid && (CmdVolumeTrueCryptMode || (CmdMountOptionsValid && bPrebootPasswordDlgMode)))
+ {
+ /* truncate the password to 64 first characer in case of TrueCrypt Mode or System Encryption */
+ if (lstrlen (CmdRawPassword) > MAX_LEGACY_PASSWORD)
+ {
+ int iLen;
+ wmemset (&CmdRawPassword[MAX_LEGACY_PASSWORD], 0, MAX_PASSWORD + 1 - MAX_LEGACY_PASSWORD);
+ iLen = WideCharToMultiByte (CP_UTF8, 0, CmdRawPassword, -1, (char*) CmdVolumePassword.Text, MAX_PASSWORD + 1, NULL, NULL);
+ if (iLen > 0)
+ {
+ CmdVolumePassword.Length = (unsigned __int32) (iLen - 1);
+ }
+ else
+ {
+ burn (CmdRawPassword, sizeof (CmdRawPassword));
+ AbortProcess ("COMMAND_LINE_ERROR");
+ }
+ }
+ }
+
+ burn (CmdRawPassword, sizeof (CmdRawPassword));
+
/* Free up the command line arguments */
while (--nNoCommandLineArgs >= 0)
{