diff options
Diffstat (limited to 'src/Main')
-rw-r--r-- | src/Main/CommandLineInterface.cpp | 9 | ||||
-rw-r--r-- | src/Main/CommandLineInterface.h | 1 | ||||
-rw-r--r-- | src/Main/Forms/ChangePasswordDialog.cpp | 5 | ||||
-rw-r--r-- | src/Main/Forms/MainFrame.cpp | 7 | ||||
-rw-r--r-- | src/Main/Forms/MainFrame.h | 1 | ||||
-rw-r--r-- | src/Main/Forms/PreferencesDialog.cpp | 20 | ||||
-rw-r--r-- | src/Main/GraphicUserInterface.cpp | 30 | ||||
-rw-r--r-- | src/Main/GraphicUserInterface.h | 1 | ||||
-rw-r--r-- | src/Main/TextUserInterface.cpp | 27 | ||||
-rw-r--r-- | src/Main/UserInterface.cpp | 115 |
10 files changed, 165 insertions, 51 deletions
diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp index 1b4a0c1b..735cbeef 100644 --- a/src/Main/CommandLineInterface.cpp +++ b/src/Main/CommandLineInterface.cpp @@ -29,6 +29,7 @@ namespace VeraCrypt ArgPim (-1), ArgSize (0), ArgVolumeType (VolumeType::Unknown), + ArgAllowScreencapture (false), ArgDisableFileSizeCheck (false), ArgUseLegacyPassword (false), #if defined(TC_LINUX ) || defined (TC_FREEBSD) @@ -41,6 +42,9 @@ namespace VeraCrypt parser.SetSwitchChars (L"-"); +#if defined(TC_WINDOWS) || defined(TC_MACOSX) + parser.AddSwitch (L"", L"allow-screencapture", _("Allow window to be included in screenshots and screen captures (Windows/MacOS)")); +#endif parser.AddOption (L"", L"auto-mount", _("Auto mount device-hosted/favorite volumes")); parser.AddSwitch (L"", L"backup-headers", _("Backup volume headers")); parser.AddSwitch (L"", L"background-task", _("Start Background Task")); @@ -142,6 +146,11 @@ namespace VeraCrypt ArgMountOptions = Preferences.DefaultMountOptions; } +#if defined(TC_WINDOWS) || defined(TC_MACOSX) + ArgAllowScreencapture = parser.Found (L"allow-screencapture"); +#else + ArgAllowScreencapture = true; // Protection against screenshots is supported only on Windows and MacOS +#endif // Commands if (parser.Found (L"auto-mount", &str)) { diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h index 4003dc05..f773ca6f 100644 --- a/src/Main/CommandLineInterface.h +++ b/src/Main/CommandLineInterface.h @@ -84,6 +84,7 @@ namespace VeraCrypt VolumeInfoList ArgVolumes; VolumeType::Enum ArgVolumeType; shared_ptr<SecureBuffer> ArgTokenPin; + bool ArgAllowScreencapture; bool ArgDisableFileSizeCheck; bool ArgUseLegacyPassword; #if defined(TC_LINUX ) || defined (TC_FREEBSD) diff --git a/src/Main/Forms/ChangePasswordDialog.cpp b/src/Main/Forms/ChangePasswordDialog.cpp index 397ee693..39da8e60 100644 --- a/src/Main/Forms/ChangePasswordDialog.cpp +++ b/src/Main/Forms/ChangePasswordDialog.cpp @@ -171,6 +171,7 @@ namespace VeraCrypt RandomNumberGenerator::SetEnrichedByUserStatus (false); Gui->UserEnrichRandomPool (this, NewPasswordPanel->GetPkcs5Kdf() ? NewPasswordPanel->GetPkcs5Kdf()->GetHash() : shared_ptr <Hash>()); + bool masterKeyVulnerable = false; { #ifdef TC_UNIX // Temporarily take ownership of a device if the user is not an administrator @@ -193,6 +194,7 @@ namespace VeraCrypt CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(), CurrentPasswordPanel->GetKeyfiles(), newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled); Gui->ExecuteWaitThreadRoutine (this, &routine); + masterKeyVulnerable = routine.m_masterKeyVulnerable; } switch (DialogMode) @@ -214,6 +216,9 @@ namespace VeraCrypt throw ParameterIncorrect (SRC_POS); } + if (masterKeyVulnerable) + Gui->ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + EndModal (wxID_OK); } catch (UnportablePassword &e) diff --git a/src/Main/Forms/MainFrame.cpp b/src/Main/Forms/MainFrame.cpp index 6355f139..77f371d8 100644 --- a/src/Main/Forms/MainFrame.cpp +++ b/src/Main/Forms/MainFrame.cpp @@ -84,6 +84,7 @@ namespace VeraCrypt InitTaskBarIcon(); InitEvents(); InitMessageFilter(); + InitWindowPrivacy(); if (!GetPreferences().SecurityTokenModule.IsEmpty() && !SecurityToken::IsInitialized()) { @@ -470,6 +471,12 @@ namespace VeraCrypt #endif } + + void MainFrame::InitWindowPrivacy () + { + Gui->SetContentProtection(!CmdLine->ArgAllowScreencapture); + } + void MainFrame::InitPreferences () { try diff --git a/src/Main/Forms/MainFrame.h b/src/Main/Forms/MainFrame.h index ab70eae3..ed1c44f7 100644 --- a/src/Main/Forms/MainFrame.h +++ b/src/Main/Forms/MainFrame.h @@ -84,6 +84,7 @@ namespace VeraCrypt void InitMessageFilter (); void InitPreferences (); void InitTaskBarIcon (); + void InitWindowPrivacy(); bool IsFreeSlotSelected () const { return SlotListCtrl->GetSelectedItemCount() == 1 && Gui->GetListCtrlSubItemText (SlotListCtrl, SelectedItemIndex, ColumnPath).empty(); } bool IsMountedSlotSelected () const { return SlotListCtrl->GetSelectedItemCount() == 1 && !Gui->GetListCtrlSubItemText (SlotListCtrl, SelectedItemIndex, ColumnPath).empty(); } void LoadFavoriteVolumes (); diff --git a/src/Main/Forms/PreferencesDialog.cpp b/src/Main/Forms/PreferencesDialog.cpp index afc2871f..4e7644b6 100644 --- a/src/Main/Forms/PreferencesDialog.cpp +++ b/src/Main/Forms/PreferencesDialog.cpp @@ -108,6 +108,7 @@ namespace VeraCrypt {"ka", L"ქართული"}, {"ko", L"한국어"}, {"lv", L"Latviešu"}, + {"nb", L"Norsk Bokmål"}, {"nl", L"Nederlands"}, {"nn", L"Norsk Nynorsk"}, {"pl", L"Polski"}, @@ -129,13 +130,22 @@ namespace VeraCrypt if (wxDir::Exists(languagesFolder.GetName())) { size_t langCount; - langCount = wxDir::GetAllFiles(languagesFolder.GetName(), &langArray, wxEmptyString, wxDIR_FILES); + langCount = wxDir::GetAllFiles(languagesFolder.GetName(), &langArray, "*.xml", wxDIR_FILES); for (size_t i = 0; i < langCount; ++i) { wxFileName filename(langArray[i]); - wxString langId = filename.GetName().AfterLast('.'); - wxString langNative = langEntries[langId]; - if (!langNative.empty()) { - LanguageListBox->Append(langNative); + + // Get the name part of the file (without extension) + wxString basename = filename.GetName(); + + // Check if the basename matches the pattern "Language.langId" + if (basename.StartsWith("Language.")) { + wxString langId = basename.AfterFirst('.'); + + // Verify if the language ID exists in langEntries map + wxString langNative = langEntries[langId]; + if (!langNative.empty()) { + LanguageListBox->Append(langNative); + } } } } diff --git a/src/Main/GraphicUserInterface.cpp b/src/Main/GraphicUserInterface.cpp index 9169a548..1cb62671 100644 --- a/src/Main/GraphicUserInterface.cpp +++ b/src/Main/GraphicUserInterface.cpp @@ -191,6 +191,7 @@ namespace VeraCrypt hiddenVolumeMountOptions.Path = volumePath; VolumeType::Enum volumeType = VolumeType::Normal; + bool masterKeyVulnerable = false; // Open both types of volumes while (true) @@ -273,6 +274,13 @@ namespace VeraCrypt } } + // check if volume master key is vulnerable + if (volume->IsMasterKeyVulnerable()) + { + masterKeyVulnerable = true; + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + } + if (volumeType == VolumeType::Hidden) hiddenVolume = volume; else @@ -366,6 +374,10 @@ namespace VeraCrypt } ShowWarning ("VOL_HEADER_BACKED_UP"); + + // display again warning that master key is vulnerable + if (masterKeyVulnerable) + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); } void GraphicUserInterface::BeginInteractiveBusyState (wxWindow *window) @@ -1440,6 +1452,7 @@ namespace VeraCrypt /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); + bool masterKeyVulnerable = false; if (restoreInternalBackup) { // Restore header from the internal backup @@ -1492,6 +1505,8 @@ namespace VeraCrypt return; } + masterKeyVulnerable = volume->IsMasterKeyVulnerable(); + RandomNumberGenerator::Start(); UserEnrichRandomPool (nullptr); @@ -1590,6 +1605,7 @@ namespace VeraCrypt if (decryptRoutine.m_bResult) { + masterKeyVulnerable = layout->GetHeader()->IsMasterKeyVulnerable(); decryptedLayout = layout; break; } @@ -1645,6 +1661,12 @@ namespace VeraCrypt } ShowInfo ("VOL_HEADER_RESTORED"); + + // display warning if the volume master key is vulnerable + if (masterKeyVulnerable) + { + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + } } DevicePath GraphicUserInterface::SelectDevice (wxWindow *parent) const @@ -1852,6 +1874,14 @@ namespace VeraCrypt listCtrl->SetMinSize (wxSize (width, listCtrl->GetMinSize().GetHeight())); } + + void GraphicUserInterface::SetContentProtection (bool enable) const + { +#if defined(TC_WINDOWS) || defined(TC_MACOSX) + GetActiveWindow()->SetContentProtection(enable ? wxCONTENT_PROTECTION_ENABLED : wxCONTENT_PROTECTION_NONE); +#endif + } + void GraphicUserInterface::ShowErrorTopMost (const wxString &message) const { ShowMessage (message, wxOK | wxICON_ERROR, true); diff --git a/src/Main/GraphicUserInterface.h b/src/Main/GraphicUserInterface.h index d48b7973..d333551c 100644 --- a/src/Main/GraphicUserInterface.h +++ b/src/Main/GraphicUserInterface.h @@ -86,6 +86,7 @@ namespace VeraCrypt virtual void SetListCtrlColumnWidths (wxListCtrl *listCtrl, list <int> columnWidthPermilles, bool hasVerticalScrollbar = true) const; virtual void SetListCtrlHeight (wxListCtrl *listCtrl, size_t rowCount) const; virtual void SetListCtrlWidth (wxListCtrl *listCtrl, size_t charCount, bool hasVerticalScrollbar = true) const; + virtual void SetContentProtection(bool enable) const; virtual void ShowErrorTopMost (char *langStringId) const { ShowErrorTopMost (LangString[langStringId]); } virtual void ShowErrorTopMost (const wxString &message) const; virtual void ShowInfoTopMost (char *langStringId) const { ShowInfoTopMost (LangString[langStringId]); } diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp index 8494a45c..bc3f6f5a 100644 --- a/src/Main/TextUserInterface.cpp +++ b/src/Main/TextUserInterface.cpp @@ -314,6 +314,7 @@ namespace VeraCrypt hiddenVolumeMountOptions.EMVSupportEnabled = true; VolumeType::Enum volumeType = VolumeType::Normal; + bool masterKeyVulnerable = false; // Open both types of volumes while (true) @@ -387,6 +388,13 @@ namespace VeraCrypt } } + // check if volume master key is vulnerable + if (volume->IsMasterKeyVulnerable()) + { + masterKeyVulnerable = true; + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + } + if (volumeType == VolumeType::Hidden) hiddenVolume = volume; else @@ -454,6 +462,10 @@ namespace VeraCrypt ShowString (L"\n"); ShowInfo ("VOL_HEADER_BACKED_UP"); + + // display again warning that master key is vulnerable + if (masterKeyVulnerable) + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); } void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, int pim, shared_ptr <Hash> currentHash, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const @@ -532,6 +544,12 @@ namespace VeraCrypt break; } + // display warning if volume master key is vulnerable + if (volume->IsMasterKeyVulnerable()) + { + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + } + // New password if (!newPassword.get() && !Preferences.NonInteractive) newPassword = AskPassword (_("Enter new password"), true); @@ -1539,6 +1557,7 @@ namespace VeraCrypt /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); + bool masterKeyVulnerable = false; if (restoreInternalBackup) { // Restore header from the internal backup @@ -1586,6 +1605,8 @@ namespace VeraCrypt throw_err (LangString ["VOLUME_HAS_NO_BACKUP_HEADER"]); } + masterKeyVulnerable = volume->IsMasterKeyVulnerable(); + RandomNumberGenerator::Start(); UserEnrichRandomPool(); @@ -1673,6 +1694,7 @@ namespace VeraCrypt if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, layout->GetSupportedKeyDerivationFunctions(), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes())) { decryptedLayout = layout; + masterKeyVulnerable = layout->GetHeader()->IsMasterKeyVulnerable(); break; } } @@ -1723,6 +1745,11 @@ namespace VeraCrypt ShowString (L"\n"); ShowInfo ("VOL_HEADER_RESTORED"); + // display warning if the volume master key is vulnerable + if (masterKeyVulnerable) + { + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + } } void TextUserInterface::SetTerminalEcho (bool enable) diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp index 0f11ec0b..b216101a 100644 --- a/src/Main/UserInterface.cpp +++ b/src/Main/UserInterface.cpp @@ -652,6 +652,7 @@ namespace VeraCrypt bool protectedVolumeMounted = false; bool legacyVolumeMounted = false; + bool vulnerableVolumeMounted = false; foreach_ref (const HostDevice &device, devices) { @@ -694,6 +695,10 @@ namespace VeraCrypt if (newMountedVolumes.back()->EncryptionAlgorithmMinBlockSize == 8) legacyVolumeMounted = true; + + if (newMountedVolumes.back()->MasterKeyVulnerable) + vulnerableVolumeMounted = true; + } catch (DriverError&) { } catch (MissingVolumeData&) { } @@ -708,6 +713,9 @@ namespace VeraCrypt } else { + if (vulnerableVolumeMounted) + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + if (someVolumesShared) ShowWarning ("DEVICE_IN_USE_INFO"); @@ -741,10 +749,12 @@ namespace VeraCrypt favorite.ToMountOptions (options); + bool mountPerformed = false; if (Preferences.NonInteractive) { BusyScope busy (this); newMountedVolumes.push_back (Core->MountVolume (options)); + mountPerformed = true; } else { @@ -752,6 +762,7 @@ namespace VeraCrypt { BusyScope busy (this); newMountedVolumes.push_back (Core->MountVolume (options)); + mountPerformed = true; } catch (...) { @@ -769,6 +780,9 @@ namespace VeraCrypt newMountedVolumes.push_back (volume); } } + + if (mountPerformed && newMountedVolumes.back()->MasterKeyVulnerable) + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); } if (!newMountedVolumes.empty() && GetPreferences().CloseSecurityTokenSessionsAfterMount) @@ -805,6 +819,9 @@ namespace VeraCrypt } } + if (volume->MasterKeyVulnerable) + ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); + if (volume->EncryptionAlgorithmMinBlockSize == 8) ShowWarning ("WARN_64_BIT_BLOCK_CIPHER"); @@ -856,6 +873,14 @@ namespace VeraCrypt ShowWarning (e.mException); } +#if !defined(TC_WINDOWS) && !defined(TC_MACOSX) +// Function to check if a given executable exists and is executable +static bool IsExecutable(const string& exe) { + return wxFileName::IsFileExecutable("/usr/bin/" + exe) || + wxFileName::IsFileExecutable("/usr/local/bin/" + exe); +} +#endif + void UserInterface::OpenExplorerWindow (const DirectoryPath &path) { if (path.IsEmpty()) @@ -880,60 +905,58 @@ namespace VeraCrypt catch (exception &e) { ShowError (e); } #else - // MIME handler for directory seems to be unavailable through wxWidgets - wxString desktop = GetTraits()->GetDesktopEnvironment(); - bool xdgOpenPresent = wxFileName::IsFileExecutable (wxT("/usr/bin/xdg-open")) || wxFileName::IsFileExecutable (wxT("/usr/local/bin/xdg-open")); - bool nautilusPresent = wxFileName::IsFileExecutable (wxT("/usr/bin/nautilus")) || wxFileName::IsFileExecutable (wxT("/usr/local/bin/nautilus")); - - if (desktop == L"GNOME" || (desktop.empty() && !xdgOpenPresent && nautilusPresent)) - { - // args.push_back ("--no-default-window"); // This option causes nautilus not to launch under FreeBSD 11 - args.push_back ("--no-desktop"); - args.push_back (string (path)); - try - { - Process::Execute ("nautilus", args, 2000); + string directoryPath = string(path); + // Primary attempt: Use xdg-open + if (IsExecutable("xdg-open")) { + try { + args.push_back(directoryPath); + Process::Execute("xdg-open", args, 2000); + return; } catch (TimeOut&) { } - catch (exception &e) { ShowError (e); } + catch (exception&) {} } - else if (desktop == L"KDE") - { - try - { - args.push_back (string (path)); - Process::Execute ("dolphin", args, 2000); - } - catch (TimeOut&) { } - catch (exception&) - { + + // Fallback attempts: Try known file managers + const char* fallbackFileManagers[] = { "gio", "kioclient5", "kfmclient", "exo-open", "nautilus", "dolphin", "caja", "thunar", "pcmanfm" }; + const size_t numFileManagers = sizeof(fallbackFileManagers) / sizeof(fallbackFileManagers[0]); + + for (size_t i = 0; i < numFileManagers; ++i) { + const char* fm = fallbackFileManagers[i]; + if (IsExecutable(fm)) { args.clear(); - args.push_back ("openURL"); - args.push_back (string (path)); - try - { - Process::Execute ("kfmclient", args, 2000); + if (strcmp(fm, "gio") == 0) { + args.push_back("open"); + args.push_back(directoryPath); + } + else if (strcmp(fm, "kioclient5") == 0) { + args.push_back("exec"); + args.push_back(directoryPath); + } + else if (strcmp(fm, "kfmclient") == 0) { + args.push_back("openURL"); + args.push_back(directoryPath); + } + else if (strcmp(fm, "exo-open") == 0) { + args.push_back("--launch"); + args.push_back("FileManager"); + args.push_back(directoryPath); + } + else { + args.push_back(directoryPath); + } + + try { + Process::Execute(fm, args, 2000); + return; // Success } catch (TimeOut&) { } - catch (exception &e) { ShowError (e); } - } - } - else if (xdgOpenPresent) - { - // Fallback on the standard xdg-open command - // which is not always available by default - args.push_back (string (path)); - try - { - Process::Execute ("xdg-open", args, 2000); + catch (exception &) {} } - catch (TimeOut&) { } - catch (exception &e) { ShowError (e); } - } - else - { - ShowWarning (wxT("Unable to find a file manager to open the mounted volume")); } + + ShowWarning(wxT("Unable to find a file manager to open the mounted volume.\n" + "Please install xdg-utils or set a default file manager.")); #endif } |