VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Crypto/sha512_avx1_x64.asm
blob: 06321b5b6e8c735f3cfaed9f7c7aadcceda2d0d6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Copyright (c) 2012, Intel Corporation 
; 
; All rights reserved. 
; 
; Redistribution and use in source and binary forms, with or without
; modification, are permitted provided that the following conditions are
; met: 
; 
; * Redistributions of source code must retain the above copyright
;   notice, this list of conditions and the following disclaimer.  
; 
; * Redistributions in binary form must reproduce the above copyright
;   notice, this list of conditions and the following disclaimer in the
;   documentation and/or other materials provided with the
;   distribution. 
; 
; * Neither the name of the Intel Corporation nor the names of its
;   contributors may be used to endorse or promote products derived from
;   this software without specific prior written permission. 
; 
; 
; THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS" AND ANY
; EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
; IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
; PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR
; CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
; EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
; PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
; PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
; LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
; NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
; SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;
; Example YASM command lines:
; Windows:  yasm -f x64 -D WINABI sha512_avx.asm
; Linux:    yasm -f elf64 sha512_avx.asm
;

BITS 64
section .text

; Virtual Registers
%ifdef WINABI
	%define msg	rcx ; ARG1
	%define digest	rdx ; ARG2
	%define msglen	r8  ; ARG3
	%define T1	rsi
	%define T2	rdi
%else
	%define msg	rdi ; ARG1
	%define digest	rsi ; ARG2
	%define msglen	rdx ; ARG3
	%define T1	rcx
	%define T2	r8
%endif
%define a_64	r9
%define b_64	r10
%define c_64	r11
%define d_64	r12
%define e_64	r13
%define f_64	r14
%define g_64	r15
%define h_64	rbx
%define tmp0	rax

; Local variables (stack frame)
; Note: frame_size must be an odd multiple of 8 bytes to XMM align RSP
struc frame
	.W:       resq 80 ; Message Schedule
	.WK:      resq  2 ; W[t] + K[t] | W[t+1] + K[t+1]

%ifdef WINABI
	.XMMSAVE: resdq 4
	.GPRSAVE: resq  7
%else
	.GPRSAVE: resq  5
%endif
endstruc

; Useful QWORD "arrays" for simpler memory references
%define MSG(i)    msg    + 8*(i) ; Input message (arg1)
%define DIGEST(i) digest + 8*(i) ; Output Digest (arg2)
%define K_t(i)    K512   + 8*(i) wrt rip ; SHA Constants (static mem)
%define W_t(i)    rsp + frame.W  + 8*(i) ; Message Schedule (stack frame)
%define WK_2(i)   rsp + frame.WK + 8*((i) % 2) ; W[t]+K[t] (stack frame)
; MSG, DIGEST, K_t, W_t are arrays
; WK_2(t) points to 1 of 2 qwords at frame.WK depdending on t being odd/even

%macro RotateState 0
	; Rotate symbles a..h right
	%xdefine	%%TMP h_64
	%xdefine	h_64 g_64
	%xdefine	g_64 f_64
	%xdefine	f_64 e_64
	%xdefine	e_64 d_64
	%xdefine	d_64 c_64
	%xdefine	c_64 b_64
	%xdefine	b_64 a_64
	%xdefine	a_64 %%TMP
%endmacro

%macro RORQ 2
	; shld is faster than ror on Sandybridge
	shld	%1, %1, (64 - %2)
%endmacro

%macro SHA512_Round 1
%assign %%t   (%1)

	; Compute Round %%t
	mov	T1,   f_64        ; T1 = f
	mov	tmp0, e_64        ; tmp = e
	xor	T1,   g_64        ; T1 = f ^ g
	RORQ	tmp0, 23 ; 41     ; tmp = e ror 23
	and	T1,   e_64        ; T1 = (f ^ g) & e
	xor	tmp0, e_64        ; tmp = (e ror 23) ^ e
	xor	T1,   g_64        ; T1 = ((f ^ g) & e) ^ g = CH(e,f,g)
	add	T1,   [WK_2(%%t)] ; W[t] + K[t] from message scheduler
	RORQ	tmp0, 4 ; 18      ; tmp = ((e ror 23) ^ e) ror 4
	xor	tmp0, e_64        ; tmp = (((e ror 23) ^ e) ror 4) ^ e
	mov	T2,   a_64        ; T2 = a
	add	T1,   h_64        ; T1 = CH(e,f,g) + W[t] + K[t] + h
	RORQ	tmp0, 14 ; 14     ; tmp = ((((e ror23)^e)ror4)^e)ror14 = S1(e)
	add	T1,   tmp0        ; T1 = CH(e,f,g) + W[t] + K[t] + S1(e)
	mov	tmp0, a_64        ; tmp = a
	xor	T2,   c_64        ; T2 = a ^ c
	and	tmp0, c_64        ; tmp = a & c
	and	T2,   b_64        ; T2 = (a ^ c) & b
	xor	T2,   tmp0        ; T2 = ((a ^ c) & b) ^ (a & c) = Maj(a,b,c)
	mov	tmp0, a_64        ; tmp = a
	RORQ	tmp0, 5 ; 39      ; tmp = a ror 5
	xor	tmp0, a_64        ; tmp = (a ror 5) ^ a
	add	d_64, T1          ; e(next_state) = d + T1 
	RORQ	tmp0, 6 ; 34      ; tmp = ((a ror 5) ^ a) ror 6
	xor	tmp0, a_64        ; tmp = (((a ror 5) ^ a) ror 6) ^ a
	lea	h_64, [T1 + T2]   ; a(next_state) = T1 + Maj(a,b,c)
	RORQ	tmp0, 28 ; 28     ; tmp = ((((a ror5)^a)ror6)^a)ror28 = S0(a)
	add	h_64, tmp0        ; a(next_state) = T1 + Maj(a,b,c) S0(a)
	RotateState
%endmacro

%macro SHA512_2Sched_2Round_avx 1
%assign %%t %1
	; Compute rounds %%t-2 and %%t-1
	; Compute message schedule QWORDS %%t and %%t+1

	;   Two rounds are computed based on the values for K[t-2]+W[t-2] and 
	; K[t-1]+W[t-1] which were previously stored at WK_2 by the message
	; scheduler.
	;   The two new schedule QWORDS are stored at [W_t(%%t)] and [W_t(%%t+1)].
	; They are then added to their respective SHA512 constants at
	; [K_t(%%t)] and [K_t(%%t+1)] and stored at dqword [WK_2(%%t)]
	;   For brievity, the comments following vectored instructions only refer to
	; the first of a pair of QWORDS.
	; Eg. XMM4=W[t-2] really means XMM4={W[t-2]|W[t-1]}
	;   The computation of the message schedule and the rounds are tightly
	; stitched to take advantage of instruction-level parallelism.
	; For clarity, integer instructions (for the rounds calculation) are indented
	; by one tab. Vectored instructions (for the message scheduler) are indented
	; by two tabs.

		vmovdqa	xmm4, [W_t(%%t-2)]   ; XMM4 = W[t-2]
		vmovdqu	xmm5, [W_t(%%t-15)]  ; XMM5 = W[t-15]
	mov	T1,   f_64
		vpsrlq	xmm0, xmm4, 61       ; XMM0 = W[t-2]>>61
	mov	tmp0, e_64
		vpsrlq	xmm6, xmm5, 1        ; XMM6 = W[t-15]>>1
	xor	T1,   g_64
	RORQ	tmp0, 23 ; 41
		vpsrlq	xmm1, xmm4, 19       ; XMM1 = W[t-2]>>19
	and	T1,   e_64
	xor	tmp0, e_64
		vpxor	xmm0, xmm1           ; XMM0 = W[t-2]>>61 ^ W[t-2]>>19
	xor	T1,   g_64
	add	T1,   [WK_2(%%t)];
		vpsrlq	xmm7, xmm5, 8        ; XMM7 = W[t-15]>>8
	RORQ	tmp0, 4 ; 18
		vpsrlq	xmm2, xmm4, 6        ; XMM2 = W[t-2]>>6
	xor	tmp0, e_64
	mov	T2,   a_64
	add	T1,   h_64
		vpxor	xmm6, xmm7           ; XMM6 = W[t-15]>>1 ^ W[t-15]>>8
	RORQ	tmp0, 14 ; 14
	add	T1,   tmp0
		vpsrlq	xmm8, xmm5, 7        ; XMM8 = W[t-15]>>7
	mov 	tmp0, a_64
	xor	T2,   c_64
		vpsllq	xmm3, xmm4, (64-61)  ; XMM3 = W[t-2]<<3
	and	tmp0, c_64
	and	T2,   b_64
		vpxor	xmm2, xmm3           ; XMM2 = W[t-2]>>6 ^ W[t-2]<<3
	xor	T2,   tmp0
	mov	tmp0, a_64
		vpsllq	xmm9, xmm5, (64-1)   ; XMM9 = W[t-15]<<63
	RORQ	tmp0, 5 ; 39
		vpxor	xmm8, xmm9           ; XMM8 = W[t-15]>>7 ^ W[t-15]<<63
	xor	tmp0, a_64
	add	d_64, T1
	RORQ	tmp0, 6 ; 34
	xor	tmp0, a_64
		vpxor	xmm6, xmm8           ; XMM6 = W[t-15]>>1 ^ W[t-15]>>8 ^ W[t-15]>>7 ^ W[t-15]<<63
	lea	h_64, [T1 + T2]
	RORQ 	tmp0, 28 ; 28
		vpsllq	xmm4, (64-19)        ; XMM4 = W[t-2]<<25
	add	h_64, tmp0
	RotateState
		vpxor	xmm0, xmm4           ; XMM0 = W[t-2]>>61 ^ W[t-2]>>19 ^ W[t-2]<<25
	mov	T1, f_64
		vpxor	xmm0, xmm2           ; XMM0 = s1(W[t-2])
	mov	tmp0, e_64
	xor	T1,   g_64
		vpaddq	xmm0, [W_t(%%t-16)]  ; XMM0 = s1(W[t-2]) + W[t-16]
		vmovdqu	xmm1, [W_t(%%t- 7)]  ; XMM1 = W[t-7]
	RORQ	tmp0, 23 ; 41
	and	T1,   e_64
	xor	tmp0, e_64
	xor	T1,   g_64
		vpsllq	xmm5, (64-8)         ; XMM5 = W[t-15]<<56
	add	T1,   [WK_2(%%t+1)]
		vpxor	xmm6, xmm5           ; XMM6 = s0(W[t-15])
	RORQ	tmp0, 4 ; 18
		vpaddq	xmm0, xmm6           ; XMM0 = s1(W[t-2]) + W[t-16] + s0(W[t-15])
	xor	tmp0, e_64
		vpaddq	xmm0, xmm1           ; XMM0 = W[t] = s1(W[t-2]) + W[t-7] + s0(W[t-15]) + W[t-16]
	mov	T2,   a_64
	add	T1,   h_64
	RORQ	tmp0, 14 ; 14
	add	T1,   tmp0
		vmovdqa	[W_t(%%t)], xmm0      ; Store W[t]
		vpaddq	xmm0, [K_t(t)]        ; Compute W[t]+K[t]
		vmovdqa	[WK_2(t)], xmm0       ; Store W[t]+K[t] for next rounds
	mov	tmp0, a_64
	xor	T2,   c_64
	and	tmp0, c_64
	and	T2,   b_64
	xor	T2,   tmp0
	mov	tmp0, a_64
	RORQ	tmp0, 5 ; 39
	xor	tmp0, a_64
	add	d_64, T1
	RORQ	tmp0, 6 ; 34
	xor	tmp0, a_64
	lea	h_64, [T1 + T2]
	RORQ	tmp0, 28 ; 28
	add	h_64, tmp0
	RotateState
%endmacro

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; void sha512_avx(const void* M, void* D, uint64_t L);
; Purpose: Updates the SHA512 digest stored at D with the message stored in M.
; The size of the message pointed to by M must be an integer multiple of SHA512
;   message blocks.
; L is the message length in SHA512 blocks
global sha512_avx:function
sha512_avx:
	cmp	msglen, 0
	je	.nowork
	
	; Allocate Stack Space
	sub	rsp, frame_size

	; Save GPRs
	mov	[rsp + frame.GPRSAVE + 8 * 0], rbx
	mov	[rsp + frame.GPRSAVE + 8 * 1], r12
	mov	[rsp + frame.GPRSAVE + 8 * 2], r13
	mov	[rsp + frame.GPRSAVE + 8 * 3], r14
	mov	[rsp + frame.GPRSAVE + 8 * 4], r15
%ifdef WINABI
	mov	[rsp + frame.GPRSAVE + 8 * 5], rsi
	mov	[rsp + frame.GPRSAVE + 8 * 6], rdi
%endif
	; Save XMMs
%ifdef WINABI
	vmovdqa	[rsp + frame.XMMSAVE + 16 * 0], xmm6
	vmovdqa	[rsp + frame.XMMSAVE + 16 * 1], xmm7
	vmovdqa	[rsp + frame.XMMSAVE + 16 * 2], xmm8
	vmovdqa	[rsp + frame.XMMSAVE + 16 * 3], xmm9
%endif	

.updateblock:

	; Load state variables
	mov	a_64, [DIGEST(0)]
	mov	b_64, [DIGEST(1)]
	mov	c_64, [DIGEST(2)]
	mov	d_64, [DIGEST(3)]
	mov	e_64, [DIGEST(4)]
	mov	f_64, [DIGEST(5)]
	mov	g_64, [DIGEST(6)]
	mov	h_64, [DIGEST(7)]

	%assign t 0
	%rep 80/2 + 1
	; (80 rounds) / (2 rounds/iteration) + (1 iteration)
	; +1 iteration because the scheduler leads hashing by 1 iteration
		%if t < 2
			; BSWAP 2 QWORDS
			vmovdqa	xmm1, [XMM_QWORD_BSWAP wrt rip]
			vmovdqu	xmm0, [MSG(t)]
			vpshufb	xmm0, xmm0, xmm1     ; BSWAP
			vmovdqa	[W_t(t)], xmm0       ; Store Scheduled Pair
			vpaddq	xmm0, xmm0, [K_t(t)] ; Compute W[t]+K[t]
			vmovdqa	[WK_2(t)], xmm0      ; Store into WK for rounds
		%elif t < 16
			; BSWAP 2 QWORDS, Compute 2 Rounds
			vmovdqu	xmm0, [MSG(t)]
			vpshufb	xmm0, xmm0, xmm1     ; BSWAP
			SHA512_Round t - 2           ; Round t-2
			vmovdqa	[W_t(t)], xmm0       ; Store Scheduled Pair
			vpaddq	xmm0, xmm0, [K_t(t)] ; Compute W[t]+K[t]
			SHA512_Round t - 1           ; Round t-1
			vmovdqa	[WK_2(t)], xmm0      ; W[t]+K[t] into WK
		%elif t < 79
			; Schedule 2 QWORDS; Compute 2 Rounds
			SHA512_2Sched_2Round_avx t
		%else
			; Compute 2 Rounds
			SHA512_Round t - 2
			SHA512_Round t - 1
		%endif
	%assign t t+2
	%endrep

	; Update digest
	add	[DIGEST(0)], a_64
	add	[DIGEST(1)], b_64
	add	[DIGEST(2)], c_64
	add	[DIGEST(3)], d_64
	add	[DIGEST(4)], e_64
	add	[DIGEST(5)], f_64
	add	[DIGEST(6)], g_64
	add	[DIGEST(7)], h_64

	; Advance to next message block
	add	msg, 16*8
	dec	msglen
	jnz	.updateblock

	; Restore XMMs
%ifdef WINABI
	vmovdqa	xmm6, [rsp + frame.XMMSAVE + 16 * 0]
	vmovdqa	xmm7, [rsp + frame.XMMSAVE + 16 * 1]
	vmovdqa	xmm8, [rsp + frame.XMMSAVE + 16 * 2]
	vmovdqa	xmm9, [rsp + frame.XMMSAVE + 16 * 3]
%endif
	; Restore GPRs
	mov	rbx, [rsp + frame.GPRSAVE + 8 * 0]
	mov	r12, [rsp + frame.GPRSAVE + 8 * 1]
	mov	r13, [rsp + frame.GPRSAVE + 8 * 2]
	mov	r14, [rsp + frame.GPRSAVE + 8 * 3]
	mov	r15, [rsp + frame.GPRSAVE + 8 * 4]
%ifdef WINABI
	mov	rsi, [rsp + frame.GPRSAVE + 8 * 5]
	mov	rdi, [rsp + frame.GPRSAVE + 8 * 6]
%endif
	; Restore Stack Pointer
	add	rsp, frame_size

.nowork:
	ret

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;; Binary Data

section .data

ALIGN 16

; Mask for byte-swapping a couple of qwords in an XMM register using (v)pshufb.
XMM_QWORD_BSWAP: 
	ddq 0x08090a0b0c0d0e0f0001020304050607

; K[t] used in SHA512 hashing
K512:
	dq 0x428a2f98d728ae22,0x7137449123ef65cd 
	dq 0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
	dq 0x3956c25bf348b538,0x59f111f1b605d019 
	dq 0x923f82a4af194f9b,0xab1c5ed5da6d8118
	dq 0xd807aa98a3030242,0x12835b0145706fbe 
	dq 0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
	dq 0x72be5d74f27b896f,0x80deb1fe3b1696b1 
	dq 0x9bdc06a725c71235,0xc19bf174cf692694
	dq 0xe49b69c19ef14ad2,0xefbe4786384f25e3 
	dq 0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
	dq 0x2de92c6f592b0275,0x4a7484aa6ea6e483 
	dq 0x5cb0a9dcbd41fbd4,0x76f988da831153b5
	dq 0x983e5152ee66dfab,0xa831c66d2db43210 
	dq 0xb00327c898fb213f,0xbf597fc7beef0ee4
	dq 0xc6e00bf33da88fc2,0xd5a79147930aa725 
	dq 0x06ca6351e003826f,0x142929670a0e6e70
	dq 0x27b70a8546d22ffc,0x2e1b21385c26c926 
	dq 0x4d2c6dfc5ac42aed,0x53380d139d95b3df
	dq 0x650a73548baf63de,0x766a0abb3c77b2a8 
	dq 0x81c2c92e47edaee6,0x92722c851482353b
	dq 0xa2bfe8a14cf10364,0xa81a664bbc423001 
	dq 0xc24b8b70d0f89791,0xc76c51a30654be30
	dq 0xd192e819d6ef5218,0xd69906245565a910 
	dq 0xf40e35855771202a,0x106aa07032bbd1b8
	dq 0x19a4c116b8d2d0c8,0x1e376c085141ab53 
	dq 0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
	dq 0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb 
	dq 0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
	dq 0x748f82ee5defb2fc,0x78a5636f43172f60 
	dq 0x84c87814a1f0ab72,0x8cc702081a6439ec
	dq 0x90befffa23631e28,0xa4506cebde82bde9 
	dq 0xbef9a3f7b2c67915,0xc67178f2e372532b
	dq 0xca273eceea26619c,0xd186b8c721c0c207 
	dq 0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
	dq 0x06f067aa72176fba,0x0a637dc5a2c898a6 
	dq 0x113f9804bef90dae,0x1b710b35131c471b
	dq 0x28db77f523047d84,0x32caab7b40c72493 
	dq 0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
	dq 0x4cc5d4becb3e42b6,0x597f299cfc657e2a 
	dq 0x5fcb6fab3ad6faec,0x6c44198c4a475817

%ifidn __OUTPUT_FORMAT__,elf
section .note.GNU-stack noalloc noexec nowrite progbits
%endif
%ifidn __OUTPUT_FORMAT__,elf32
section .note.GNU-stack noalloc noexec nowrite progbits
%endif
%ifidn __OUTPUT_FORMAT__,elf64
section .note.GNU-stack noalloc noexec nowrite progbits
%endif
span>]; finally_do_arg (BufferPtr, BufferPtr (reinterpret_cast <byte *> (passwordBuf), sizeof (passwordBuf)), { finally_arg.Erase(); }); make_shared_auto (VolumePassword, password); bool verPhase = false; while (true) { ShowString (verPhase ? wxString (_("Re-enter password: ")) : msg); wxString passwordStr; ReadInputStreamLine (passwordStr); size_t length = passwordStr.size(); ShowString (L"\n"); if (!verPhase && length < 1) { password->Set (passwordBuf, 0); return password; } for (size_t i = 0; i < length && i < VolumePassword::MaxSize; ++i) { passwordBuf[i] = (wchar_t) passwordStr[i]; const_cast <wchar_t *> (passwordStr.wc_str())[i] = L'X'; } if (verify && verPhase) { make_shared_auto (VolumePassword, verPassword); verPassword->Set (passwordBuf, length); if (*password != *verPassword) { ShowInfo (_("Passwords do not match.")); ShowString (L"\n"); verPhase = false; continue; } } password->Set (passwordBuf, length); if (!verPhase) { try { password->CheckPortability(); } catch (UnportablePassword &e) { if (verify) { ShowError (e); verPhase = false; continue; } ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM"); } if (verify) { if (password->Size() < VolumePassword::WarningSizeThreshold) { SetTerminalEcho (true); finally_do ({ TextUserInterface::SetTerminalEcho (false); }); if (!AskYesNo (LangString ["PASSWORD_LENGTH_WARNING"], false, true)) { ShowString (L"\n"); continue; } ShowString (L"\n"); } } } if (!verify || verPhase) return password; if (!verPhase) verPhase = true; } return password; } ssize_t TextUserInterface::AskSelection (ssize_t optionCount, ssize_t defaultOption) const { while (true) { wstring selectionStr = AskString (defaultOption == -1 ? wxString (_("Select: ")) : wxString (wstring (StringFormatter (_("Select [{0}]: "), (uint32) defaultOption)))); ssize_t selection; if (selectionStr.empty() && defaultOption != -1) return defaultOption; try { selection = StringConverter::ToUInt32 (selectionStr); } catch (...) { continue; } if (selection > 0 && selection <= optionCount) return selection; } } wstring TextUserInterface::AskString (const wxString &message) const { ShowString (message); return wstring (ReadInputStreamLine()); } bool TextUserInterface::AskYesNo (const wxString &message, bool defaultYes, bool warning) const { while (true) { wxString s = AskString (StringFormatter (L"{0} (y={1}/n={2}) [{3}]: ", message, LangString["YES"], LangString["NO"], LangString[defaultYes ? "YES" : "NO"])); if (s.IsSameAs (L'n', false) || s.IsSameAs (L"no", false) || (!defaultYes && s.empty())) return false; if (s.IsSameAs (L'y', false) || s.IsSameAs (L"yes", false) || (defaultYes && s.empty())) return true; }; } shared_ptr <VolumePath> TextUserInterface::AskVolumePath (const wxString &message) const { return make_shared <VolumePath> (AskString (message.empty() ? wxString (_("Enter volume path: ")) : message)); } void TextUserInterface::BackupVolumeHeaders (shared_ptr <VolumePath> volumePath) const { if (!volumePath) volumePath = AskVolumePath(); if (!volumePath) throw UserAbort (SRC_POS); #ifdef TC_WINDOWS if (Core->IsVolumeMounted (*volumePath)) throw_err (LangString["DISMOUNT_FIRST"]); #endif ShowInfo ("EXTERNAL_VOL_HEADER_BAK_FIRST_INFO"); shared_ptr <Pkcs5Kdf> kdf; if (CmdLine->ArgHash) { kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash, false); } shared_ptr <Volume> normalVolume; shared_ptr <Volume> hiddenVolume; MountOptions normalVolumeMountOptions; MountOptions hiddenVolumeMountOptions; normalVolumeMountOptions.Path = volumePath; hiddenVolumeMountOptions.Path = volumePath; VolumeType::Enum volumeType = VolumeType::Normal; // Open both types of volumes while (true) { shared_ptr <Volume> volume; MountOptions *options = (volumeType == VolumeType::Hidden ? &hiddenVolumeMountOptions : &normalVolumeMountOptions); while (!volume) { ShowString (L"\n"); options->Password = AskPassword (LangString[volumeType == VolumeType::Hidden ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD"]); options->Keyfiles = AskKeyfiles(); try { volume = Core->OpenVolume ( options->Path, options->PreserveTimestamps, options->Password, kdf, false, options->Keyfiles, options->Protection, options->ProtectionPassword, options->ProtectionKdf, options->ProtectionKeyfiles, true, volumeType, options->UseBackupHeaders ); } catch (PasswordException &e) { ShowInfo (e); } } if (volumeType == VolumeType::Hidden) hiddenVolume = volume; else normalVolume = volume; // Ask whether a hidden volume is present if (volumeType == VolumeType::Normal && AskYesNo (L"\n" + LangString["DOES_VOLUME_CONTAIN_HIDDEN"])) { volumeType = VolumeType::Hidden; continue; } break; } if (hiddenVolume) { if (typeid (*normalVolume->GetLayout()) == typeid (VolumeLayoutV1Normal)) throw ParameterIncorrect (SRC_POS); if (typeid (*normalVolume->GetLayout()) == typeid (VolumeLayoutV2Normal) && typeid (*hiddenVolume->GetLayout()) != typeid (VolumeLayoutV2Hidden)) throw ParameterIncorrect (SRC_POS); } // Ask user to select backup file path wxString confirmMsg = L"\n" + LangString["CONFIRM_VOL_HEADER_BAK"] + L"\n"; confirmMsg.Replace (L"%hs", L"%s"); if (!AskYesNo (wxString::Format (confirmMsg, wstring (*volumePath).c_str()), true)) return; ShowString (L"\n"); FilePath filePath = AskFilePath(); if (filePath.IsEmpty()) throw UserAbort (SRC_POS); File backupFile; backupFile.Open (filePath, File::CreateWrite); RandomNumberGenerator::Start(); /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); UserEnrichRandomPool(); // Re-encrypt volume header SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize()); Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Keyfiles); backupFile.Write (newHeaderBuffer); if (hiddenVolume) { // Re-encrypt hidden volume header Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Keyfiles); } else { // Store random data in place of hidden volume header shared_ptr <EncryptionAlgorithm> ea = normalVolume->GetEncryptionAlgorithm(); Core->RandomizeEncryptionAlgorithmKey (ea); ea->Encrypt (newHeaderBuffer); } backupFile.Write (newHeaderBuffer); ShowString (L"\n"); ShowInfo ("VOL_HEADER_BACKED_UP"); } void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, shared_ptr <Hash> currentHash, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const { shared_ptr <Volume> volume; // Volume path if (!volumePath.get()) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); volumePath = AskVolumePath (); } if (volumePath->IsEmpty()) throw UserAbort (SRC_POS); bool passwordInteractive = !password.get(); bool keyfilesInteractive = !keyfiles.get(); shared_ptr<Pkcs5Kdf> kdf; if (currentHash) { kdf = Pkcs5Kdf::GetAlgorithm (*currentHash, truecryptMode); } while (true) { // Current password if (!passwordInteractive) { try { password->CheckPortability(); } catch (UnportablePassword &) { ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM"); } } else if (!Preferences.NonInteractive) { password = AskPassword (); } // Current keyfiles try { if (keyfilesInteractive) { // Ask for keyfiles only if required try { keyfiles.reset (new KeyfileList); volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, kdf, truecryptMode, keyfiles); } catch (PasswordException&) { if (!Preferences.NonInteractive) keyfiles = AskKeyfiles (); } } if (!volume.get()) volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, kdf, truecryptMode, keyfiles); } catch (PasswordException &e) { if (Preferences.NonInteractive || !passwordInteractive || !keyfilesInteractive) throw; ShowInfo (e); continue; } break; } // New password if (newPassword.get()) newPassword->CheckPortability(); else if (!Preferences.NonInteractive) newPassword = AskPassword (_("Enter new password"), true); // New keyfiles if (!newKeyfiles.get() && !Preferences.NonInteractive) { if (keyfiles.get() && keyfiles->size() > 0 && AskYesNo (_("Keep current keyfiles?"), true)) newKeyfiles = keyfiles; else newKeyfiles = AskKeyfiles (_("Enter new keyfile")); } /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); UserEnrichRandomPool(); Core->ChangePassword (volume, newPassword, newKeyfiles, newHash ? Pkcs5Kdf::GetAlgorithm (*newHash, false) : shared_ptr <Pkcs5Kdf>()); ShowInfo ("PASSWORD_CHANGED"); } void TextUserInterface::CreateKeyfile (shared_ptr <FilePath> keyfilePath) const { FilePath path; RandomNumberGenerator::Start(); /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); UserEnrichRandomPool(); if (keyfilePath) { Core->CreateKeyfile (*keyfilePath); } else { wstring fileName = AskFilePath(); if (fileName.empty()) return; Core->CreateKeyfile (fileName); } ShowInfo ("KEYFILE_CREATED"); } void TextUserInterface::CreateVolume (shared_ptr <VolumeCreationOptions> options) const { // Volume type if (options->Type == VolumeType::Unknown) { if (Preferences.NonInteractive) { options->Type = VolumeType::Normal; } else { ShowString (_("Volume type:\n 1) Normal\n 2) Hidden\n")); switch (AskSelection (2, 1)) { case 1: options->Type = VolumeType::Normal; break; case 2: options->Type = VolumeType::Hidden; break; } } } shared_ptr <VolumeLayout> layout; if (options->Type == VolumeType::Hidden) layout.reset (new VolumeLayoutV2Hidden); else layout.reset (new VolumeLayoutV2Normal); if (!Preferences.NonInteractive && options->Type == VolumeType::Hidden) ShowInfo (_("\nIMPORTANT: Inexperienced users should use the graphical user interface to create a hidden volume. When using the text interface, the procedure described in the command line help must be followed to create a hidden volume.")); // Volume path if (options->Path.IsEmpty()) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); do { ShowString (L"\n"); options->Path = VolumePath (*AskVolumePath()); } while (options->Path.IsEmpty()); } // Sector size if (options->Path.IsDevice()) options->SectorSize = Core->GetDeviceSectorSize (options->Path); else options->SectorSize = TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; // Volume size uint64 hostSize = 0; if (options->Type == VolumeType::Hidden) { FilesystemPath fsPath (wstring (options->Path)); if (fsPath.IsFile()) { File file; file.Open (fsPath); hostSize = file.Length(); } else if (fsPath.IsDevice()) { hostSize = Core->GetDeviceSize (fsPath); } else { throw_err (_("Hidden volume can be created only in an existing file or device.")); } if (hostSize < TC_MIN_HIDDEN_VOLUME_HOST_SIZE) throw_err (StringFormatter (_("Minimum outer volume size is {0}."), SizeToString (TC_MIN_HIDDEN_VOLUME_HOST_SIZE))); } uint64 minVolumeSize = options->Type == VolumeType::Hidden ? TC_MIN_HIDDEN_VOLUME_SIZE : TC_MIN_VOLUME_SIZE; uint64 maxVolumeSize = options->Type == VolumeType::Hidden ? VolumeLayoutV2Normal().GetMaxDataSize (hostSize) - TC_MIN_FAT_FS_SIZE : TC_MAX_VOLUME_SIZE_GENERAL; if (options->Path.IsDevice() && options->Type != VolumeType::Hidden) { if (options->Size != 0) throw_err (_("Volume size cannot be changed for device-hosted volumes.")); options->Size = Core->GetDeviceSize (options->Path); } else { options->Quick = false; uint32 sectorSizeRem = options->Size % options->SectorSize; if (sectorSizeRem != 0) options->Size += options->SectorSize - sectorSizeRem; while (options->Size == 0) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); wstring sizeStr = AskString (options->Type == VolumeType::Hidden ? _("\nEnter hidden volume size (sizeK/size[M]/sizeG): ") : _("\nEnter volume size (sizeK/size[M]/sizeG): ")); int multiplier = 1024 * 1024; if (sizeStr.find (L"K") != string::npos) { multiplier = 1024; sizeStr.resize (sizeStr.size() - 1); } else if (sizeStr.find (L"M") != string::npos) { sizeStr.resize (sizeStr.size() - 1); } else if (sizeStr.find (L"G") != string::npos) { multiplier = 1024 * 1024 * 1024; sizeStr.resize (sizeStr.size() - 1); } try { options->Size = StringConverter::ToUInt64 (sizeStr); options->Size *= multiplier; sectorSizeRem = options->Size % options->SectorSize; if (sectorSizeRem != 0) options->Size += options->SectorSize - sectorSizeRem; } catch (...) { options->Size = 0; continue; } if (options->Size < minVolumeSize) { ShowError (StringFormatter (_("Minimum volume size is {0}."), SizeToString (minVolumeSize))); options->Size = 0; } if (options->Size > maxVolumeSize) { ShowError (StringFormatter (_("Maximum volume size is {0}."), SizeToString (maxVolumeSize))); options->Size = 0; } } } if (options->Size < minVolumeSize || options->Size > maxVolumeSize) throw_err (_("Incorrect volume size")); if (options->Type == VolumeType::Hidden) options->Quick = true; // Encryption algorithm if (!options->EA) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); ShowInfo (wxString (L"\n") + LangString["ENCRYPTION_ALGORITHM_LV"] + L":"); vector < shared_ptr <EncryptionAlgorithm> > encryptionAlgorithms; foreach (shared_ptr <EncryptionAlgorithm> ea, EncryptionAlgorithm::GetAvailableAlgorithms()) { if (!ea->IsDeprecated()) { ShowString (StringFormatter (L" {0}) {1}\n", (uint32) encryptionAlgorithms.size() + 1, ea->GetName(true))); encryptionAlgorithms.push_back (ea); } } options->EA = encryptionAlgorithms[AskSelection (encryptionAlgorithms.size(), 1) - 1]; } // Hash algorithm if (!options->VolumeHeaderKdf) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); ShowInfo (_("\nHash algorithm:")); vector < shared_ptr <Hash> > hashes; foreach (shared_ptr <Hash> hash, Hash::GetAvailableAlgorithms()) { if (!hash->IsDeprecated()) { ShowString (StringFormatter (L" {0}) {1}\n", (uint32) hashes.size() + 1, hash->GetName())); hashes.push_back (hash); } } shared_ptr <Hash> selectedHash = hashes[AskSelection (hashes.size(), 1) - 1]; RandomNumberGenerator::SetHash (selectedHash); options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*selectedHash, false); } // Filesystem options->FilesystemClusterSize = 0; if (options->Filesystem == VolumeCreationOptions::FilesystemType::Unknown) { if (Preferences.NonInteractive) { options->Filesystem = VolumeCreationOptions::FilesystemType::GetPlatformNative(); } else { ShowInfo (_("\nFilesystem:")); vector <VolumeCreationOptions::FilesystemType::Enum> filesystems; ShowInfo (L" 1) " + LangString["NONE"]); filesystems.push_back (VolumeCreationOptions::FilesystemType::None); ShowInfo (L" 2) FAT"); filesystems.push_back (VolumeCreationOptions::FilesystemType::FAT); #if defined (TC_LINUX) ShowInfo (L" 3) Linux Ext2"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext2); ShowInfo (L" 4) Linux Ext3"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext3); ShowInfo (L" 5) Linux Ext4"); filesystems.push_back (VolumeCreationOptions::FilesystemType::Ext4); ShowInfo (L" 6) NTFS"); filesystems.push_back (VolumeCreationOptions::FilesystemType::NTFS); #elif defined (TC_MACOSX) ShowInfo (L" 3) Mac OS Extended"); filesystems.push_back (VolumeCreationOptions::FilesystemType::MacOsExt); #elif defined (TC_FREEBSD) || defined (TC_SOLARIS) ShowInfo (L" 3) UFS"); filesystems.push_back (VolumeCreationOptions::FilesystemType::UFS); #endif options->Filesystem = filesystems[AskSelection (filesystems.size(), 2) - 1]; } } uint64 filesystemSize = layout->GetMaxDataSize (options->Size); if (options->Filesystem == VolumeCreationOptions::FilesystemType::FAT && (filesystemSize < TC_MIN_FAT_FS_SIZE || filesystemSize > TC_MAX_FAT_SECTOR_COUNT * options->SectorSize)) { throw_err (_("Specified volume size cannot be used with FAT filesystem.")); } // Password if (!options->Password && !Preferences.NonInteractive) { ShowString (L"\n"); options->Password = AskPassword (_("Enter password"), true); } if (options->Password) options->Password->CheckPortability(); // Keyfiles if (!options->Keyfiles && !Preferences.NonInteractive) { ShowString (L"\n"); options->Keyfiles = AskKeyfiles (_("Enter keyfile path")); } if ((!options->Keyfiles || options->Keyfiles->empty()) && (!options->Password || options->Password->IsEmpty())) { throw_err (_("Password cannot be empty when no keyfile is specified")); } // Random data RandomNumberGenerator::Start(); /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); UserEnrichRandomPool(); ShowString (L"\n"); wxLongLong startTime = wxGetLocalTimeMillis(); VolumeCreator creator; creator.CreateVolume (options); bool volumeCreated = false; while (!volumeCreated) { VolumeCreator::ProgressInfo progress = creator.GetProgressInfo(); wxLongLong timeDiff = wxGetLocalTimeMillis() - startTime; if (timeDiff.GetValue() > 0) { uint64 speed = progress.SizeDone * 1000 / timeDiff.GetValue(); volumeCreated = !progress.CreationInProgress; ShowString (wxString::Format (L"\rDone: %7.3f%% Speed: %9s Left: %s ", 100.0 - double (options->Size - progress.SizeDone) / (double (options->Size) / 100.0), speed > 0 ? (const wchar_t*) SpeedToString (speed).c_str() : L" ", speed > 0 ? (const wchar_t*) TimeSpanToString ((options->Size - progress.SizeDone) / speed).c_str() : L"")); } Thread::Sleep (100); } ShowString (L"\n\n"); creator.CheckResult(); #ifdef TC_UNIX if (options->Filesystem != VolumeCreationOptions::FilesystemType::None && options->Filesystem != VolumeCreationOptions::FilesystemType::FAT) { const char *fsFormatter = nullptr; switch (options->Filesystem) { case VolumeCreationOptions::FilesystemType::Ext2: fsFormatter = "mkfs.ext2"; break; case VolumeCreationOptions::FilesystemType::Ext3: fsFormatter = "mkfs.ext3"; break; case VolumeCreationOptions::FilesystemType::Ext4: fsFormatter = "mkfs.ext4"; break; case VolumeCreationOptions::FilesystemType::MacOsExt: fsFormatter = "newfs_hfs"; break; case VolumeCreationOptions::FilesystemType::UFS: fsFormatter = "newfs" ; break; case VolumeCreationOptions::FilesystemType::NTFS: fsFormatter = "mkfs.ntfs"; break; default: throw ParameterIncorrect (SRC_POS); } MountOptions mountOptions (GetPreferences().DefaultMountOptions); mountOptions.Path = make_shared <VolumePath> (options->Path); mountOptions.NoFilesystem = true; mountOptions.Protection = VolumeProtection::None; mountOptions.Password = options->Password; mountOptions.Keyfiles = options->Keyfiles; shared_ptr <VolumeInfo> volume = Core->MountVolume (mountOptions); finally_do_arg (shared_ptr <VolumeInfo>, volume, { Core->DismountVolume (finally_arg, true); }); Thread::Sleep (2000); // Try to prevent race conditions caused by OS // Temporarily take ownership of the device if the user is not an administrator UserId origDeviceOwner ((uid_t) -1); DevicePath virtualDevice = volume->VirtualDevice; #ifdef TC_MACOSX string virtualDeviceStr = virtualDevice; if (virtualDeviceStr.find ("/dev/rdisk") != 0) virtualDevice = "/dev/r" + virtualDeviceStr.substr (5); #endif try { File file; file.Open (virtualDevice, File::OpenReadWrite); } catch (...) { if (!Core->HasAdminPrivileges()) { origDeviceOwner = virtualDevice.GetOwner(); Core->SetFileOwner (virtualDevice, UserId (getuid())); } } finally_do_arg2 (FilesystemPath, virtualDevice, UserId, origDeviceOwner, { if (finally_arg2.SystemId != (uid_t) -1) Core->SetFileOwner (finally_arg, finally_arg2); }); // Create filesystem list <string> args; if (options->Filesystem == VolumeCreationOptions::FilesystemType::MacOsExt && options->Size >= 10 * BYTES_PER_MB) args.push_back ("-J"); args.push_back (string (virtualDevice)); Process::Execute (fsFormatter, args); } #endif // TC_UNIX ShowInfo (options->Type == VolumeType::Hidden ? "HIDVOL_FORMAT_FINISHED_HELP" : "FORMAT_FINISHED_INFO"); } void TextUserInterface::DeleteSecurityTokenKeyfiles () const { shared_ptr <KeyfileList> keyfiles = AskKeyfiles(); if (keyfiles->empty()) throw UserAbort(); foreach_ref (const Keyfile &keyfile, *keyfiles) { SecurityToken::DeleteKeyfile (SecurityTokenKeyfilePath (FilePath (keyfile))); } } void TextUserInterface::DoShowError (const wxString &message) const { wcerr << L"Error: " << static_cast<wstring> (message) << endl; } void TextUserInterface::DoShowInfo (const wxString &message) const { wcout << static_cast<wstring> (message) << endl; } void TextUserInterface::DoShowString (const wxString &str) const { wcout << str.c_str(); } void TextUserInterface::DoShowWarning (const wxString &message) const { wcerr << L"Warning: " << static_cast<wstring> (message) << endl; } void TextUserInterface::ExportSecurityTokenKeyfile () const { wstring keyfilePath = AskString (_("Enter security token keyfile path: ")); if (keyfilePath.empty()) throw UserAbort (SRC_POS); SecurityTokenKeyfile tokenKeyfile (keyfilePath); vector <byte> keyfileData; SecurityToken::GetKeyfileData (tokenKeyfile, keyfileData); BufferPtr keyfileDataBuf (&keyfileData.front(), keyfileData.size()); finally_do_arg (BufferPtr, keyfileDataBuf, { finally_arg.Erase(); }); FilePath exportFilePath = AskFilePath(); if (exportFilePath.IsEmpty()) throw UserAbort (SRC_POS); File keyfile; keyfile.Open (exportFilePath, File::CreateWrite); keyfile.Write (keyfileDataBuf); } shared_ptr <GetStringFunctor> TextUserInterface::GetAdminPasswordRequestHandler () { struct AdminPasswordRequestHandler : public GetStringFunctor { AdminPasswordRequestHandler (TextUserInterface *userInterface) : UI (userInterface) { } virtual void operator() (string &passwordStr) { UI->ShowString (_("Enter your user password or administrator password: ")); TextUserInterface::SetTerminalEcho (false); finally_do ({ TextUserInterface::SetTerminalEcho (true); }); wstring wPassword (UI->ReadInputStreamLine()); finally_do_arg (wstring *, &wPassword, { StringConverter::Erase (*finally_arg); }); UI->ShowString (L"\n"); StringConverter::ToSingle (wPassword, passwordStr); } TextUserInterface *UI; }; return shared_ptr <GetStringFunctor> (new AdminPasswordRequestHandler (this)); } void TextUserInterface::ImportSecurityTokenKeyfiles () const { list <SecurityTokenInfo> tokens = SecurityToken::GetAvailableTokens(); if (tokens.empty()) throw_err (LangString ["NO_TOKENS_FOUND"]); CK_SLOT_ID slotId; if (tokens.size() == 1) { slotId = tokens.front().SlotId; } else { foreach (const SecurityTokenInfo &token, tokens) { wstringstream tokenLabel; tokenLabel << L"[" << token.SlotId << L"] " << LangString["TOKEN_SLOT_ID"].c_str() << L" " << token.SlotId << L" " << token.Label; ShowInfo (tokenLabel.str()); } slotId = (CK_SLOT_ID) AskSelection (tokens.back().SlotId, tokens.front().SlotId); } shared_ptr <KeyfileList> keyfiles = AskKeyfiles(); if (keyfiles->empty()) throw UserAbort(); foreach_ref (const Keyfile &keyfilePath, *keyfiles) { File keyfile; keyfile.Open (keyfilePath, File::OpenRead, File::ShareReadWrite, File::PreserveTimestamps); if (keyfile.Length() > 0) { vector <byte> keyfileData (keyfile.Length()); BufferPtr keyfileDataBuf (&keyfileData.front(), keyfileData.size()); keyfile.ReadCompleteBuffer (keyfileDataBuf); finally_do_arg (BufferPtr, keyfileDataBuf, { finally_arg.Erase(); }); SecurityToken::CreateKeyfile (slotId, keyfileData, string (FilePath (keyfilePath).ToBaseName())); } else throw InsufficientData (SRC_POS, FilePath (keyfilePath)); } } void TextUserInterface::InitSecurityTokenLibrary () const { if (Preferences.SecurityTokenModule.IsEmpty()) throw_err (LangString ["NO_PKCS11_MODULE_SPECIFIED"]); struct PinRequestHandler : public GetPinFunctor { PinRequestHandler (const TextUserInterface *userInterface) : UI (userInterface) { } virtual void operator() (string &passwordStr) { if (UI->GetPreferences().NonInteractive) throw MissingArgument (SRC_POS); UI->ShowString (wxString::Format (LangString["ENTER_TOKEN_PASSWORD"], StringConverter::ToWide (passwordStr).c_str()) + L" "); TextUserInterface::SetTerminalEcho (false); finally_do ({ TextUserInterface::SetTerminalEcho (true); }); wstring wPassword (UI->ReadInputStreamLine()); finally_do_arg (wstring *, &wPassword, { StringConverter::Erase (*finally_arg); }); UI->ShowString (L"\n"); StringConverter::ToSingle (wPassword, passwordStr); } const TextUserInterface *UI; }; struct WarningHandler : public SendExceptionFunctor { WarningHandler (const TextUserInterface *userInterface) : UI (userInterface) { } virtual void operator() (const Exception &e) { UI->ShowError (e); } const TextUserInterface *UI; }; try { SecurityToken::InitLibrary (Preferences.SecurityTokenModule, auto_ptr <GetPinFunctor> (new PinRequestHandler (this)), auto_ptr <SendExceptionFunctor> (new WarningHandler (this))); } catch (Exception &e) { ShowError (e); throw_err (LangString ["PKCS11_MODULE_INIT_FAILED"]); } } void TextUserInterface::ListSecurityTokenKeyfiles () const { foreach (const SecurityTokenKeyfile &keyfile, SecurityToken::GetAvailableKeyfiles()) { ShowString (wstring (SecurityTokenKeyfilePath (keyfile))); ShowString (L"\n"); } } VolumeInfoList TextUserInterface::MountAllDeviceHostedVolumes (MountOptions &options) const { while (true) { if (!options.Password) options.Password = AskPassword(); if (!options.Keyfiles) options.Keyfiles = AskKeyfiles(); VolumeInfoList mountedVolumes = UserInterface::MountAllDeviceHostedVolumes (options); if (!mountedVolumes.empty()) return mountedVolumes; options.Password.reset(); } } shared_ptr <VolumeInfo> TextUserInterface::MountVolume (MountOptions &options) const { shared_ptr <VolumeInfo> volume; CheckRequirementsForMountingVolume(); // Volume path while (!options.Path || options.Path->IsEmpty()) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); options.Path = AskVolumePath (); } if (Core->IsVolumeMounted (*options.Path)) { ShowInfo (StringFormatter (LangString["VOLUME_ALREADY_MOUNTED"], wstring (*options.Path))); return volume; } // Mount point if (!options.MountPoint && !options.NoFilesystem) options.MountPoint.reset (new DirectoryPath (AskString (_("Enter mount directory [default]: ")))); VolumePassword password; KeyfileList keyfiles; if ((!options.Password || options.Password->IsEmpty()) && (!options.Keyfiles || options.Keyfiles->empty()) && !Core->IsPasswordCacheEmpty()) { // Cached password try { volume = UserInterface::MountVolume (options); } catch (PasswordException&) { } } int incorrectPasswordCount = 0; while (!volume) { // Password if (!options.Password) { options.Password = AskPassword (StringFormatter (_("Enter password for {0}"), wstring (*options.Path))); } else { try { if (options.Password) options.Password->CheckPortability(); } catch (UnportablePassword &) { ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM"); } } // Keyfiles if (!options.Keyfiles) options.Keyfiles = AskKeyfiles(); // Hidden volume protection if (options.Protection == VolumeProtection::None && !CmdLine->ArgNoHiddenVolumeProtection && AskYesNo (_("Protect hidden volume (if any)?"))) options.Protection = VolumeProtection::HiddenVolumeReadOnly; if (options.Protection == VolumeProtection::HiddenVolumeReadOnly) { if (!options.ProtectionPassword) options.ProtectionPassword = AskPassword (_("Enter password for hidden volume")); if (!options.ProtectionKeyfiles) options.ProtectionKeyfiles = AskKeyfiles (_("Enter keyfile for hidden volume")); } try { volume = UserInterface::MountVolume (options); } catch (ProtectionPasswordIncorrect &e) { ShowInfo (e); options.ProtectionPassword.reset(); } catch (PasswordIncorrect &e) { if (++incorrectPasswordCount > 2 && !options.UseBackupHeaders) { // Try to mount the volume using the backup header options.UseBackupHeaders = true; try { volume = UserInterface::MountVolume (options); ShowWarning ("HEADER_DAMAGED_AUTO_USED_HEADER_BAK"); } catch (...) { options.UseBackupHeaders = false; ShowInfo (e); options.Password.reset(); } } else { ShowInfo (e); options.Password.reset(); } ShowString (L"\n"); } catch (PasswordException &e) { ShowInfo (e); options.Password.reset(); } } #ifdef TC_LINUX if (!Preferences.NonInteractive && !Preferences.DisableKernelEncryptionModeWarning && volume->EncryptionModeName != L"XTS") { ShowWarning (LangString["ENCRYPTION_MODE_NOT_SUPPORTED_BY_KERNEL"]); } #endif return volume; } bool TextUserInterface::OnInit () { try { DefaultMessageOutput = new wxMessageOutputStderr; wxMessageOutput::Set (DefaultMessageOutput); InterfaceType = UserInterfaceType::Text; Init(); } catch (exception &e) { ShowError (e); return false; } return true; } int TextUserInterface::OnRun() { try { if (ProcessCommandLine ()) { Application::SetExitCode (0); return 0; } } catch (exception &e) { ShowError (e); } Application::SetExitCode (1); return 1; } void TextUserInterface::OnSignal (int signal) { #ifdef TC_UNIX try { SetTerminalEcho (true); } catch (...) { } _exit (1); #endif } void TextUserInterface::ReadInputStreamLine (wxString &line) const { if (!TextInputStream.get() || feof (stdin) || ferror (stdin)) throw UserAbort (SRC_POS); line = TextInputStream->ReadLine(); if (ferror (stdin) || (line.empty() && feof (stdin))) throw UserAbort (SRC_POS); } wxString TextUserInterface::ReadInputStreamLine () const { wxString line; ReadInputStreamLine (line); return line; } void TextUserInterface::RestoreVolumeHeaders (shared_ptr <VolumePath> volumePath) const { if (!volumePath) volumePath = AskVolumePath(); if (!volumePath) throw UserAbort (SRC_POS); #ifdef TC_WINDOWS if (Core->IsVolumeMounted (*volumePath)) throw_err (LangString["DISMOUNT_FIRST"]); #endif // Ask whether to restore internal or external backup bool restoreInternalBackup; shared_ptr <Pkcs5Kdf> kdf; if (CmdLine->ArgHash) { kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash, false); } ShowInfo (LangString["HEADER_RESTORE_EXTERNAL_INTERNAL"]); ShowInfo (L"\n1) " + LangString["HEADER_RESTORE_INTERNAL"]); ShowInfo (L"2) " + LangString["HEADER_RESTORE_EXTERNAL"] + L"\n"); switch (AskSelection (2)) { case 1: restoreInternalBackup = true; break; case 2: restoreInternalBackup = false; break; default: throw UserAbort (SRC_POS); } /* force the display of the random enriching interface */ RandomNumberGenerator::SetEnrichedByUserStatus (false); if (restoreInternalBackup) { // Restore header from the internal backup shared_ptr <Volume> volume; MountOptions options; options.Path = volumePath; while (!volume) { ShowString (L"\n"); options.Password = AskPassword(); options.Keyfiles = AskKeyfiles(); try { volume = Core->OpenVolume ( options.Path, options.PreserveTimestamps, options.Password, kdf, false, options.Keyfiles, options.Protection, options.ProtectionPassword, options.ProtectionKdf, options.ProtectionKeyfiles, options.SharedAccessAllowed, VolumeType::Unknown, true ); } catch (PasswordException &e) { ShowInfo (e); } } shared_ptr <VolumeLayout> layout = volume->GetLayout(); if (typeid (*layout) == typeid (VolumeLayoutV1Normal)) { throw_err (LangString ["VOLUME_HAS_NO_BACKUP_HEADER"]); } RandomNumberGenerator::Start(); UserEnrichRandomPool(); // Re-encrypt volume header SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize()); Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Keyfiles); // Write volume header int headerOffset = volume->GetLayout()->GetHeaderOffset(); shared_ptr <File> volumeFile = volume->GetFile(); if (headerOffset >= 0) volumeFile->SeekAt (headerOffset); else volumeFile->SeekEnd (headerOffset); volumeFile->Write (newHeaderBuffer); } else { // Restore header from an external backup wxString confirmMsg = L"\n\n" + LangString["CONFIRM_VOL_HEADER_RESTORE"]; confirmMsg.Replace (L"%hs", L"%s"); if (!AskYesNo (wxString::Format (confirmMsg, wstring (*volumePath).c_str()), true, true)) return; ShowString (L"\n"); FilePath filePath = AskFilePath(); if (filePath.IsEmpty()) throw UserAbort (SRC_POS); File backupFile; backupFile.Open (filePath, File::OpenRead); uint64 headerSize; bool legacyBackup; // Determine the format of the backup file switch (backupFile.Length()) { case TC_VOLUME_HEADER_GROUP_SIZE: headerSize = TC_VOLUME_HEADER_SIZE; legacyBackup = false; break; case TC_VOLUME_HEADER_SIZE_LEGACY * 2: headerSize = TC_VOLUME_HEADER_SIZE_LEGACY; legacyBackup = true; break; default: throw_err (LangString ["HEADER_BACKUP_SIZE_INCORRECT"]); } // Open the volume header stored in the backup file MountOptions options; shared_ptr <VolumeLayout> decryptedLayout; while (!decryptedLayout) { options.Password = AskPassword (L"\n" + LangString["ENTER_HEADER_BACKUP_PASSWORD"]); options.Keyfiles = AskKeyfiles(); try { // Test volume layouts foreach (shared_ptr <VolumeLayout> layout, VolumeLayout::GetAvailableLayouts ()) { if (layout->HasDriveHeader()) continue; if (!legacyBackup && (typeid (*layout) == typeid (VolumeLayoutV1Normal))) continue; if (legacyBackup && (typeid (*layout) == typeid (VolumeLayoutV2Normal) || typeid (*layout) == typeid (VolumeLayoutV2Hidden))) continue; SecureBuffer headerBuffer (layout->GetHeaderSize()); backupFile.ReadAt (headerBuffer, layout->GetType() == VolumeType::Hidden ? layout->GetHeaderSize() : 0); // Decrypt header shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password); if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes())) { decryptedLayout = layout; break; } } if (!decryptedLayout) throw PasswordIncorrect (SRC_POS); } catch (PasswordException &e) { ShowWarning (e); } } File volumeFile; volumeFile.Open (*volumePath, File::OpenReadWrite, File::ShareNone, File::PreserveTimestamps); RandomNumberGenerator::Start(); UserEnrichRandomPool(); // Re-encrypt volume header SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize()); Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Keyfiles); // Write volume header int headerOffset = decryptedLayout->GetHeaderOffset(); if (headerOffset >= 0) volumeFile.SeekAt (headerOffset); else volumeFile.SeekEnd (headerOffset); volumeFile.Write (newHeaderBuffer); if (decryptedLayout->HasBackupHeader()) { // Re-encrypt backup volume header Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Keyfiles); // Write backup volume header headerOffset = decryptedLayout->GetBackupHeaderOffset(); if (headerOffset >= 0) volumeFile.SeekAt (headerOffset); else volumeFile.SeekEnd (headerOffset); volumeFile.Write (newHeaderBuffer); } } ShowString (L"\n"); ShowInfo ("VOL_HEADER_RESTORED"); } void TextUserInterface::SetTerminalEcho (bool enable) { if (CmdLine->ArgDisplayPassword) return; #ifdef TC_UNIX struct termios termAttr; if (tcgetattr (0, &termAttr) == 0) { if (!enable) { termAttr.c_lflag &= ~ECHO; throw_sys_if (tcsetattr (0, TCSANOW, &termAttr) != 0); } else { termAttr.c_lflag |= ECHO; throw_sys_if (tcsetattr (0, TCSANOW, &termAttr) != 0); } } #endif } void TextUserInterface::UserEnrichRandomPool () const { RandomNumberGenerator::Start(); if (RandomNumberGenerator::IsEnrichedByUser()) return; if (CmdLine->ArgHash) RandomNumberGenerator::SetHash (CmdLine->ArgHash); if (!CmdLine->ArgRandomSourcePath.IsEmpty()) { SecureBuffer buffer (RandomNumberGenerator::PoolSize); File randSourceFile; randSourceFile.Open (CmdLine->ArgRandomSourcePath, File::OpenRead); for (size_t i = 0; i < buffer.Size(); ++i) { if (randSourceFile.Read (buffer.GetRange (i, 1)) < 1) break; } RandomNumberGenerator::AddToPool (buffer); RandomNumberGenerator::SetEnrichedByUserStatus (true); } else if (!Preferences.NonInteractive) { int randCharsRequired = RandomNumberGenerator::PoolSize; ShowInfo (StringFormatter (_("\nPlease type at least {0} randomly chosen characters and then press Enter:"), randCharsRequired)); SetTerminalEcho (false); finally_do ({ TextUserInterface::SetTerminalEcho (true); }); while (randCharsRequired > 0) { wstring randStr = AskString(); RandomNumberGenerator::AddToPool (ConstBufferPtr ((byte *) randStr.c_str(), randStr.size() * sizeof (wchar_t))); randCharsRequired -= randStr.size(); if (randCharsRequired > 0) ShowInfo (StringFormatter (_("Characters remaining: {0}"), randCharsRequired)); } ShowString (L"\n"); RandomNumberGenerator::SetEnrichedByUserStatus (true); } } wxMessageOutput *DefaultMessageOutput; }