Linux/MacOSX: first dynamic mode implementation

2026-05-17 01:51:32 +00:00 · 2015-06-24 14:14:34 +02:00
parent f927ce9b58
commit 9913af3a8e
37 changed files with 680 additions and 105 deletions
--- a/src/Main/TextUserInterface.cpp
+++ b/src/Main/TextUserInterface.cpp
@@ -180,6 +180,34 @@ namespace VeraCrypt
 		return password;
 	}
 	
+	int TextUserInterface::AskPim (const wxString &message) const
+	{
+		int pim = -1;
+		wxString msg = _("Enter new PIM: ");
+		if (!message.empty())
+			msg = message + L": ";
+		while (pim < 0)
+		{
+			wstring pimStr = AskString (msg);
+			if (pimStr.empty())
+				pim = 0;
+			else
+			{
+				try
+				{
+					pim = (int) StringConverter::ToUInt32 (pimStr);
+				}
+				catch (...)
+				{
+					pim = -1;
+					continue;
+				}
+			}
+		}
+		
+		return pim;
+	}
+	
 	ssize_t TextUserInterface::AskSelection (ssize_t optionCount, ssize_t defaultOption) const
 	{
 		while (true)
@@ -272,6 +300,7 @@ namespace VeraCrypt
 			{
 				ShowString (L"\n");
 				options->Password = AskPassword (LangString[volumeType == VolumeType::Hidden ? "ENTER_HIDDEN_VOL_PASSWORD" : "ENTER_NORMAL_VOL_PASSWORD"]);
+				options->Pim = AskPim (volumeType == VolumeType::Hidden ?_("Enter PIM for the hidden volume") : _("Enter PIM for the normal/outer volume"));
 				options->Keyfiles = AskKeyfiles();

 				try
@@ -280,11 +309,13 @@ namespace VeraCrypt
 						options->Path,
 						options->PreserveTimestamps,
 						options->Password,
+						options->Pim,
 						kdf,
 						false,
 						options->Keyfiles,
 						options->Protection,
 						options->ProtectionPassword,
+						options->ProtectionPim,
 						options->ProtectionKdf,
 						options->ProtectionKeyfiles,
 						true,
@@ -345,14 +376,14 @@ namespace VeraCrypt

 		// Re-encrypt volume header
 		SecureBuffer newHeaderBuffer (normalVolume->GetLayout()->GetHeaderSize());
-		Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Keyfiles);
+		Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, normalVolume->GetHeader(), normalVolumeMountOptions.Password, normalVolumeMountOptions.Pim, normalVolumeMountOptions.Keyfiles);

 		backupFile.Write (newHeaderBuffer);

 		if (hiddenVolume)
 		{
 			// Re-encrypt hidden volume header
-			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Keyfiles);
+			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, hiddenVolume->GetHeader(), hiddenVolumeMountOptions.Password, hiddenVolumeMountOptions.Pim, hiddenVolumeMountOptions.Keyfiles);
 		}
 		else
 		{
@@ -368,7 +399,7 @@ namespace VeraCrypt
 		ShowInfo ("VOL_HEADER_BACKED_UP");
 	}

-	void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, shared_ptr <Hash> currentHash, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const
+	void TextUserInterface::ChangePassword (shared_ptr <VolumePath> volumePath, shared_ptr <VolumePassword> password, int pim, shared_ptr <Hash> currentHash, bool truecryptMode, shared_ptr <KeyfileList> keyfiles, shared_ptr <VolumePassword> newPassword, int newPim, shared_ptr <KeyfileList> newKeyfiles, shared_ptr <Hash> newHash) const
 	{
 		shared_ptr <Volume> volume;

@@ -411,6 +442,12 @@ namespace VeraCrypt
 			{
 				password = AskPassword ();
 			}
+			
+			// current PIM
+			if (!Preferences.NonInteractive && (pim < 0))
+			{
+				pim = AskPim (_("Enter current PIM"));
+			}

 			// Current keyfiles
 			try
@@ -421,7 +458,7 @@ namespace VeraCrypt
 					try
 					{
 						keyfiles.reset (new KeyfileList);
-						volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, kdf, truecryptMode, keyfiles);
+						volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, pim, kdf, truecryptMode, keyfiles);
 					}
 					catch (PasswordException&)
 					{
@@ -431,7 +468,7 @@ namespace VeraCrypt
 				}	

 				if (!volume.get())
-					volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, kdf, truecryptMode, keyfiles);
+					volume = Core->OpenVolume (volumePath, Preferences.DefaultMountOptions.PreserveTimestamps, password, pim, kdf, truecryptMode, keyfiles);
 			}
 			catch (PasswordException &e)
 			{
@@ -450,6 +487,10 @@ namespace VeraCrypt
 			newPassword->CheckPortability();
 		else if (!Preferences.NonInteractive)
 			newPassword = AskPassword (_("Enter new password"), true);
+		
+		// New PIM
+		if ((newPim < 0) && !Preferences.NonInteractive)
+			newPim = AskPim (_("Enter new PIM"));

 		// New keyfiles
 		if (!newKeyfiles.get() && !Preferences.NonInteractive)
@@ -464,7 +505,7 @@ namespace VeraCrypt
 		RandomNumberGenerator::SetEnrichedByUserStatus (false);
 		UserEnrichRandomPool();

-		Core->ChangePassword (volume, newPassword, newKeyfiles,
+		Core->ChangePassword (volume, newPassword, newPim, newKeyfiles,
 			newHash ? Pkcs5Kdf::GetAlgorithm (*newHash, false) : shared_ptr <Pkcs5Kdf>());

 		ShowInfo ("PASSWORD_CHANGED");
@@ -747,6 +788,13 @@ namespace VeraCrypt

 		if (options->Password)
 			options->Password->CheckPortability();
+		
+		// PIM
+		if ((options->Pim < 0) && !Preferences.NonInteractive)
+		{
+			ShowString (L"\n");
+			options->Pim = AskPim (_("Enter PIM"));
+		}

 		// Keyfiles
 		if (!options->Keyfiles && !Preferences.NonInteractive)
@@ -819,6 +867,7 @@ namespace VeraCrypt
 			mountOptions.NoFilesystem = true;
 			mountOptions.Protection = VolumeProtection::None;
 			mountOptions.Password = options->Password;
+			mountOptions.Pim = options->Pim;
 			mountOptions.Keyfiles = options->Keyfiles;

 			shared_ptr <VolumeInfo> volume = Core->MountVolume (mountOptions);
@@ -1070,6 +1119,9 @@ namespace VeraCrypt
 		{
 			if (!options.Password)
 				options.Password = AskPassword();
+			
+			if (options.Pim < 0)
+				options.Pim = AskPim (_("Enter PIM"));

 			if (!options.Keyfiles)
 				options.Keyfiles = AskKeyfiles();
@@ -1080,6 +1132,7 @@ namespace VeraCrypt
 				return mountedVolumes;

 			options.Password.reset();
+			options.Pim = -1;
 		}
 	}
 	
@@ -1144,6 +1197,11 @@ namespace VeraCrypt
 					ShowWarning ("UNSUPPORTED_CHARS_IN_PWD_RECOM");
 				}
 			}
+			
+			if (options.Pim < 0)
+			{
+				options.Pim = AskPim (StringFormatter (_("Enter PIM for {0}"), wstring (*options.Path)));
+			}

 			// Keyfiles
 			if (!options.Keyfiles)
@@ -1159,6 +1217,8 @@ namespace VeraCrypt
 			{
 				if (!options.ProtectionPassword)
 					options.ProtectionPassword = AskPassword (_("Enter password for hidden volume"));
+				if (options.ProtectionPim < 0)
+					options.ProtectionPim = AskPim (_("Enter PIM for hidden volume"));
 				if (!options.ProtectionKeyfiles)
 					options.ProtectionKeyfiles = AskKeyfiles (_("Enter keyfile for hidden volume"));
 			}
@@ -1171,6 +1231,7 @@ namespace VeraCrypt
 			{
 				ShowInfo (e);
 				options.ProtectionPassword.reset();
+				options.ProtectionPim = -1;
 			}
 			catch (PasswordIncorrect &e)
 			{
@@ -1337,6 +1398,7 @@ namespace VeraCrypt
 			{
 				ShowString (L"\n");
 				options.Password = AskPassword();
+				options.Pim = AskPim();
 				options.Keyfiles = AskKeyfiles();

 				try
@@ -1345,11 +1407,13 @@ namespace VeraCrypt
 						options.Path,
 						options.PreserveTimestamps,
 						options.Password,
+						options.Pim,
 						kdf,
 						false,
 						options.Keyfiles,
 						options.Protection,
 						options.ProtectionPassword,
+						options.ProtectionPim,
 						options.ProtectionKdf,
 						options.ProtectionKeyfiles,
 						options.SharedAccessAllowed,
@@ -1374,7 +1438,7 @@ namespace VeraCrypt

 			// Re-encrypt volume header
 			SecureBuffer newHeaderBuffer (volume->GetLayout()->GetHeaderSize());
-			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Keyfiles);
+			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, volume->GetHeader(), options.Password, options.Pim,  options.Keyfiles);

 			// Write volume header
 			int headerOffset = volume->GetLayout()->GetHeaderOffset();
@@ -1434,6 +1498,7 @@ namespace VeraCrypt
 			while (!decryptedLayout)
 			{
 				options.Password = AskPassword (L"\n" + LangString["ENTER_HEADER_BACKUP_PASSWORD"]);
+				options.Pim = AskPim (_("Enter PIM"));
 				options.Keyfiles = AskKeyfiles();

 				try
@@ -1455,7 +1520,7 @@ namespace VeraCrypt

 						// Decrypt header
 						shared_ptr <VolumePassword> passwordKey = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password);
-						if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
+						if (layout->GetHeader()->Decrypt (headerBuffer, *passwordKey, options.Pim, kdf, false, layout->GetSupportedKeyDerivationFunctions(false), layout->GetSupportedEncryptionAlgorithms(), layout->GetSupportedEncryptionModes()))
 						{
 							decryptedLayout = layout;
 							break;
@@ -1479,7 +1544,7 @@ namespace VeraCrypt

 			// Re-encrypt volume header
 			SecureBuffer newHeaderBuffer (decryptedLayout->GetHeaderSize());
-			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Keyfiles);
+			Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles);

 			// Write volume header
 			int headerOffset = decryptedLayout->GetHeaderOffset();
@@ -1493,7 +1558,7 @@ namespace VeraCrypt
 			if (decryptedLayout->HasBackupHeader())
 			{
 				// Re-encrypt backup volume header
-				Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Keyfiles);
+				Core->ReEncryptVolumeHeaderWithNewSalt (newHeaderBuffer, decryptedLayout->GetHeader(), options.Password, options.Pim, options.Keyfiles);
 				
 				// Write backup volume header
 				headerOffset = decryptedLayout->GetBackupHeaderOffset();