Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Update build requirements and instructions in Readme

Browse Source
This commit is contained in:
Mounir IDRASSI
2021-09-05 16:23:07 +02:00
parent ddf9811b21
commit 9820ca06df
2 changed files with 75 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
README.md
View File

@@ -44,6 +44,7 @@ Requirements for Building VeraCrypt for Windows:
------------------------------------------------ ------------------------------------------------
- Microsoft Visual C++ 2010 SP1 (Professional Edition or compatible) - Microsoft Visual C++ 2010 SP1 (Professional Edition or compatible)
- Microsoft Visual C++ 2019
- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads) - Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads)
- Microsoft Windows SDK for Windows 7.1 (configured for Visual C++ 2010) - Microsoft Windows SDK for Windows 7.1 (configured for Visual C++ 2010)
- Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing) - Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing)
@@ -59,19 +60,19 @@ The 64-bit editions of Windows Vista and later versions of Windows, and in
some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not
allow the VeraCrypt driver to run without an appropriate digital signature. allow the VeraCrypt driver to run without an appropriate digital signature.
Therefore, all .sys files in official VeraCrypt binary packages are digitally Therefore, all .sys files in official VeraCrypt binary packages are digitally
signed with the digital certificate of the IDRIX, which was signed with the digital certificate of the IDRIX, which was issued by
issued by Thawte certification authority. At the end of each official .exe and GlobalSign certification authority. At the end of each official .exe and
.sys file, there are embedded digital signatures and all related certificates .sys file, there are embedded digital signatures and all related certificates
(i.e. all certificates in the relevant certification chain, such as the (i.e. all certificates in the relevant certification chain, such as the
certification authority certificates, CA-MS cross-certificate, and the certification authority certificates, CA-MS cross-certificate, and the
IDRIX certificate). IDRIX certificate).
Keep this in mind if you compile VeraCrypt Keep this in mind if you compile VeraCrypt and compare your binaries with the
and compare your binaries with the official binaries. If your binaries are official binaries. If your binaries are unsigned, the sizes of the official
unsigned, the sizes of the official binaries will usually be approximately binaries will usually be approximately 10 KiB greater than sizes of your
10 KiB greater than sizes of your binaries (there may be further differences binaries (there may be further differences if you use a different version of
if you use a different version of the compiler, or if you install a different the compiler, or if you install a different or no service pack for Visual
or no service pack for Visual Studio, or different hotfixes for it, or if you Studio, or different hotfixes for it, or if you use different versions of
use different versions of the required SDKs). the required SDKs).
Instructions for Building VeraCrypt for Windows: Instructions for Building VeraCrypt for Windows:
@@ -91,12 +92,22 @@ Instructions for Building VeraCrypt for Windows:
3) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2010. 3) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2010.
4) Select 'All' as the active solution configuration. 4) Select 'All' as the active solution configuration and WIN32 as the active
platform.
5) Build the solution. 5) Build the solution.
6) Select x64 as the active platform and build the solution again.
7) Open the solution file 'VeraCrypt_vs2019.sln' in Microsoft Visual Studio 2019.
8) Select 'All' as the active solution configuration and ARM64 as the active
platform.
9) Build the solution.
6) If successful, there should be newly built VeraCrypt binaries in the 6) If successful, there should be newly built VeraCrypt binaries in the
'Release' folder. 'Release\Setup Files' folder.
Instructions for Signing and Packaging VeraCrypt for Windows: Instructions for Signing and Packaging VeraCrypt for Windows:
------------------------------------------------------------- -------------------------------------------------------------
@@ -105,11 +116,13 @@ First, create an environment variable 'WSDK81' pointing to the Windows SDK
for Windows 8.1 installation directory. for Windows 8.1 installation directory.
The folder "Signing" contains a batch file (sign.bat) that will sign all The folder "Signing" contains a batch file (sign.bat) that will sign all
VeraCrypt components using a code signing certificate present on the VeraCrypt components using a code signing certificate present on the
certificate store and also build the final installation setup. certificate store and also build the final installation setup and MSI package.
The batch file suppose that the code signing certificate is issued by Thawte. The batch file suppose that the code signing certificate is issued by
This is the case for IDRIX's certificate. If yours is issued by another CA, GlobalSign. This is the case for IDRIX's certificate. If yours is issued by
then you should put the Root and Intermediate certificates in the "Signing" another CA, then you should put its intermediate certificates in the "Signing"
folder and then modify sign.bat accordingly. folder and modify sign.bat accordingly.
In order to generate MSI packages, WiX Toolset v3.11 must be installed.
VeraCrypt EFI Boot Loader: VeraCrypt EFI Boot Loader:
-------------------------- --------------------------
@@ -176,10 +189,10 @@ On MacOSX, building a console-only executable is not supported.
Mac OS X specifics: Mac OS X specifics:
----------------------------------------------------------- -----------------------------------------------------------
Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version Under MacOSX, the SDK for OSX 11.3 is used by default. To use another version
of the SDK (i.e. 10.6), you can export the environment variable VC_OSX_TARGET: of the SDK (i.e. 10.15), you can export the environment variable VC_OSX_TARGET:
$ export VC_OSX_TARGET=10.6 $ export VC_OSX_TARGET=10.15
Before building under MacOSX, pkg-config must be installed if not yet available. Before building under MacOSX, pkg-config must be installed if not yet available.
@@ -191,13 +204,13 @@ compile using the following commands :
$ sudo make install $ sudo make install
After making sure pkg-config is available, download and install OSXFuse from After making sure pkg-config is available, download and install OSXFuse from
https://osxfuse.github.io/ (MacFUSE compatibility layer must selected) https://osxfuse.github.io/
The script build_veracrypt_macosx.sh available under "src/Build" performs the The script build_veracrypt_macosx.sh available under "src/Build" performs the
full build of VeraCrypt including the creation of the installer pkg. It expects full build of VeraCrypt including the creation of the installer pkg. It expects
to find the wxWidgets 3.0.3 sources at the same level as where you put to find the wxWidgets 3.1.2 sources at the same level as where you put
VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src" VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src"
then wxWidgets should be at "/Users/joe/Projects/wxWidgets-3.0.3") then wxWidgets should be at "/Users/joe/Projects/wxWidgets-3.1.2")
The build process uses Code Signing certificates whose ID is specified in The build process uses Code Signing certificates whose ID is specified in
src/Main/Main.make (look for lines containing "Developer ID Application" and src/Main/Main.make (look for lines containing "Developer ID Application" and

67
src/Readme.txt
View File

@@ -44,6 +44,7 @@ Requirements for Building VeraCrypt for Windows:
------------------------------------------------ ------------------------------------------------
- Microsoft Visual C++ 2010 SP1 (Professional Edition or compatible) - Microsoft Visual C++ 2010 SP1 (Professional Edition or compatible)
- Microsoft Visual C++ 2019
- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads) - Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads)
- Microsoft Windows SDK for Windows 7.1 (configured for Visual C++ 2010) - Microsoft Windows SDK for Windows 7.1 (configured for Visual C++ 2010)
- Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing) - Microsoft Windows SDK for Windows 8.1 (needed for SHA-256 code signing)
@@ -59,19 +60,19 @@ The 64-bit editions of Windows Vista and later versions of Windows, and in
some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not
allow the VeraCrypt driver to run without an appropriate digital signature. allow the VeraCrypt driver to run without an appropriate digital signature.
Therefore, all .sys files in official VeraCrypt binary packages are digitally Therefore, all .sys files in official VeraCrypt binary packages are digitally
signed with the digital certificate of the IDRIX, which was signed with the digital certificate of the IDRIX, which was issued by
issued by Thawte certification authority. At the end of each official .exe and GlobalSign certification authority. At the end of each official .exe and
.sys file, there are embedded digital signatures and all related certificates .sys file, there are embedded digital signatures and all related certificates
(i.e. all certificates in the relevant certification chain, such as the (i.e. all certificates in the relevant certification chain, such as the
certification authority certificates, CA-MS cross-certificate, and the certification authority certificates, CA-MS cross-certificate, and the
IDRIX certificate). IDRIX certificate).
Keep this in mind if you compile VeraCrypt Keep this in mind if you compile VeraCrypt and compare your binaries with the
and compare your binaries with the official binaries. If your binaries are official binaries. If your binaries are unsigned, the sizes of the official
unsigned, the sizes of the official binaries will usually be approximately binaries will usually be approximately 10 KiB greater than sizes of your
10 KiB greater than sizes of your binaries (there may be further differences binaries (there may be further differences if you use a different version of
if you use a different version of the compiler, or if you install a different the compiler, or if you install a different or no service pack for Visual
or no service pack for Visual Studio, or different hotfixes for it, or if you Studio, or different hotfixes for it, or if you use different versions of
use different versions of the required SDKs). the required SDKs).
Instructions for Building VeraCrypt for Windows: Instructions for Building VeraCrypt for Windows:
@@ -91,12 +92,22 @@ Instructions for Building VeraCrypt for Windows:
3) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2010. 3) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2010.
4) Select 'All' as the active solution configuration. 4) Select 'All' as the active solution configuration and WIN32 as the active
platform.
5) Build the solution. 5) Build the solution.
6) Select x64 as the active platform and build the solution again.
7) Open the solution file 'VeraCrypt_vs2019.sln' in Microsoft Visual Studio 2019.
8) Select 'All' as the active solution configuration and ARM64 as the active
platform.
9) Build the solution.
6) If successful, there should be newly built VeraCrypt binaries in the 6) If successful, there should be newly built VeraCrypt binaries in the
'Release' folder. 'Release\Setup Files' folder.
Instructions for Signing and Packaging VeraCrypt for Windows: Instructions for Signing and Packaging VeraCrypt for Windows:
------------------------------------------------------------- -------------------------------------------------------------
@@ -105,11 +116,13 @@ First, create an environment variable 'WSDK81' pointing to the Windows SDK
for Windows 8.1 installation directory. for Windows 8.1 installation directory.
The folder "Signing" contains a batch file (sign.bat) that will sign all The folder "Signing" contains a batch file (sign.bat) that will sign all
VeraCrypt components using a code signing certificate present on the VeraCrypt components using a code signing certificate present on the
certificate store and also build the final installation setup. certificate store and also build the final installation setup and MSI package.
The batch file suppose that the code signing certificate is issued by Thawte. The batch file suppose that the code signing certificate is issued by
This is the case for IDRIX's certificate. If yours is issued by another CA, GlobalSign. This is the case for IDRIX's certificate. If yours is issued by
then you should put the Root and Intermediate certificates in the "Signing" another CA, then you should put its intermediate certificates in the "Signing"
folder and then modify sign.bat accordingly. folder and modify sign.bat accordingly.
In order to generate MSI packages, WiX Toolset v3.11 must be installed.
VeraCrypt EFI Boot Loader: VeraCrypt EFI Boot Loader:
-------------------------- --------------------------
@@ -146,7 +159,7 @@ Instructions for Building VeraCrypt for Linux and Mac OS X:
command to configure the wxWidgets static library for VeraCrypt and to command to configure the wxWidgets static library for VeraCrypt and to
build it: build it:
$ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild $ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild
The variable WX_ROOT must point to the location of the source code of the The variable WX_ROOT must point to the location of the source code of the
wxWidgets library. Output files will be placed in the './wxrelease/' wxWidgets library. Output files will be placed in the './wxrelease/'
@@ -154,11 +167,11 @@ Instructions for Building VeraCrypt for Linux and Mac OS X:
3) To build VeraCrypt, run the following command: 3) To build VeraCrypt, run the following command:
$ make $ make
or if you have no wxWidgets shared library installed: or if you have no wxWidgets shared library installed:
$ make WXSTATIC=1 $ make WXSTATIC=1
4) If successful, the VeraCrypt executable should be located in the directory 4) If successful, the VeraCrypt executable should be located in the directory
'Main'. 'Main'.
@@ -168,18 +181,18 @@ interface (through the switch --text) is built.
On Linux, a console-only executable, which requires no GUI library, can be On Linux, a console-only executable, which requires no GUI library, can be
built using the 'NOGUI' parameter: built using the 'NOGUI' parameter:
$ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild $ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild
$ make NOGUI=1 WXSTATIC=1 $ make NOGUI=1 WXSTATIC=1
On MacOSX, building a console-only executable is not supported. On MacOSX, building a console-only executable is not supported.
Mac OS X specifics: Mac OS X specifics:
----------------------------------------------------------- -----------------------------------------------------------
Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version Under MacOSX, the SDK for OSX 11.3 is used by default. To use another version
of the SDK (i.e. 10.6), you can export the environment variable VC_OSX_TARGET: of the SDK (i.e. 10.15), you can export the environment variable VC_OSX_TARGET:
$ export VC_OSX_TARGET=10.6 $ export VC_OSX_TARGET=10.15
Before building under MacOSX, pkg-config must be installed if not yet available. Before building under MacOSX, pkg-config must be installed if not yet available.
@@ -191,13 +204,13 @@ compile using the following commands :
$ sudo make install $ sudo make install
After making sure pkg-config is available, download and install OSXFuse from After making sure pkg-config is available, download and install OSXFuse from
https://osxfuse.github.io/ (MacFUSE compatibility layer must selected) https://osxfuse.github.io/
The script build_veracrypt_macosx.sh available under "src/Build" performs the The script build_veracrypt_macosx.sh available under "src/Build" performs the
full build of VeraCrypt including the creation of the installer pkg. It expects full build of VeraCrypt including the creation of the installer pkg. It expects
to find the wxWidgets 3.0.3 sources at the same level as where you put to find the wxWidgets 3.1.2 sources at the same level as where you put
VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src" VeraCrypt sources (i.e. if "src" path is "/Users/joe/Projects/VeraCrypt/src"
then wxWidgets should be at "/Users/joe/Projects/wxWidgets-3.0.3") then wxWidgets should be at "/Users/joe/Projects/wxWidgets-3.1.2")
The build process uses Code Signing certificates whose ID is specified in The build process uses Code Signing certificates whose ID is specified in
src/Main/Main.make (look for lines containing "Developer ID Application" and src/Main/Main.make (look for lines containing "Developer ID Application" and