The cascade order has been updated so that SM4 is applied after the other cipher(s) (e.g., Serpent). This change reflects standard cryptanalytic guidance, which shows that the overall strength of a cascade is limited by the first encryption stage. Given that SM4 uses a 128-bit key, its post-quantum brute-force resistance is lower than ciphers with a 256-bit key (such as Serpent). By placing SM4 last, we ensure that any potential weakness in SM4 cannot reduce the security margin provided by the stronger cipher.
When VeraCrypt is run as an AppImage, the veracrypt binary resides in a SquashFS mount under /tmp which is inaccessible to root. Using this path with sudo results in a "command not found" error.
This patch detects the AppImage environment by checking both APPIMAGE and APPDIR variables, ensuring the executable path starts with APPDIR and that APPDIR starts with the expected "/tmp/.mount_Veracr" prefix. In this scenario, the AppImage file itself (APPIMAGE) is used as the executable for sudo, resolving the elevation issue.
- Added parameters for cluster size (auto/manual), encryption/hash, safety margin, VeraCrypt overhead, and VeraCrypt path override
- Switched to iterative exFAT size calculation for accurate FAT/bitmap sizing
- Auto-selects optimal cluster size based on data size
- Supports -WhatIf/-Confirm (SupportsShouldProcess) for safe operation
- Allows password via pipeline or prompt; improved error handling and cleanup
- Enhanced output, free space checks, and force-overwrite option
- Improved code structure, comments, and user feedback
Replaced hardcoded 0x56455241 ('VERA') with TC_HEADER_MAGIC for better readability and maintainability.
Also replaced 0x5645524142455854 with TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC and added 'ULL' suffix for 64-bit safety.
This commit updates several strings in the Italian language file
based on an expert review.
The changes focus on:
- Using more idiomatic phrasing (e.g., "negazione plausibile").
- Employing standard IT terminology (e.g., "Codice di errore").
- Adjusting formality for better UX (e.g., informal commands, recommendations).
- Improving sentence structure for system messages (e.g., impersonal "si").
This patch moves away from gnome-terminal -e options which is deprecated
and subject to possibly be removed in the future. The -- option is nearly
equivalent in behaviour. Also ensures that uninstallation script has correct
privileges, adds window title to xmessage and ensures correct files are
used during installation.
