Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-06-19 02:56:07 -05:00
Code Activity
2,832 Commits 10 Branches 56 Tags
689a59cd584f090ca5f9214d5f2f3a9eac499e53
Commit Graph

73 Commits

Author SHA1 Message Date
Mounir IDRASSI a9b1d5ce57 Windows: Harden Windows driver input validation 
Validate SecRegion password cache offsets before use.
Wipe decrypted SecRegion password-cache data even when cache validation fails.
Clamp encrypted I/O work item counts and check allocation sizing.
Reject invalid boot drive sector writes and initialize decoy wipe data unit.
Validate hidden-system boot offsets and remap arithmetic before use.
 2026-04-26 18:42:26 +09:00
audriusbuika f63c617431 Fix hibernation crash on fresh Windows 11 25H2 (BSOD Event 41) (#1671) 
* Fix hibernation crash on fresh Windows 11 25H2 (BSOD Event 41)

* follow up on the hibernation fix review: fix MDL check order and drop the risky sleep.
 2026-04-15 09:22:46 +09:00
Mounir IDRASSI 54c39e4eb2 Use "KDF" instead of "PKCS5 PRF" for UI selection of KDF to use 2025-08-08 22:53:04 +09:00
Mounir IDRASSI b673901503 Move copyright and links to "AM Crypo", amcrypto.jp and veracrypt.jp 2025-05-11 16:02:20 +09:00
Bernard Ladenthin 5eb358ca18 Refactor: Use symbolic constants for volume header magic numbers (#1525) 
Replaced hardcoded 0x56455241 ('VERA') with TC_HEADER_MAGIC for better readability and maintainability.
Also replaced 0x5645524142455854 with TC_BOOT_DRIVE_FILTER_EXTENSION_MAGIC and added 'ULL' suffix for 64-bit safety.
 2025-04-21 11:24:02 +02:00
Mounir IDRASSI c69ba240c4 Complete replacement of Dismount references by Unmount in various files 2025-02-02 23:37:36 +01:00
Mounir IDRASSI 1b35abb191 Increment version to 1.26.18. Update copyright date. Update Release Notes. Update Windows drivers. 2025-01-14 12:26:28 +01:00
Mounir IDRASSI 93868acfdd Windows Driver: Use system functions directly instead of dynamic loading since we are targeting Windows 10 2024-11-17 21:37:16 +01:00
Mounir IDRASSI 9c9870b103 Windows: Avoid modifying BootArguments structure and use __unaligned keyword to inform compiler that pointer is unaligned. 
This avoids issues with existing bootloaders
 2024-11-16 01:50:06 +01:00
Mounir IDRASSI c86577fc0e Windows: remove 32-bit logic from the code since we support only 64-bit. remove 32-bit EFI bootloader files. 
We also fix intermediary files folder for Portable and Setup projects
 2024-11-16 01:05:15 +01:00
Mounir IDRASSI cb97351250 Windows: Remove support for 32-bit driver code. Set build target as Windows 10. Simplify code and fix all warnings in driver. 2024-11-13 02:08:51 +01:00
Mounir IDRASSI ed1263bf8c Implement detection of volumes with vulnerable XTS master key. 
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
 2024-08-02 00:20:53 +02:00
Mounir IDRASSI 455a4f2176 Avoid conflict with C++17 features std::byte by using uint8 type instead of byte 2024-06-12 12:30:04 +02:00
Mounir IDRASSI fa6359d424 Windows: Remove TrueCrypt support. Increment version to 1.26.4. 2023-07-22 10:25:22 +02:00
Mounir IDRASSI c51a209879 Windows: Add registry setting to disable erasing encryption keys on Windows shutdown/reboot. This helps solve BSOD during shutdown/reboot on some machines. 
Under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt", create a REG_DWORD value named "VeraCryptEraseKeysShutdown" and set its value to 0.
 2022-02-06 09:52:24 +01:00
Mounir IDRASSI c374782436 Windows: replace insecure wcscpy/wcscat/strcpy runtime functions with secure equivalents 
This fixed failure to build driver for ARM64 with latest VS 2019
 2021-07-13 22:08:02 +02:00
Mounir IDRASSI c6d63e9365 Windows: Block Windows from resizing system partition if it is encrypted. This avoid issues during Windows Upgrade that sometimes resizes system partition which create problems if it is encrypted by VeraCrypt 2021-02-27 23:07:10 +01:00
Mounir IDRASSI 3281b276b6 Windows: Fix various warnings 2021-01-02 01:16:40 +01:00
Mounir IDRASSI 21674c6aec Windows: Fix various compiler warnings 2020-12-11 23:42:14 +01:00
Mounir IDRASSI b48d437c80 Windows Driver: Fix build error using Windows 10 WDK caused by name conflict for KeSaveExtendedProcessorState/KeRestoreExtendedProcessorState functions 2020-12-11 23:42:08 +01:00
Mounir IDRASSI 0121dc0b81 Windows: Fix issue when RAM encryption used, AES selected and AES-NI not supported by CPU that caused the free space of newly created volumes not filled with random data even if "quick format" is not selected by user. 2020-06-21 00:27:15 +02:00
Mounir IDRASSI 3923d11c7b Windows Driver: Disable Hibernation when RAM encryption is enabled since we can't resume from Hibernation without RAM encryption keys (a chicken and egg situation) 2019-10-01 15:09:35 +02:00
Mounir IDRASSI ae5eb73f93 Windows driver: call VcProtectKeys only when RAM encryption enabled although this function does nothing when RAM encryption is disabled. 2019-03-01 00:35:33 +01:00
Mounir IDRASSI 8d7a318795 Windows: use specific order for EFI boot arguments memory regions that matches the one used by EFI bootloader. 2019-03-01 00:35:20 +01:00
Mounir IDRASSI cf48b532b4 Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha) 2019-03-01 00:35:13 +01:00
Mounir IDRASSI ba5da0946c Windows: Add implementation of ChaCha20 based random generator. Use it for driver need of random bytes (currently only wipe bytes but more to come later). 2019-02-08 01:50:12 +01:00
Mounir IDRASSI e5b9cee868 Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy which is now disabled by default 2019-02-08 01:50:03 +01:00
Mounir IDRASSI 5571a8ba6b Windows driver: better randomness for wipe bytes by always using Whirlpool hash of current time and random bytes retrieved using CPU RDRAND/RDSEED if available. 2019-02-01 00:36:19 +01:00
Mounir IDRASSI cdd1179c63 Increase password maximum length to 128 bytes from 64 bytes 2019-01-28 17:16:33 +01:00
Mounir IDRASSI ee0a2659da Windows driver: remove volumes master keys from CRYPTO_INFO since they are not needed after their key schedule is created 2019-01-21 00:45:31 +01:00
Mounir IDRASSI 27b3fee02d Windows: remove unused fields from CRYPTO_INFO structure 2019-01-21 00:45:23 +01:00
Mounir IDRASSI 652e989d23 Windows Security: Add new entry point in driver that allows emergency clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected. 2019-01-09 00:30:12 +01:00
Mounir IDRASSI 7c2cf7889f Windows Driver: erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks 2019-01-09 00:30:05 +01:00
Mounir IDRASSI d907627f7e Windows: Add option to block TRIM command on system encryption SSD drives. 2018-03-05 19:35:07 +01:00
Mounir IDRASSI 89efcdb8cd Windows Driver: correctly save and restore extended processor state when performing AVX operations on Windows 7 and later. Enhance readability of code handling save/restore of floating point state. 2017-07-04 02:26:24 +02:00
Mounir IDRASSI 0ebc26e125 Update IDRIX copyright year 2017-06-23 22:15:59 +02:00
Mounir IDRASSI 546d6cff44 Crypto: Add optimized SHA-512 and SHA-256 assembly implementations for x86_64 and x86. This improves speed by 30%. 2017-06-23 02:11:21 +02:00
Mounir IDRASSI 9b0669da29 Windows driver: fix reading of boot PRF after latest EFI hidden OS changes. Better memory cleanup and changes for code clarity. 2016-12-26 00:00:03 +01:00
kavsrf ac53e293d4 comments and better cleanup 
Signed-off-by: kavsrf <kavsrf@gmail.com>
 2016-12-26 00:00:02 +01:00
kavsrf cd6df44d6f Driver with support of hidden OS 
Signed-off-by: kavsrf <kavsrf@gmail.com>
 2016-12-26 00:00:02 +01:00
Mounir IDRASSI 041bc9dc0b Windows: Fix false-positive detection of Evil-Maid attack during creation process of hidden OS by excluding the configuration byte in the boot sector whose value changes depending on the content. 2016-10-17 18:40:24 +02:00
Mounir IDRASSI 183cbc087a Windows Driver: Erase sensitive boot memory before throwing fatal exception 2016-10-17 18:40:14 +02:00
Alex 246233c402 Windows EFI Bootloader: modifications to prepare EFI system encryption support (common files with DcsBoot) 2016-08-15 01:09:12 +02:00
Mounir IDRASSI 3aaf5c7045 Windows: solve benchmark issue for Whirlpool which caused wrong numbers when a 1GB buffer is chosen. 2016-07-25 08:26:09 +02:00
Mounir IDRASSI 2faa1290c0 Windows Driver: save FPU state in 32-bit mode before run Whirlpool SSE implementation to avoid issues (https://msdn.microsoft.com/fr-fr/library/ff565388(v=vs.85).aspx) 2016-06-17 23:52:03 +02:00
David Foerster 11716ed2da Remove trailing whitespace 2016-05-10 22:18:34 +02:00
David Foerster fc37cc4a02 Normalize all line terminators 2016-05-10 20:20:14 +02:00
Mounir IDRASSI 1396269d57 Windows: Add option to avoid PIM prompt in pre-boot authentication by storing PIM value unencrypted in MBR. 2016-04-20 00:48:20 +02:00
Mounir IDRASSI 8518d55834 Windows Driver: if saving volume header fails, don't mark operation as successful so that it will be retried later. 2016-02-07 02:39:45 +01:00
Mounir IDRASSI bda7a1d0bd Copyright: update dates to include 2016. 2016-01-20 00:53:24 +01:00