Detect whether the active firmware Secure Boot db trusts the Microsoft Corporation UEFI CA 2011 before selecting the 2011-signed EFI loader set.
Abort with a clear diagnostic when Secure Boot is enabled but neither the 2011 CA nor the required 2023 CA pair is trusted, and document the CA requirements.
Preserve positive CA detection when malformed db data appears only after a supported Microsoft CA set has already been found, while recording the parse error in diagnostics.
Refs #1778.
Install staged /usr child directories by merging their contents into existing destination directories instead of replacing them. This preserves /usr/sbin symlinks to bin on merged-/usr distributions while keeping traditional layouts working.
Fixes issue: https://github.com/veracrypt/VeraCrypt/issues/1764
The hdiutil `-plist` output used for mount/dismount device discovery
(MountAuxVolumeImage and UpdateMountedVolumeInfo) was parsed with a
hand-rolled string scanner that assumed the value always follows the
requested key and that <key>/<string> pairs appear in a fixed order.
Replace it with the CoreFoundation property-list API
(CFPropertyListCreateWithData + dictionary/array navigation), which is
correct by construction and robust to hdiutil output ordering/variation.
An RAII helper (CFHolder) ensures CFRelease on every path.
Behavior is preserved: prefer the system-entity that carries a
mount-point, otherwise fall back to the first dev-entry, and match disk
images by normalized image-path. CoreFoundation is already linked on
macOS (via Cocoa), so no build changes are needed.
Verified end-to-end on Apple Silicon: mounting parses `hdiutil attach`
output and dismount parses `hdiutil info` output correctly.
Co-authored-by: Damian Rickard <damian@rickard.us>
Record EFI bootloader resource set changes during PostOOBE refreshes and mark a machine-wide rescue disk reminder.
Show the reminder on VeraCrypt startup using the existing generic rescue disk prompt and Create Rescue Disk flow.
Accept Argon2 and Argon2id aliases through HashGetIdByName so Windows mount parsing matches volume creation. Update Windows command-line documentation in English, Russian, and Chinese, and rebuild the CHM user guides.
Keep Argon2 symbols internal unless explicitly exported so VeraCryptFormat.dll exposes only the SDK API.
Add Argon2id/BLAKE2b aliases for the SDK hash selector and update the public header comment to reflect the supported KDF/hash set.
* Honor --no-size-check when creating file containers via the CLI
The text-mode volume creation path clamps the maximum allowed volume
size to the available free disk space and never consults
ArgDisableFileSizeCheck, so the documented --no-size-check switch has no
effect when creating a file-hosted container with `--text --create`.
The flag is honored by the GUI wizard (Forms/VolumeSizeWizardPage.cpp)
but was missing from the text UI, making it impossible to create a
(sparse) container larger than the current free space from the command
line -- even though such a container is perfectly valid on filesystems
with sparse-file support (e.g. APFS, ext4, NTFS) and is exactly what the
flag exists to allow.
Skip the free-space clamp when --no-size-check is set, mirroring the GUI
behavior.
* Fix max volume size handling with no-size-check
Keep the max size sentinel and interactive max choice bounded by available disk space even when --no-size-check allows explicit sparse container sizes beyond the current free space.
---------
Co-authored-by: Damian Rickard <damian@rickard.us>
Co-authored-by: Mounir IDRASSI <mounir.idrassi@amcrypto.jp>
The privileged CoreService handler for SetFileOwnerRequest passed the
client-supplied path straight to chown() as root with no validation --
unlike the adjacent APFS formatter handler, which strictly validates its
device argument. Every legitimate macOS caller of the elevated
SetFileOwner targets a real disk device node (/dev/[r]diskN[sM]), so a
crafted IPC request, or a symlink planted at the target, could otherwise
make the root process change ownership of an arbitrary path.
Validate the target service-side: require the strict device-path form
already used by the formatter, and lstat() it to confirm a block or
character device (rejecting symlinks rather than following them) before
the chown.
Co-authored-by: Damian Rickard <damian@rickard.us>
The Blake2b hash class (BLAKE2b-512) was fully implemented but never
registered in Hash::GetAvailableAlgorithms(), so it was absent from the
Random Pool Enrichment, Keyfile Generator and Benchmark dialogs on
Linux/macOS. In particular, when Argon2 is selected as the volume PRF,
the RNG pool hash is set to BLAKE2b-512, but the Random Pool Enrichment
dialog could neither display nor pre-select it, diverging from Windows
which offers BLAKE2b-512 in the same dialog.
Register Blake2b after Streebog (matching the Crypto.c PRF order). Its
64-byte digest divides RNG_POOL_SIZE (320), so the HashMixPool size
constraint holds, and blake2b.o is always built in non-wolfCrypt builds.
Also make Pkcs5Kdf::GetAlgorithm(const Hash&) Argon2-aware by removing
the unconditional skip of the Argon2 KDF, so a BLAKE2b-512 hash now maps
to the Argon2 KDF instead of throwing.
Document BLAKE2b-512 and Argon2id usage in the HTML/CHM user guide and Russian/Chinese translations. Clarify Argon2id's non-system scope, PBKDF2-HMAC system encryption behavior, PIM parameters, and regenerate the CHM files.
The fixed-size data pool used by LoadLanguageData() in
src/Common/Language.c stores the embedded English XML strings plus the
selected language's XML strings. When AddPoolData() returns NULL
because the 1 MB DATA_POOL_CAPACITY is exhausted, LoadLanguageData()
aborts and returns FALSE. The callers ignore the return value, so the
dictionary is left partially populated: later XML entries (many
controls, warnings and newer dialogs) are missing while earlier
entries, including most menu items, remain translated.
Since 1.26.24 the XML language files have grown enough that several
languages now overflow the pool (e.g. Corsican, French, German and
Dutch).
Increase DATA_POOL_CAPACITY in src/Common/Dictionary.h from 1 MB to
4 MB to accommodate current and near-future translations.
This regression only affects the Windows version, which uses the
Win32/C localization path with this fixed pool. Linux and macOS use
wxWidgets/wxTranslations and do not use src/Common/Dictionary.c for
GUI localization.
Fixes: GH-1587
Use plain objects for x86 intrinsic helper translation units only when building a local arm64-only macOS development binary. Universal macOS builds on Apple Silicon continue to use feature-specific suffix rules so the x86_64 slice keeps the required compiler flags.
Addresses the Apple Silicon Homebrew build failure reported in PR #1678. Credit to Audrius Buika for the original fix proposal and to Damian Rickard for confirming the issue on current master.
- Remove the redundant TC_STR_RELEASE_DATE define from Common/Tcdefs.h
- Add preprocessor helpers to convert TC_RELEASE_DATE_YEAR/MONTH/DAY into
the same "Month Day, Year" wide string used by TC_STR_RELEASED_BY
- Update source_date_epoch.sh to derive SOURCE_DATE_EPOCH from the three
numeric date defines only, removing the string-date parsing fallback
A SourceForge report pointed out that the password-change and header-KDF dialogs reused the current custom PIM when the user selected a different KDF. That was harmless when all choices used the same PBKDF2 PIM scale, but it is wrong with Argon2 because the same numeric PIM has different security and performance meaning.
Avoid silently carrying a custom PIM across KDF changes in both the Windows and wx dialogs. If the new KDF differs from the current one and the user has not explicitly opened the New PIM field, use the default PIM for the selected KDF instead. Keep preserving the current PIM when the KDF is unchanged.
Enable explicit New PIM entry in the header KDF-only flow, warn before resetting an existing custom PIM to the new KDF default, and validate explicitly entered KDF-only PIM values.
Report the new KDF from the Windows dialog as well as the new PIM so favorite volumes update both stored PIM and pinned KDF metadata after password or header KDF changes, including system favorites. Add translation fallbacks, documentation, and release notes for the new behavior.
Allow reproducible makeself finalization to run with Python 2.6+ or Python 3 by avoiding Python 3-only syntax and probing python3, python, then python2.
Return a structured internal result for favorite mount batches instead of combining a BOOL return value with optional out parameters.
Keep the public MountFavoriteVolumes API unchanged and preserve favorite-on-arrival cancellation and drive-letter handling semantics.
Add a cancel callback and batch abort flag so auto-mount-all stops after dialog cancellation.
Mark MountVolume ERR_USER_ABORT with ERROR_CANCELLED so external /cancelmount also stops the scan.
Add a root-driver abort IOCTL that bypasses the mount control mutex and sets cooperative KDF abort flags for the active mount.
Restrict abort requests to privileged callers or to the user that initiated the pending mount, and retry early wait-dialog cancel requests until the driver has registered the cancellable mount context.
Wire the wait dialog Cancel button to send the abort request through a fresh driver handle, and propagate ERR_USER_ABORT through header/cache processing.
Add a /cancelmount command-line switch that sends the same abort request without displaying UI, so users can cancel hidden-wait-dialog mount operations from another process.
Run the install(SCRIPT) mtime/mode clamp for every CPack generator instead of
only the DEB branch, so the RPM payload staging tree is normalised the same way
before rpmbuild sees it. Payload file timestamps and permissions are therefore
reproducible on any rpm version.
For the RPM header, set the spec %defines that pin BuildTime to
SOURCE_DATE_EPOCH (use_source_date_epoch_as_buildtime, which consumes the
exported environment variable) and BuildHost to a fixed value (_buildhost), and
clamp payload mtimes through both the legacy clamp_mtime_to_source_date_epoch
macro and its modern build_mtime_policy replacement. source_date_epoch_from_changelog
is disabled so CPack's placeholder changelog date cannot hijack the epoch.
These macros only exist on rpm >= 4.14 (buildtime/mtime) and >= 4.18
(buildhost). To make the two header fields reproducible on older rpm as well
(CentOS/RHEL 7, rpm < 4.14), add a small libc-interposition shim
(Build/Tools/repro_buildstamp.c) that pins time() and the build hostname,
LD_PRELOAD'ed onto cpack's rpmbuild child by the RPM packaging wrappers. The
shim calls the real uname() and overwrites only nodename, leaving architecture
detection intact, never overrides monotonic clocks, and defers to the real
time() when SOURCE_DATE_EPOCH is unset so a missing epoch is a no-op rather than
a frozen 1970 clock. It is enabled only after it compiles and loads cleanly;
otherwise packaging proceeds without it, because a preload that fails to load
would emit an ld.so error that rpm's check-buildroot script turns into a fatal
%install error.
Derive and export SOURCE_DATE_EPOCH in the rpm and openSUSE wrappers the same
way the deb wrapper already does, mark both wrappers executable, and note in the
README that .deb and .rpm packages are reproducible including on older rpm.
Keep caller-provided SOURCE_DATE_EPOCH authoritative and derive the automatic default through a shared helper used by the Makefile, direct CMake/CPack packaging, and the deb packaging wrapper.
When repository metadata is available, use the HEAD commit timestamp without relying on git -C. Resolve the source root before probing Git so symlinked source paths still use the checkout HEAD. For source tarballs without .git, derive the fallback timestamp from the release date encoded in Common/Tcdefs.h instead of the stale 2020-01-01 constant.
Add TC_RELEASE_DATE_DAY and validate it together with TC_RELEASE_DATE_YEAR, TC_RELEASE_DATE_MONTH, and TC_STR_RELEASE_DATE. Abort when no valid timestamp can be derived.
For direct CMake invocation, initialize SOURCEPATH when the wrapper has not provided it, use the shared helper for derivation, validate the result, and export it for package targets. Also persist the configured epoch through CPACK_PROJECT_CONFIG_FILE so later standalone cpack --config runs export the same value before invoking package generators.
Document that automatic git-checkout builds and release-tarball builds intentionally use different epochs; release reproducers should build from the tarball or set SOURCE_DATE_EPOCH explicitly.
Add a KDF checklist to the Windows benchmark dialog while keeping all algorithms selected by default.
Filter KDF benchmark execution to the checked algorithms and silently skip when none are selected.
Reuse existing KDF localization strings and keep Language.xml unchanged.
Guard BLAKE2s x86 SIMD dispatch on compiled SSE2 intrinsic support so NOSSE2 builds do not reference missing compressor symbols.
Make Argon2 AVX2/SSE2 stubs fall back to the next available implementation instead of returning ARGON2_INCORRECT_PARAMETER when runtime CPU flags outpace build capabilities.
Emit NASM-compatible .pdata/.xdata records for the x64 table AES routines and AES-NI 32-block paths.
Describe the nonvolatile GP and XMM6-XMM15 saves so kernel stack unwinding can cross these routines reliably.
Gate the metadata on win64 output so ELF and Mach-O builds keep their existing assembly paths.
Only call the one-block assembly helper when one block remains after the three-block loop.
This prevents zero-block and multiple-of-three requests from reading and writing one extra block past the caller buffer.
Add a Twofish multiblock self-test covering block counts 0 through 9.
Align CRYPTO_INFO primary and secondary key-schedule buffers so cipher implementations can safely use word-sized schedule access on VeraCrypt-managed storage.
Keep generic Camellia direct uint64 schedule indexing. Builds that define CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS use direct 64-bit key and block byte loads/stores; memcpy is retained only for strict-alignment builds.
Require SSSE3 before using the x64 AESNI 16-way Camellia path because the assembly uses pshufb in addition to AES and AVX.
CRYPTOPP_BOOL_X64 is defined as 0 on non-x64 builds, so #ifdef made HasSSE2() and HasISSE() always true. Use #if so non-x64 builds follow runtime feature detection and DisableCPUExtendedFeatures().
Mounir IDRASSI
nkh0472
Patriccollu
damianrickard
Marius Kjærstad
Mr-Update
Matthaiks