Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity
2,283 Commits 6 Branches 51 Tags
add8ef71b1352eb23ffe200a604e4c373cecadda
Commit Graph

57 Commits

Author SHA1 Message Date
lealem47
9247ce1bb9 wolfCrypt as crypto backend for VeraCrypt (#1227) 
* wolfCrypt as crypto backend for VeraCrypt

* Refactor to use EncryptionModeWolfCryptXTS class
 2023-11-13 00:51:31 +01:00
Mounir IDRASSI
16bb1de3a6 Security: ensure that XTS primary key is different from secondary key when creating volumes 
This is unlikely to happen thanks to random generator properties but we much add this check to prevent an attack described in page 3 of https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38e-initial-public-comments-2021.pdf
 2023-08-05 10:55:46 +02:00
Mounir IDRASSI
fa6359d424 Windows: Remove TrueCrypt support. Increment version to 1.26.4. 2023-07-22 10:25:22 +02:00
Mounir IDRASSI
533269ca9a Windows: Fix wrong parameter to CloseHandle function in case of failure of CreateEvent (Coverity) 2022-03-26 21:14:49 +01:00
Mounir IDRASSI
36795a688f Implement support of Blake2s-256 hash algorithm and remove deprecated algorithms RIPEMD-160 and GOST89. 2022-03-08 00:29:26 +01:00
Mounir IDRASSI
4b98ff0e98 Windows: Better implementation of PRF autodetection optimization. 2021-08-07 20:47:07 +02:00
Mounir IDRASSI
fdf7888ab3 Windows: Reduce time of mount with PRF auto-detection 2021-07-14 23:59:42 +02:00
Mounir IDRASSI
21674c6aec Windows: Fix various compiler warnings 2020-12-11 23:42:14 +01:00
Mounir IDRASSI
3c18d54d1e Windows driver: replace SHA512 by RIPEMD160 when calculating internal hash of master key to avoid calling KeSaveFloatingPointState/KeSaveExtendedProcessorState since SHA512 implementation uses SSE2/AVX and RIPEMD160 is pure C 2019-02-01 00:35:33 +01:00
Mounir IDRASSI
ee0a2659da Windows driver: remove volumes master keys from CRYPTO_INFO since they are not needed after their key schedule is created 2019-01-21 00:45:31 +01:00
Mounir IDRASSI
27b3fee02d Windows: remove unused fields from CRYPTO_INFO structure 2019-01-21 00:45:23 +01:00
Mounir IDRASSI
c29ee8331a Windows driver: correctly handle IOCTL_DISK_GET_DRIVE_GEOMETRY_EX to fix issues with some disks. Implement IOCTL_STORAGE_GET_MEDIA_TYPES_EX. 2017-07-27 00:30:51 +02:00
Mounir IDRASSI
0ebc26e125 Update IDRIX copyright year 2017-06-23 22:15:59 +02:00
Mounir IDRASSI
74b82118d5 Windows: use IOCTL_DISK_GET_DRIVE_GEOMETRY_EX instead of the deprecated IOCTL_DISK_GET_DRIVE_GEOMETRY in order to get accurate disk size value. 2017-05-17 00:46:41 +02:00
Mounir IDRASSI
041bc9dc0b Windows: Fix false-positive detection of Evil-Maid attack during creation process of hidden OS by excluding the configuration byte in the boot sector whose value changes depending on the content. 2016-10-17 18:40:24 +02:00
Mounir IDRASSI
34f3c055ed Windows: in function CreateVolumeHeaderInMemory, properly unlock and erase sensitive stack memory. 2016-10-17 18:40:22 +02:00
Mounir IDRASSI
8e2c5ca45e Securely erase and protect buffer holding decrypted volume header. 2016-10-17 18:40:21 +02:00
Mounir IDRASSI
335f17b72f Windows: in case of In-Place encryption, encrypt random data instead of existing data when filling unused space like the other cases. 2016-09-11 13:12:45 +02:00
Mounir IDRASSI
5d5a645083 Windows: fix error caused by requesting large number of random bytes when writing randomly generated data to unused/reserved header areas. 2016-08-15 14:19:11 +02:00
Mounir IDRASSI
24560eae1d Windows: fill unused/reserved header areas with the result of encryption of random data instead of the encryption of zeros for better entropy of resulting random data. 2016-08-15 01:09:20 +02:00
Alex
246233c402 Windows EFI Bootloader: modifications to prepare EFI system encryption support (common files with DcsBoot) 2016-08-15 01:09:12 +02:00
Mounir IDRASSI
e90e24b30b Windows: Add support for Streebog (hash) and kuznyechik (encryption) 2016-08-15 01:09:11 +02:00
Mounir IDRASSI
5b381ce7d7 Windows: Fix vulnerability inherited from TrueCrypt that allows an attacker to detect with high probability if a hidden volume is present. Vulnerability reported by Ivanov Alexey Mikhailovich. 2016-08-15 01:09:05 +02:00
Mounir IDRASSI
3aaf5c7045 Windows: solve benchmark issue for Whirlpool which caused wrong numbers when a 1GB buffer is chosen. 2016-07-25 08:26:09 +02:00
Mounir IDRASSI
76d3bc631e Crypto: Add support for Japanese encryption standard Camellia, including for system encryption. 2016-06-02 00:12:00 +02:00
David Foerster
11716ed2da Remove trailing whitespace 2016-05-10 22:18:34 +02:00
David Foerster
fc37cc4a02 Normalize all line terminators 2016-05-10 20:20:14 +02:00
Mounir IDRASSI
1396269d57 Windows: Add option to avoid PIM prompt in pre-boot authentication by storing PIM value unencrypted in MBR. 2016-04-20 00:48:20 +02:00
Mounir IDRASSI
e51aafb499 Windows: fix keys parts not shown in system encryption wizard when the display keys checkbox is checked. This occurred when the "Display pool content" in the previous wizard page was unchecked before clicking Next. 2016-04-17 00:59:01 +02:00
Mounir IDRASSI
ae7ec4802a Windows:Fix various issues and warnings reported by static code analysis tool Coverity. 2016-02-07 02:39:43 +01:00
Mounir IDRASSI
bda7a1d0bd Copyright: update dates to include 2016. 2016-01-20 00:53:24 +01:00
Mounir IDRASSI
4181283f29 Cryptography: Set 16-byte alignment for KEY_INFO structure that is used as input for Whirlpool hash. This helps improve performance. 2016-01-03 00:14:59 +01:00
Mounir IDRASSI
8f6c08330a Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings. 2015-12-21 01:19:04 +01:00
Mounir IDRASSI
9666dda282 Windows: solve GUI issues caused by using ANSI string instead of UNICODE ones. Remove Unused functions. 2015-11-26 19:23:11 +01:00
Mounir IDRASSI
041024fbb9 Update license information to reflect the use of a dual license Apache 2.0 and TrueCrypt 3.0. 2015-08-06 00:04:25 +02:00
Mounir IDRASSI
6ca598f841 Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct bootloader when changing the system encryption password: this enables to recover if an attack is detected. 2015-07-29 00:33:10 +02:00
Mounir IDRASSI
6ef41abdd2 Use Pim name for internal variables instead of the old name Pin 2015-07-11 01:58:34 +02:00
Mounir IDRASSI
c3c1bdd29d Windows: Add support for PIN in favorites. Several enhancements to GUI handling of Dynamic Mode. 2015-06-07 01:38:34 +02:00
Mounir IDRASSI
8ebf5ac605 Windows: first implementation of dynamic mode 2015-05-26 01:38:15 +02:00
Mounir IDRASSI
8e6707cc22 Windows: if TrueCrypt volume created with a version prior to 6.0, display this version in the error message to help users understand why it is not working. 2015-03-02 00:23:58 +01:00
Mounir IDRASSI
4f56a0a53d Windows: Add support for TrueCrypt 6.x since its format (v4) is identical to 7.x apart from the sector size field which we already handle correctly. 2015-01-04 16:29:29 +01:00
Mounir IDRASSI
25c3d15ed7 Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt volumes to VeraCrypt using the change password functionality. 2014-12-28 23:27:56 +01:00
Mounir IDRASSI
a8112b8373 Windows: use the correct window handle for creating message boxes. This became important after the introduction of the wait dialog in order to avoid having message boxes behind the wait dialog. 2014-12-27 13:39:22 +01:00
Mounir IDRASSI
c27461572c Windows: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption. 2014-12-16 00:17:59 +01:00
Mounir IDRASSI
3f2e20e339 Simplify code handling iterations count: in boot mode, we'll set the correct iterations count inside derive_u_sha256 and derive_u_ripemd160 depending in the value of the iterations parameter. On normal mode, we use normal values of iterations count. Removes the special test parameter from RIPEMD160 functions. 2014-11-08 23:24:25 +01:00
Mounir IDRASSI
714a2ce0ae Bootloader: in function ReadVolumeHeader, arrays dk and masterKey have the same size and they are never needed at the same time. So, we can minimize stack memory usage by using only one array instead of two. At the end of the function, the array is erased securely. 2014-11-08 23:24:22 +01:00
Mounir IDRASSI
c1378f781a Bootloader: optimize code size in single cipher mode by manually inlining EAInit, EAGetFirst and EAGetKeySize, and by removing the loop in ReadVolumeHeader that tests for encryption algorithms. 2014-11-08 23:24:19 +01:00
Mounir IDRASSI
f38cf0b694 Add support for SHA-256 in key derivation for bootloader encryption. Create separate bootloader images for SHA-256 and RIPEMD-160. Set SHA-256 as the default PRF for boot encryption and SHA-512 as default PRF for all other cases. Depricate RIPEMD-160. 2014-11-08 23:23:50 +01:00
Mounir IDRASSI
75f7808719 Remove deprecated/legacy cryptographic algorithms and encryption modes that are never used by VeraCrypt. This will speed up volumes opening in many cases. 2014-11-08 23:21:32 +01:00
Mounir IDRASSI
c220db0128 Static Code Analysis : Generalize the use of Safe String functions. Add some NULL pointer checks. Avoid false-positive detection in AppendMenu (MF_SEPARATOR) calls by setting the last parameter to "" instead of NULL. 2014-11-08 23:21:27 +01:00