Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-12 11:28:26 -06:00
Code Activity
2,348 Commits 6 Branches 51 Tags
bb67a22ac4214db5f1a353bb16508eb347f32c8d
Commit Graph

48 Commits

Author SHA1 Message Date
Mounir IDRASSI
455a4f2176 Avoid conflict with C++17 features std::byte by using uint8 type instead of byte 2024-06-12 12:30:04 +02:00
Mounir IDRASSI
b1657e88e4 Windows Security: make memory protection enabled by default. Add process mitigation (ASLR, Dynamic code, extension points) 
Memory protection can be disabled using registry value "VeraCryptEnableMemoryProtection" under the key "HKLM\SYSTEM\CurrentControlSet\Services\veracrypt"
 2023-09-18 00:13:52 +02:00
Mounir IDRASSI
f84d235cf1 Windows: Implement support for mounting partially encrypted system partitions 
For now, we force ReadOnly mounting for such partitions.
 2023-08-13 22:50:37 +02:00
Mounir IDRASSI
fa6359d424 Windows: Remove TrueCrypt support. Increment version to 1.26.4. 2023-07-22 10:25:22 +02:00
Mounir IDRASSI
c51a209879 Windows: Add registry setting to disable erasing encryption keys on Windows shutdown/reboot. This helps solve BSOD during shutdown/reboot on some machines. 
Under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt", create a REG_DWORD value named "VeraCryptEraseKeysShutdown" and set its value to 0.
 2022-02-06 09:52:24 +01:00
Mounir IDRASSI
f63c2ec13c Windows driver: Set maximum values for encryption queue parameters. Add IOCTL code to read used values from user space maximum value for EncryptionFragmentSize is 2048 maximum value for EncryptionIoRequestCount is 8192 maximum value for EncryptionItemCount is (EncryptionIoRequestCount/2) 2021-12-30 00:42:39 +01:00
Mounir IDRASSI
5640de3584 Windows Driver: Add registry settings to control driver internal encryption queue Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt: - VeraCryptEncryptionFragmentSize (REG_DWORD): size of encryption data fragment in KiB. Default is 256. - VeraCryptEncryptionIoRequestCount (REG_DWORD): maximum number of parallel I/O requests. Default is 16. - VeraCryptEncryptionItemCount (REG_DWORD): maximum number of encryption queue items processed in parallel. Default is 8. 2021-12-20 00:18:58 +01:00
Mounir IDRASSI
5c934d8122 Windows Driver: Add IOCTL code to query RAM encryption status in VeraCrypt driver 2019-03-03 23:48:49 +01:00
Mounir IDRASSI
cf48b532b4 Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha) 2019-03-01 00:35:13 +01:00
Mounir IDRASSI
e5b9cee868 Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy which is now disabled by default 2019-02-08 01:50:03 +01:00
Mounir IDRASSI
d3e7ed96f3 Windows: Implement feature that enables clearing of encryption keys when a new device is inserted. Better implementation for update of EFI bootloader without usage of drive letters (this can fix random issues encountered during Windows upgrade). 2019-01-14 10:49:05 +01:00
Mounir IDRASSI
652e989d23 Windows Security: Add new entry point in driver that allows emergency clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected. 2019-01-09 00:30:12 +01:00
Mounir IDRASSI
11f0b99846 Windows driver: move newly added field in VOLUME_PROPERTIES_STRUCT to the end for compatibility with previous version. 2019-01-09 00:29:57 +01:00
Mounir IDRASSI
1967bd862e Windows: Add mount option that allows mounting a volume without attaching it to the specified drive letter. This is useful in situation where Windows has issue with the filesystem (e.g. ReFS on Windows 10 1809) and we need to use third party software to be able to use the filesystem under Windows through low level VeraCrypt virtual device (e.g. \Device\VeraCryptVolumeX). 2018-12-19 00:41:37 +01:00
Mounir IDRASSI
7cbe6b71e5 Windows: implement a driver configuration option to explicitly allow defragmenting non-système disques by Windows built-in defragmenter tool. 2018-08-24 00:49:59 +02:00
Mounir IDRASSI
d907627f7e Windows: Add option to block TRIM command on system encryption SSD drives. 2018-03-05 19:35:07 +01:00
Mounir IDRASSI
cd59d5364f Windows: Implement TRIM support for non-system SSD partitions/drives and add driver option to enable it (TRIM is disabled by default for non-system SSD partitions/drives) 2018-03-04 18:50:23 +01:00
Mounir IDRASSI
0ebc26e125 Update IDRIX copyright year 2017-06-23 22:15:59 +02:00
Mounir IDRASSI
55aa098295 Windows: fix high CPU usage when a favorite is configured to mount using VolumeID when its host device is connected to the machine. 2017-06-01 01:56:13 +02:00
Mounir IDRASSI
cda40547fe Windows: query extra host drive information using IOCTL_STORAGE_QUERY_PROPERTY (StorageAdapterProperty) in both driver and user mode applications. 2017-05-25 01:15:16 +02:00
Mounir IDRASSI
74b82118d5 Windows: use IOCTL_DISK_GET_DRIVE_GEOMETRY_EX instead of the deprecated IOCTL_DISK_GET_DRIVE_GEOMETRY in order to get accurate disk size value. 2017-05-17 00:46:41 +02:00
Mounir IDRASSI
0ac4009720 Windows: Fix failure to access EFS data on VeraCrypt volumes under Windows 10 but supporting undocumented IOCTL. 2016-10-17 18:40:25 +02:00
Mounir IDRASSI
b146e235f8 Windows: align buffers used for keys to avoid issues when SSE used. 2016-08-15 01:09:14 +02:00
David Foerster
11716ed2da Remove trailing whitespace 2016-05-10 22:18:34 +02:00
David Foerster
fc37cc4a02 Normalize all line terminators 2016-05-10 20:20:14 +02:00
Mounir IDRASSI
f5606a44a6 Windows: Finalize implementation of the new volume ID mechanism. Use SHA-256 instead of SHA-512 to compute volume ID to reduce string size and make more convenient to use. 2016-04-14 08:53:41 +02:00
Mounir IDRASSI
60575d9a49 Windows: start implementation of volume ID mechanism that will be used to identify VeraCrypt disk volumes instead of device name. 2016-04-08 23:53:49 +02:00
Mounir IDRASSI
bda7a1d0bd Copyright: update dates to include 2016. 2016-01-20 00:53:24 +01:00
Mounir IDRASSI
8f6c08330a Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings. 2015-12-21 01:19:04 +01:00
Mounir IDRASSI
90bd57fe40 Windows: Full UNICODE rewrite and implement support for UNICODE passwords. 2015-11-26 01:44:52 +01:00
Mounir IDRASSI
9a6fc789eb Windows: Add option to disable detection of "Evil Maid" attacks. This is helpful for users who have software running the modifies the bootloader, like FLEXnet. 2015-10-07 12:56:01 +02:00
Mounir IDRASSI
c94f8c9b63 Windows Driver: Modify fix for CVE-2015-7358 to solve side effects on Windows mount manager while still making it hard to abuse drive letter handling. 2015-10-05 04:31:17 +02:00
Mounir IDRASSI
9b24da3398 Windows Driver: Fix inherited TrueCrypt local elevation of privilege vulnerability caused by abusing the drive letter symbolic link creation facilities to remap the main system drive. Thanks to James Forshaw (Google) for reporting this issue and for helping implementing the fix. 2015-09-26 17:44:03 +02:00
Mounir IDRASSI
db80c02342 Windows: Add option to explicitly support extended disk IOCTLs and disable this support by default. This will avoid having issue with software that doesn't handle correctly partial IOCTL_STORAGE_QUERY_PROPERTY support. 2015-09-16 01:33:14 +02:00
Mounir IDRASSI
90f9194558 Windows: Support setting volume label in Explorer through mount option. Support using favorite label as label in Explorer. 2015-08-31 00:30:58 +02:00
Mounir IDRASSI
041024fbb9 Update license information to reflect the use of a dual license Apache 2.0 and TrueCrypt 3.0. 2015-08-06 00:04:25 +02:00
Mounir IDRASSI
6ca598f841 Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct bootloader when changing the system encryption password: this enables to recover if an attack is detected. 2015-07-29 00:33:10 +02:00
Mounir IDRASSI
6ef41abdd2 Use Pim name for internal variables instead of the old name Pin 2015-07-11 01:58:34 +02:00
Mounir IDRASSI
c3c1bdd29d Windows: Add support for PIN in favorites. Several enhancements to GUI handling of Dynamic Mode. 2015-06-07 01:38:34 +02:00
Mounir IDRASSI
8ebf5ac605 Windows: first implementation of dynamic mode 2015-05-26 01:38:15 +02:00
Mounir IDRASSI
7d52dda67c Windows Driver: Implement querying physical sector size of veraCrypt volume through IOCTL_STORAGE_QUERY_PROPERTY 2015-05-03 15:47:29 +02:00
Mounir IDRASSI
cc02c78a8c Windows Driver: add TrueCrypt mode of mounted volumes to the output of TC_IOCTL_GET_MOUNTED_VOLUMES 2015-01-04 16:29:31 +01:00
Mounir IDRASSI
25c3d15ed7 Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt volumes to VeraCrypt using the change password functionality. 2014-12-28 23:27:56 +01:00
Mounir IDRASSI
c27461572c Windows: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption. 2014-12-16 00:17:59 +01:00
Mounir IDRASSI
68f16dae24 Implement support for creating and booting encrypted partition using SHA-256. Support SHA-256 for normal volumes as well. 2014-11-08 23:23:53 +01:00
Mounir IDRASSI
75f7808719 Remove deprecated/legacy cryptographic algorithms and encryption modes that are never used by VeraCrypt. This will speed up volumes opening in many cases. 2014-11-08 23:21:32 +01:00
Mounir IDRASSI
03867fbf56 Modifications to remove all TrueCrypt references in names. generate new GUIDs for VeraCrypt. Replace "TRUE" by "VERA" in volume headers and driver magic word. 2014-11-08 23:18:19 +01:00
Mounir IDRASSI
c606f0866c Add original TrueCrypt 7.1a sources 2014-11-08 23:18:07 +01:00