47 Commits

Author	SHA1	Message	Date
Mounir IDRASSI	e5b9cee868	Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy which is now disabled by default	2019-02-08 01:50:03 +01:00
Mounir IDRASSI	5571a8ba6b	Windows driver: better randomness for wipe bytes by always using Whirlpool hash of current time and random bytes retrieved using CPU RDRAND/RDSEED if available.	2019-02-01 00:36:19 +01:00
Mounir IDRASSI	cdd1179c63	Increase password maximum length to 128 bytes from 64 bytes	2019-01-28 17:16:33 +01:00
Mounir IDRASSI	ee0a2659da	Windows driver: remove volumes master keys from CRYPTO_INFO since they are not needed after their key schedule is created	2019-01-21 00:45:31 +01:00
Mounir IDRASSI	27b3fee02d	Windows: remove unused fields from CRYPTO_INFO structure	2019-01-21 00:45:23 +01:00
Mounir IDRASSI	652e989d23	Windows Security: Add new entry point in driver that allows emergency clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected.	2019-01-09 00:30:12 +01:00
Mounir IDRASSI	7c2cf7889f	Windows Driver: erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks	2019-01-09 00:30:05 +01:00
Mounir IDRASSI	d907627f7e	Windows: Add option to block TRIM command on system encryption SSD drives.	2018-03-05 19:35:07 +01:00
Mounir IDRASSI	89efcdb8cd	Windows Driver: correctly save and restore extended processor state when performing AVX operations on Windows 7 and later. Enhance readability of code handling save/restore of floating point state.	2017-07-04 02:26:24 +02:00
Mounir IDRASSI	0ebc26e125	Update IDRIX copyright year	2017-06-23 22:15:59 +02:00
Mounir IDRASSI	546d6cff44	Crypto: Add optimized SHA-512 and SHA-256 assembly implementations for x86_64 and x86. This improves speed by 30%.	2017-06-23 02:11:21 +02:00
Mounir IDRASSI	9b0669da29	Windows driver: fix reading of boot PRF after latest EFI hidden OS changes. Better memory cleanup and changes for code clarity.	2016-12-26 00:00:03 +01:00
kavsrf	ac53e293d4	comments and better cleanup ... Signed-off-by: kavsrf <kavsrf@gmail.com>	2016-12-26 00:00:02 +01:00
kavsrf	cd6df44d6f	Driver with support of hidden OS ... Signed-off-by: kavsrf <kavsrf@gmail.com>	2016-12-26 00:00:02 +01:00
Mounir IDRASSI	041bc9dc0b	Windows: Fix false-positive detection of Evil-Maid attack during creation process of hidden OS by excluding the configuration byte in the boot sector whose value changes depending on the content.	2016-10-17 18:40:24 +02:00
Mounir IDRASSI	183cbc087a	Windows Driver: Erase sensitive boot memory before throwing fatal exception	2016-10-17 18:40:14 +02:00
Alex	246233c402	Windows EFI Bootloader: modifications to prepare EFI system encryption support (common files with DcsBoot)	2016-08-15 01:09:12 +02:00
Mounir IDRASSI	3aaf5c7045	Windows: solve benchmark issue for Whirlpool which caused wrong numbers when a 1GB buffer is chosen.	2016-07-25 08:26:09 +02:00
Mounir IDRASSI	2faa1290c0	Windows Driver: save FPU state in 32-bit mode before run Whirlpool SSE implementation to avoid issues (https://msdn.microsoft.com/fr-fr/library/ff565388(v=vs.85).aspx)	2016-06-17 23:52:03 +02:00
David Foerster	11716ed2da	Remove trailing whitespace	2016-05-10 22:18:34 +02:00
David Foerster	fc37cc4a02	Normalize all line terminators	2016-05-10 20:20:14 +02:00
Mounir IDRASSI	1396269d57	Windows: Add option to avoid PIM prompt in pre-boot authentication by storing PIM value unencrypted in MBR.	2016-04-20 00:48:20 +02:00
Mounir IDRASSI	8518d55834	Windows Driver: if saving volume header fails, don't mark operation as successful so that it will be retried later.	2016-02-07 02:39:45 +01:00
Mounir IDRASSI	bda7a1d0bd	Copyright: update dates to include 2016.	2016-01-20 00:53:24 +01:00
Mounir IDRASSI	8f6c08330a	Windows: Implement PIM caching, both for system encryption and for normal volumes. Add options to activate it in the Preferences and System Settings.	2015-12-21 01:19:04 +01:00
Mounir IDRASSI	90bd57fe40	Windows: Full UNICODE rewrite and implement support for UNICODE passwords.	2015-11-26 01:44:52 +01:00
Mounir IDRASSI	041024fbb9	Update license information to reflect the use of a dual license Apache 2.0 and TrueCrypt 3.0.	2015-08-06 00:04:25 +02:00
Mounir IDRASSI	c2d0d5e344	Windows: Add extra checks for bootloader tampering.	2015-08-06 00:03:56 +02:00
Mounir IDRASSI	6ca598f841	Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct bootloader when changing the system encryption password: this enables to recover if an attack is detected.	2015-07-29 00:33:10 +02:00
Mounir IDRASSI	6ef41abdd2	Use Pim name for internal variables instead of the old name Pin	2015-07-11 01:58:34 +02:00
Mounir IDRASSI	c3c1bdd29d	Windows: Add support for PIN in favorites. Several enhancements to GUI handling of Dynamic Mode.	2015-06-07 01:38:34 +02:00
Mounir IDRASSI	8ebf5ac605	Windows: first implementation of dynamic mode	2015-05-26 01:38:15 +02:00
Mounir IDRASSI	e95c075f0c	Windows driver: avoid race condition by using IoAttachDeviceToDeviceStackSafe instead IoAttachDeviceToDeviceStack. Set BootArgs.CryptoInfoLength to 0 after clearing boot memory.	2015-05-15 00:02:38 +02:00
Mounir IDRASSI	516da2229d	Static Code Analysis: in Windows Driver, avoid using uninitialized stack memory as random and use proper random value for wipe operation. Solve potential double-free issue.	2015-02-09 11:01:16 +01:00
Mounir IDRASSI	55b3400afa	Windows: change cascade encryption naming format to reflex mathematical composition of the encryption algorithm, thus being more clear. For example AES(Twofish(Serpent)) instead of AES-Twofish-Serpent.	2015-01-03 23:54:09 +01:00
Mounir IDRASSI	41c12afefd	Windows driver: don't fail if the PRF recovered from boot memory is not recognized in case we are dealing with a restored bootloader coming from a version prior to 1.0f.	2014-12-30 22:31:37 +01:00
Mounir IDRASSI	25c3d15ed7	Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt volumes to VeraCrypt using the change password functionality.	2014-12-28 23:27:56 +01:00
Mounir IDRASSI	c27461572c	Windows: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption.	2014-12-16 00:17:59 +01:00
Mounir IDRASSI	84a279a83f	Windows Driver: change inherited TrueCrypt constants in kernel objects tags by VeraCrypt specific values. These are used in crash dumps analysis and during debugging.	2014-12-11 18:31:27 +01:00
Mounir IDRASSI	f7d8e565b4	Windows Driver Sanity check: check that the password length passed from the bootloader is less than or equal to 64 before using it.	2014-11-08 23:24:27 +01:00
Mounir IDRASSI	68f16dae24	Implement support for creating and booting encrypted partition using SHA-256. Support SHA-256 for normal volumes as well.	2014-11-08 23:23:53 +01:00
Mounir IDRASSI	4fa4d6d227	Windows vulnerability fix: correct possible BSOD attack targeted towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project.	2014-11-08 23:23:05 +01:00
Mounir IDRASSI	5fcb262539	Windows vulnerability fix : clear sensitive data in Windows kernel driver by using burjn instead of memset	2014-11-08 23:22:57 +01:00
Mounir IDRASSI	9bb962c8bb	Fix password memory leak inside the Device driver in boot encryption mode.	2014-11-08 23:20:27 +01:00
Mounir IDRASSI	437cbd9c8b	Remove some legacy code inherited from True and that doesn't apply to VeraCrypt	2014-11-08 23:19:47 +01:00
Mounir IDRASSI	03867fbf56	Modifications to remove all TrueCrypt references in names. generate new GUIDs for VeraCrypt. Replace "TRUE" by "VERA" in volume headers and driver magic word.	2014-11-08 23:18:19 +01:00
Mounir IDRASSI	c606f0866c	Add original TrueCrypt 7.1a sources	2014-11-08 23:18:07 +01:00