This commit increases randomness quality by using more dynamic/varied sources of entropy.
PDH-based disk and network statistics collection in now added to random pool
- Introduced `GetDiskStatistics` to gather disk read/write performance data using PDH API.
- Introduced `GetNetworkStatistics` to gather network send/receive performance data using PDH API.
- Integrated high-resolution timestamps and random intervals to improve entropy in collected data.
- Updated `SlowPoll` function to utilize PDH-based disk and network statistics.
- Removed obsolete NetAPI32-based network statistics collection.
- Add IsWin10BuildAtLeast() helper function to check Windows 10 build numbers
- Replace direct build number comparison with IsWin10BuildAtLeast() for ReflectDrivers check
- Update error message to be more specific about Windows version requirement
During a Windows upgrade, ownership of veracrypt.sys is set to TrustedInstaller, preventing VeraCrypt from accessing the file during an update.
This commit resolves the issue by temporarily taking ownership of the file to rename it, allowing the new file to be copied. The setup process now obtains additional privileges for this operation, which are properly dropped once the file copying is complete.
- Made the maximum work items count configurable to allow flexibility based on system needs.
- Increased the default value of max work items count to 1024 to better handle high-throughput scenarios.
- Queue write IRPs in system worker thread to avoid potential deadlocks in write scenarios.
We always using Unicode functions to interact with UI. We convert UTF8 string to UTF16 and vis-versa.
Overwrite input string instead of using resize that caused old test to remain.
Fix case of readOnly by using correct message.
change position of OK/cancel button to match other dialogs.
Activate translation on this dialog.
This started to cause issues after latest changes to disable privileges when they are no more needed.
Because of the bug, the privileges could not be enabled again because they were wrongly removed.
Cause seems to be IME as documented in KeePass project (https://keepass.info/help/kb/sec_desk.html#ime). We use the same approach as KeePass to disable IME in Secure Desktop.
This commit also add few changes:
- we switch to secure desktop only if SetThreadDesktop succeeds
- we call SwitchDesktop to switch to original desktop only if we actually succeeded in displaying secure desktop
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
