VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Apidrvr.h
AgeCommit message (Collapse)AuthorFilesLines
2024-08-02Implement detection of volumes with vulnerable XTS master key.Mounir IDRASSI1-0/+3
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
2024-06-12Avoid conflict with C++17 features std::byte by using uint8 type instead of byteMounir IDRASSI1-5/+5
2023-09-18Windows Security: make memory protection enabled by default. Add process ↵Mounir IDRASSI1-0/+2
mitigation (ASLR, Dynamic code, extension points) Memory protection can be disabled using registry value "VeraCryptEnableMemoryProtection" under the key "HKLM\SYSTEM\CurrentControlSet\Services\veracrypt"
2023-08-13Windows: Implement support for mounting partially encrypted system partitionsMounir IDRASSI1-0/+1
For now, we force ReadOnly mounting for such partitions.
2023-07-22Windows: Remove TrueCrypt support. Increment version to 1.26.4.Mounir IDRASSI1-6/+1
2022-02-06Windows: Add registry setting to disable erasing encryption keys on Windows ↵Mounir IDRASSI1-0/+2
shutdown/reboot. This helps solve BSOD during shutdown/reboot on some machines. Under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt", create a REG_DWORD value named "VeraCryptEraseKeysShutdown" and set its value to 0.
2021-12-30Windows driver: Set maximum values for encryption queue parameters. Add ↵Mounir IDRASSI1-0/+9
IOCTL code to read used values from user space maximum value for EncryptionFragmentSize is 2048 maximum value for EncryptionIoRequestCount is 8192 maximum value for EncryptionItemCount is (EncryptionIoRequestCount/2)
2021-12-20Windows Driver: Add registry settings to control driver internal encryption ↵Mounir IDRASSI1-0/+4
queue Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt: - VeraCryptEncryptionFragmentSize (REG_DWORD): size of encryption data fragment in KiB. Default is 256. - VeraCryptEncryptionIoRequestCount (REG_DWORD): maximum number of parallel I/O requests. Default is 16. - VeraCryptEncryptionItemCount (REG_DWORD): maximum number of encryption queue items processed in parallel. Default is 8.
2019-03-03Windows Driver: Add IOCTL code to query RAM encryption status in VeraCrypt ↵Mounir IDRASSI1-0/+2
driver
2019-03-01Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 ↵Mounir IDRASSI1-0/+1
cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha)
2019-02-08Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy ↵Mounir IDRASSI1-0/+1
which is now disabled by default
2019-01-14Windows: Implement feature that enables clearing of encryption keys when a ↵Mounir IDRASSI1-0/+1
new device is inserted. Better implementation for update of EFI bootloader without usage of drive letters (this can fix random issues encountered during Windows upgrade).
2019-01-09Windows Security: Add new entry point in driver that allows emergency ↵Mounir IDRASSI1-0/+2
clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected.
2019-01-09Windows driver: move newly added field in VOLUME_PROPERTIES_STRUCT to the ↵Mounir IDRASSI1-1/+1
end for compatibility with previous version.
2018-12-19Windows: Add mount option that allows mounting a volume without attaching it ↵Mounir IDRASSI1-0/+1
to the specified drive letter. This is useful in situation where Windows has issue with the filesystem (e.g. ReFS on Windows 10 1809) and we need to use third party software to be able to use the filesystem under Windows through low level VeraCrypt virtual device (e.g. \Device\VeraCryptVolumeX).
2018-08-24Windows: implement a driver configuration option to explicitly allow ↵Mounir IDRASSI1-0/+1
defragmenting non-système disques by Windows built-in defragmenter tool.
2018-03-05Windows: Add option to block TRIM command on system encryption SSD drives.Mounir IDRASSI1-0/+1
2018-03-04Windows: Implement TRIM support for non-system SSD partitions/drives and add ↵Mounir IDRASSI1-0/+1
driver option to enable it (TRIM is disabled by default for non-system SSD partitions/drives)
2017-06-23Update IDRIX copyright yearMounir IDRASSI1-1/+1
2017-06-01Windows: fix high CPU usage when a favorite is configured to mount using ↵Mounir IDRASSI1-3/+3
VolumeID when its host device is connected to the machine.
2017-05-25Windows: query extra host drive information using ↵Mounir IDRASSI1-0/+3
IOCTL_STORAGE_QUERY_PROPERTY (StorageAdapterProperty) in both driver and user mode applications.
2017-05-17Windows: use IOCTL_DISK_GET_DRIVE_GEOMETRY_EX instead of the deprecated ↵Mounir IDRASSI1-0/+11
IOCTL_DISK_GET_DRIVE_GEOMETRY in order to get accurate disk size value.
2016-10-17Windows: Fix failure to access EFS data on VeraCrypt volumes under Windows ↵Mounir IDRASSI1-0/+2
10 but supporting undocumented IOCTL.
2016-08-15Windows: align buffers used for keys to avoid issues when SSE used.Mounir IDRASSI1-1/+55
2016-05-10Remove trailing whitespaceDavid Foerster1-4/+4
2016-05-10Normalize all line terminatorsDavid Foerster1-344/+344
2016-04-14Windows: Finalize implementation of the new volume ID mechanism. Use SHA-256 ↵Mounir IDRASSI1-3/+3
instead of SHA-512 to compute volume ID to reduce string size and make more convenient to use.
2016-04-08Windows: start implementation of volume ID mechanism that will be used to ↵Mounir IDRASSI1-0/+5
identify VeraCrypt disk volumes instead of device name.
2016-01-20Copyright: update dates to include 2016.Mounir IDRASSI1-1/+1
2015-12-21Windows: Implement PIM caching, both for system encryption and for normal ↵Mounir IDRASSI1-0/+2
volumes. Add options to activate it in the Preferences and System Settings.
2015-11-26Windows: Full UNICODE rewrite and implement support for UNICODE passwords.Mounir IDRASSI1-4/+0
2015-10-07Windows: Add option to disable detection of "Evil Maid" attacks. This is ↵Mounir IDRASSI1-0/+1
helpful for users who have software running the modifies the bootloader, like FLEXnet.
2015-10-05Windows Driver: Modify fix for CVE-2015-7358 to solve side effects on ↵Mounir IDRASSI1-1/+2
Windows mount manager while still making it hard to abuse drive letter handling.
2015-09-26Windows Driver: Fix inherited TrueCrypt local elevation of privilege ↵Mounir IDRASSI1-1/+1
vulnerability caused by abusing the drive letter symbolic link creation facilities to remap the main system drive. Thanks to James Forshaw (Google) for reporting this issue and for helping implementing the fix.
2015-09-16Windows: Add option to explicitly support extended disk IOCTLs and disable ↵Mounir IDRASSI1-0/+1
this support by default. This will avoid having issue with software that doesn't handle correctly partial IOCTL_STORAGE_QUERY_PROPERTY support.
2015-08-31Windows: Support setting volume label in Explorer through mount option. ↵Mounir IDRASSI1-0/+6
Support using favorite label as label in Explorer.
2015-08-06Update license information to reflect the use of a dual license Apache 2.0 ↵Mounir IDRASSI1-7/+9
and TrueCrypt 3.0.
2015-07-29Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct ↵Mounir IDRASSI1-0/+6
bootloader when changing the system encryption password: this enables to recover if an attack is detected.
2015-07-11Use Pim name for internal variables instead of the old name PinMounir IDRASSI1-4/+4
2015-06-07Windows: Add support for PIN in favorites. Several enhancements to GUI ↵Mounir IDRASSI1-0/+1
handling of Dynamic Mode.
2015-05-26Windows: first implementation of dynamic modeMounir IDRASSI1-0/+3
2015-05-03Windows Driver: Implement querying physical sector size of veraCrypt volume ↵Mounir IDRASSI1-0/+1
through IOCTL_STORAGE_QUERY_PROPERTY
2015-01-04Windows Driver: add TrueCrypt mode of mounted volumes to the output of ↵Mounir IDRASSI1-0/+1
TC_IOCTL_GET_MOUNTED_VOLUMES
2014-12-28Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt ↵Mounir IDRASSI1-0/+1
volumes to VeraCrypt using the change password functionality.
2014-12-16Windows: Enhance performance by implementing the possibility to choose the ↵Mounir IDRASSI1-0/+3
correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption.
2014-11-08Implement support for creating and booting encrypted partition using ↵Mounir IDRASSI1-0/+1
SHA-256. Support SHA-256 for normal volumes as well.
2014-11-08Remove deprecated/legacy cryptographic algorithms and encryption modes that ↵Mounir IDRASSI1-4/+0
are never used by VeraCrypt. This will speed up volumes opening in many cases.
2014-11-08Modifications to remove all TrueCrypt references in names. generate new ↵Mounir IDRASSI1-8/+8
GUIDs for VeraCrypt. Replace "TRUE" by "VERA" in volume headers and driver magic word.
2014-11-08Add original TrueCrypt 7.1a sourcesMounir IDRASSI1-0/+317