VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/BootEncryption.cpp
AgeCommit message (Collapse)AuthorFilesLines
2024-09-17Windows: Simplify error message related to IsEfiBoot since it always fail ↵Mounir IDRASSI1-20/+6
with ERROR_INVALID_FUNCTION Proposed by @kriegste on https://github.com/veracrypt/VeraCrypt/issues/360
2024-09-16Windows: Fix failed EFI detection on some PCs where BootOrder variable is ↵Mounir IDRASSI1-1/+1
not defined. we now report that EFI is not support only when GetFirmwareEnvironmentVariable fails with error ERROR_INVALID_FUNCTION. Proposed by @kriegste on https://github.com/veracrypt/VeraCrypt/issues/360
2024-09-02Windows: Fix truncated displayed error messageMounir IDRASSI1-4/+4
2024-08-24Windows: Fix regression causing crash when a wrong password is used when ↵Mounir IDRASSI1-1/+1
changing password of volumes
2024-08-14Windows: better handling of reading EFI variable to display help error ↵Mounir IDRASSI1-4/+44
messages in case of failure. Now we accept the possibility of BootOrder EFI variable to be empty in order to try to solve issues on some PCs.
2024-08-02Implement detection of volumes with vulnerable XTS master key.Mounir IDRASSI1-0/+5
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
2024-06-12Avoid conflict with C++17 features std::byte by using uint8 type instead of byteMounir IDRASSI1-108/+108
2023-11-13wolfCrypt as crypto backend for VeraCrypt (#1227)lealem471-7/+10
* wolfCrypt as crypto backend for VeraCrypt * Refactor to use EncryptionModeWolfCryptXTS class
2023-10-10Windows: Fix writing wrong EFI configuration options to registryMounir IDRASSI1-1/+1
2023-09-11Windows: replace CoInitialize calls with CoInitializeExMounir IDRASSI1-1/+1
2023-09-03Windows: remove legacy code (XP, Vista). Simplify code since Windows 7 is ↵Mounir IDRASSI1-32/+4
now minimal OS version.
2023-08-05Windows: Fix false positive detection of new device insertion when clear ↵Mounir IDRASSI1-0/+28
keys option is enable When this option is enabled, we first build the list of currently inserted devices then we start listening to insertion events. When a device insertion occurs, we check if this device is on our list and if yes, we ignore its insertion. We also ignore devices whose Device ID starts with "SWD\" and "ROOT\" since these are not real devices.
2023-07-22Windows: Remove TrueCrypt support. Increment version to 1.26.4.Mounir IDRASSI1-2/+2
2022-03-21Windows: Block upgrade of VeraCrypt is the system is encrypted using ↵Mounir IDRASSI1-0/+28
RIPEMD-160 or GOST89 since they are not supported anymore.
2022-03-08Implement support of Blake2s-256 hash algorithm and remove deprecated ↵Mounir IDRASSI1-11/+7
algorithms RIPEMD-160 and GOST89.
2021-12-04Windows: Implement TESTSIGNING build configuration that allows running under ↵Mounir IDRASSI1-4/+2
Windows Vista,7, 8 and 8.1.
2021-01-02Revert "Windows: Don't check for availability of 32KB of free space for ↵Mounir IDRASSI1-1/+1
bootloader in UEFI boot mode" More work is needed to reduce the 32KB free space requirement without creating regressions.
2021-01-02Windows: Add support for ARM64 platform (e.g. Microsoft Surface Pro X). ↵Mounir IDRASSI1-2/+3
System encryption still not implemented on ARM64
2020-12-11Windows: Don't check for availability of 32KB of free space for bootloader ↵Mounir IDRASSI1-1/+1
in UEFI boot mode since in this case bootloader will be stored in EFI partition and not in the unallocated space at the beginning of the drive
2020-08-03Windows: Use correct parameters for 2nd call to SetStartExec in ↵Mounir IDRASSI1-1/+1
BootEncryption::InstallBootLoader
2020-07-22Windows: Warn about Fast Startup if it is enabled during system encryption ↵Mounir IDRASSI1-0/+10
or volume creation and propose to disable it
2020-07-02Windows: Don't allow to encrypt the system drive if it is already encrypted ↵Mounir IDRASSI1-0/+6
by BitLocker
2020-06-28Windows: remove unused code targeting Windows 2000.Mounir IDRASSI1-4/+1
2019-11-27Windows: compatibility with multi-OS boot configuration by only setting ↵Mounir IDRASSI1-2/+21
VeraCrypt as first bootloader of the system if the current first bootloader is Windows one.
2019-11-27Windows: Don't restore MBR to VeraCrypt value if it is coming from a loader ↵Mounir IDRASSI1-2/+25
different from us or different from Microsoft one.
2019-11-22Windows: Add new registry flags for SystemFavoritesService to control ↵Mounir IDRASSI1-19/+31
updating of EFI BIOS boot menu on shutdown. This will help better manage multi-boot scenarios where we should not mess up with boot order (e.g. grub2 case)
2019-10-27Windows: fix failure to create rescue and thus to encrypt the system if the ↵Mounir IDRASSI1-6/+13
Windows username contains a UNICODE non-ASCII character (cf https://github.com/veracrypt/VeraCrypt/issues/441)
2019-10-27Windows: code refactoring and convert NTSTATUS error code to WIN32 ↵Mounir IDRASSI1-38/+21
equivalent before displaying error message.
2019-10-27Windows: Make EFI System Encryption PostOOBE code more robust to failure to ↵Mounir IDRASSI1-90/+101
access "\\\\?\\GLOBALROOT" disk namespace
2019-10-27Windows: Update EFI NVRAM variable only if changed or doesn't exist and add ↵Mounir IDRASSI1-9/+19
configuration to force setting EFI BootNext to veraCrypt bootloader before each shutdown
2019-10-26Windows: Restore veraCrypt boot meny entry for system encryption more often, ↵Mounir IDRASSI1-7/+16
especially during PostOOBE calls, and handle additional corner cases.
2019-10-25Windows: Fix test of GetPrivateProfileString output since this function ↵Mounir IDRASSI1-1/+1
discards double quotation marks
2019-10-25Windows: only update MBR first 512 bytes if they have changed and don't ↵Mounir IDRASSI1-30/+45
update full MBR bootload in case of PostOOBE
2019-10-25Windows: Avoid unnecessarily update of system encryption SetupConfig related ↵Mounir IDRASSI1-4/+53
files if there content didn't change
2019-10-20Windows: Avoid unnecessary write operations when copying/modifying EFI ↵Mounir IDRASSI1-6/+124
bootloader files in order to avoid leaking modification timestamp
2019-10-20Windows: add more checks to correctly identify Microsoft original bootloader.Mounir IDRASSI1-3/+24
2019-10-20Windows: Add checks that the System Favorites service is running. Warn user ↵Mounir IDRASSI1-1/+39
if he enabled option to clear RAM encryption keys and the service is stopped.
2019-10-18Windows: handle case of DcsProp configuration file for EFI system encryption ↵Mounir IDRASSI1-30/+91
contains wrong "ActionSuccess" entry that points towards bootmgfw.efi which is now our bootloader and not Microsoft one.
2019-10-14Windows: Fix regression that causes system favorites not to mount if ↵Mounir IDRASSI1-1/+9
VeraCrypt 1.24 is freshly installed and not updated.
2019-01-26Windows: Add a build configuration containing EFI bootloader signed with ↵Mounir IDRASSI1-1/+4
custom SecureBoot key instead
2019-01-15Windows: enhancements to EFI system encryption, like handling of Multi-Boot ↵Mounir IDRASSI1-38/+71
and better compatibility with Windows Upgrade process.
2019-01-14Windows: enhance support of new behavior of favorite service which is now ↵Mounir IDRASSI1-5/+6
always running in case of system encryption
2019-01-14Windows: Implement feature that enables clearing of encryption keys when a ↵Mounir IDRASSI1-51/+23
new device is inserted. Better implementation for update of EFI bootloader without usage of drive letters (this can fix random issues encountered during Windows upgrade).
2018-10-10Windows: zero TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG input/output parameter as it ↵Mounir IDRASSI1-0/+2
is done for other IOCTLs
2018-09-03Windows: handle case of inconsistencies in EFI system partition content ↵Mounir IDRASSI1-5/+32
during system encryption wizard caused by older VeraCrypt system encryption not properly uninstalled (e.g. reinstall Windows without decryption first).
2018-09-03Windows: add define to support case of using EFI bootloader signed by ↵Mounir IDRASSI1-3/+24
Microsoft (no check on custom keys in BIOS + removal of DcsBml EFI driver since it can not be signed).
2018-08-15Windows: Add various checks and replace STL code after Coverity reportMounir IDRASSI1-1/+1
2018-08-06Windows: Fix hidden OS boot after upgrade to version 1.23 by explicitly ↵Mounir IDRASSI1-3/+2
specifying the new name for the bootloader to launch after password validation.
2018-05-03Windows: Support machines without "EFI\Boot" folder for EFI system ↵Mounir IDRASSI1-70/+105
encryption (e.g. Windows LTSB). Compatibility enhancements for EFI system encryption.
2018-04-23Windows: Don't start EFI system encryption process if SecureBoot is enabled ↵Mounir IDRASSI1-5/+290
and VeraCrypt-DCS custom keys were not loaded in the machine firmware.