Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2023-09-29 | Windows: enhancement to RAM encryption | Mounir IDRASSI | 1 | -17/+55 | |
- use a more standard-looking memory value tag instead of fully random one that will look suspicious and outstanding - If we fail to allocate 1MiB for derivation area, we device the size by two in a loop until we succeed. This is better than falling back directly to 8KiB size - Better method to derive actual encryption key: instead of simply duplicating 128bit key value, we combine a xor addition and self-encryption to build a 256-bit key - use both encID and pbKeyDerivationArea to derive IV for encryption and not only endID | |||||
2023-06-30 | Correctly detect ARM builds when listing CPU features in headers | Mounir IDRASSI | 1 | -2/+2 | |
2022-03-08 | Implement support of Blake2s-256 hash algorithm and remove deprecated ↵ | Mounir IDRASSI | 1 | -25/+1 | |
algorithms RIPEMD-160 and GOST89. | |||||
2021-08-30 | Windows Driver: use functions from ntstrsafe.h instead of strsafe.h since ↵ | Mounir IDRASSI | 1 | -0/+6 | |
they are destined for kernel mode | |||||
2021-07-14 | Windows: Fix compilation error of bootloader caused by introduction of ↵ | Mounir IDRASSI | 1 | -1/+1 | |
strsafe.h in crypto.c | |||||
2021-07-13 | Windows: replace insecure wcscpy/wcscat/strcpy runtime functions with secure ↵ | Mounir IDRASSI | 1 | -13/+16 | |
equivalents This fixed failure to build driver for ARM64 with latest VS 2019 | |||||
2021-01-02 | Windows: Add support for ARM64 platform (e.g. Microsoft Surface Pro X). ↵ | Mounir IDRASSI | 1 | -0/+28 | |
System encryption still not implemented on ARM64 | |||||
2020-06-21 | Windows: support RAM encryption only if t1ha2 algorithm self test succeeds | Mounir IDRASSI | 1 | -1/+4 | |
2019-12-09 | Linux: fix NOASM compilation (#563) (#568) | alt3r 3go | 1 | -3/+3 | |
Signed-off-by: alt3r 3go <alt3r.3go@protonmail.com> | |||||
2019-09-23 | Fix build error of UEFI bootloader caused by latest changes that introduced ↵ | Mounir IDRASSI | 1 | -1/+1 | |
ChaCha20 and T1HA algorithms and which are not present nor used in UEFI bootloader | |||||
2019-03-02 | Windows: Generalize RAM encryption for keys to VeraCrypt binaries, ↵ | Mounir IDRASSI | 1 | -2/+8 | |
especially Format and Expander | |||||
2019-03-01 | Windows: better debug messages for VcProtectKeys and VcUnprotectKeys functions | Mounir IDRASSI | 1 | -3/+11 | |
2019-03-01 | Windows Driver: Implement RAM encryption for cached passwords | Mounir IDRASSI | 1 | -2/+2 | |
2019-03-01 | Windows: Add some logs in functions for RAM encryption | Mounir IDRASSI | 1 | -0/+8 | |
2019-03-01 | Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 ↵ | Mounir IDRASSI | 1 | -0/+209 | |
cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha) | |||||
2019-02-15 | Windows: rename IsCpuRngSupport to IsCpuRngSupported for clarity and use it ↵ | Mounir IDRASSI | 1 | -1/+1 | |
in Mount.c | |||||
2019-02-15 | Windows: Set CpuRngDisabled variable to TRUE for clarity even if it will be ↵ | Mounir IDRASSI | 1 | -1/+1 | |
set to TRUE anyway by default through EnableCpuRng calls | |||||
2019-02-10 | Fix typo in CPU RNG detection condition (Github issue #417) | Mounir IDRASSI | 1 | -1/+1 | |
2019-02-08 | Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy ↵ | Mounir IDRASSI | 1 | -0/+26 | |
which is now disabled by default | |||||
2019-01-21 | Windows driver: remove volumes master keys from CRYPTO_INFO since they are ↵ | Mounir IDRASSI | 1 | -2/+6 | |
not needed after their key schedule is created | |||||
2019-01-09 | Windows Security: Add new entry point in driver that allows emergency ↵ | Mounir IDRASSI | 1 | -0/+10 | |
clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected. | |||||
2018-03-27 | Crypto: Add support for 5 new cascades of cipher algorithms ↵ | Mounir IDRASSI | 1 | -0/+5 | |
(Camellia-Kuznyechik, Camellia-Serpent, Kuznyechik-AES, Kuznyechik-Serpent-Camellia and Kuznyechik-Twofish) | |||||
2017-11-27 | SIMD speed optimization for Kuznyechik cipher implementation (up to 2x ↵ | Mounir IDRASSI | 1 | -0/+29 | |
speedup). Based on https://github.com/aprelev/libgost15. | |||||
2017-07-22 | Windows: reduce size of MBR bootloader by removing unused functions in each ↵ | Mounir IDRASSI | 1 | -44/+24 | |
build type. | |||||
2017-07-04 | Windows: correctly handle SEH exceptions during self-tests in order to ↵ | Mounir IDRASSI | 1 | -4/+4 | |
disable CPU extended features in such case. | |||||
2017-06-23 | Update IDRIX copyright year | Mounir IDRASSI | 1 | -1/+1 | |
2017-06-21 | Crypto: Add optimized Camellia assembly implementation for x86_64 based on ↵ | Mounir IDRASSI | 1 | -0/+7 | |
work by Jussi Kivilinna (https://github.com/jkivilin/supercop-blockciphers). This improve speed by a factor of 2.5 when AES-NI supported by CPU and by 30% if AES-NI not supported. | |||||
2017-01-12 | Windows: Fix Streebog not recognized by /hash command line switch but making ↵ | Mounir IDRASSI | 1 | -2/+3 | |
hash names matching more generic. | |||||
2016-12-26 | Windows: Enable Twofish optimized 64-bit assembly for UEFI bootloader since ↵ | Mounir IDRASSI | 1 | -3/+3 | |
a pre-compiled object file was included to its build system. | |||||
2016-12-07 | Windows: Don't use Twofish x64 assembly implementation for UEFI bootloader ↵ | Mounir IDRASSI | 1 | -3/+3 | |
(for now, yasm is not integrated in EDKII framework). | |||||
2016-12-07 | Crypto: Add optimized Twofish assembly implementation for x86_64. | Mounir IDRASSI | 1 | -0/+13 | |
2016-10-17 | Windows EFI: don't use optimized Serpent implementation for EFI bootloader ↵ | Mounir IDRASSI | 1 | -3/+3 | |
because lack of C++ support in EDKII framework | |||||
2016-10-17 | Crypto: Use SIMD optimized Serpent implementation from Botan. 2.5x speed ↵ | Mounir IDRASSI | 1 | -2/+36 | |
gain factor. Update credits and copyrights notice. | |||||
2016-10-17 | Add test vectors for Kuznyechik and GOST89 (the later is deprecated) | Mounir IDRASSI | 1 | -1/+1 | |
2016-10-17 | Crypto: deprecate GOST89 so that it can't be used to create new volumes. ↵ | Mounir IDRASSI | 1 | -1/+1 | |
Keep only for existing volumes. | |||||
2016-08-17 | Linux: fix various compilation issues under Linux. | Mounir IDRASSI | 1 | -1/+1 | |
2016-08-15 | Windows: Show only supported encryption algorithm in the system encryption ↵ | Mounir IDRASSI | 1 | -13/+19 | |
wizard for MBR | |||||
2016-08-15 | Windows EFI Bootloader: modifications to prepare EFI system encryption ↵ | Alex | 1 | -40/+46 | |
support (common files with DcsBoot) | |||||
2016-08-15 | Windows: Add support for Streebog (hash) and kuznyechik (encryption) | Mounir IDRASSI | 1 | -0/+8 | |
2016-08-15 | Windows: Add Magma cipher (GOST-89) | Mounir IDRASSI | 1 | -1/+35 | |
2016-07-24 | Crypto: Workaround for AES-NI issue under Hyper-V on Windows Server 2008 R2 ↵ | Mounir IDRASSI | 1 | -0/+5 | |
which masks AES-NI from applications although it is available. | |||||
2016-06-02 | Crypto: Add support for Japanese encryption standard Camellia, including for ↵ | Mounir IDRASSI | 1 | -1/+19 | |
system encryption. | |||||
2016-05-10 | Remove trailing whitespace | David Foerster | 1 | -19/+19 | |
2016-05-10 | Normalize all line terminators | David Foerster | 1 | -1058/+1058 | |
2016-01-20 | Copyright: update dates to include 2016. | Mounir IDRASSI | 1 | -1/+1 | |
2016-01-03 | Cryptography: Set 16-byte alignment for KEY_INFO structure that is used as ↵ | Mounir IDRASSI | 1 | -0/+2 | |
input for Whirlpool hash. This helps improve performance. | |||||
2015-11-26 | Windows: Full UNICODE rewrite and implement support for UNICODE passwords. | Mounir IDRASSI | 1 | -46/+38 | |
2015-09-16 | Windows: first implementation of CLI support for creating volumes. | Mounir IDRASSI | 1 | -2/+2 | |
2015-08-06 | Update license information to reflect the use of a dual license Apache 2.0 ↵ | Mounir IDRASSI | 1 | -7/+9 | |
and TrueCrypt 3.0. | |||||
2015-01-03 | Windows: change cascade encryption naming format to reflex mathematical ↵ | Mounir IDRASSI | 1 | -8/+24 | |
composition of the encryption algorithm, thus being more clear. For example AES(Twofish(Serpent)) instead of AES-Twofish-Serpent. |