VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Volumes.c
AgeCommit message (Collapse)AuthorFilesLines
2024-09-29Windows: Exclude Argon2 for System Encryption and from automatic detectionMounir IDRASSI1-0/+15
Bootloader doesn't support Argon2 yet. We don't want to add overhead to automatic detection for now.
2024-09-29Windows: Implement foundations for Argon2 support as a KDF in addition to PBKDF2Mounir IDRASSI1-8/+28
2024-08-02Implement detection of volumes with vulnerable XTS master key.Mounir IDRASSI1-0/+8
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
2024-06-12Avoid conflict with C++17 features std::byte by using uint8 type instead of byteMounir IDRASSI1-9/+9
2023-11-13wolfCrypt as crypto backend for VeraCrypt (#1227)lealem471-24/+49
* wolfCrypt as crypto backend for VeraCrypt * Refactor to use EncryptionModeWolfCryptXTS class
2023-08-05Security: ensure that XTS primary key is different from secondary key when ↵Mounir IDRASSI1-0/+9
creating volumes This is unlikely to happen thanks to random generator properties but we much add this check to prevent an attack described in page 3 of https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38e-initial-public-comments-2021.pdf
2023-07-22Windows: Remove TrueCrypt support. Increment version to 1.26.4.Mounir IDRASSI1-35/+9
2022-03-26Windows: Fix wrong parameter to CloseHandle function in case of failure of ↵Mounir IDRASSI1-1/+1
CreateEvent (Coverity)
2022-03-08Implement support of Blake2s-256 hash algorithm and remove deprecated ↵Mounir IDRASSI1-11/+23
algorithms RIPEMD-160 and GOST89.
2021-08-07Windows: Better implementation of PRF autodetection optimization.Mounir IDRASSI1-31/+56
2021-07-14Windows: Reduce time of mount with PRF auto-detectionMounir IDRASSI1-24/+44
2020-12-11Windows: Fix various compiler warningsMounir IDRASSI1-3/+6
2019-02-01Windows driver: replace SHA512 by RIPEMD160 when calculating internal hash ↵Mounir IDRASSI1-5/+6
of master key to avoid calling KeSaveFloatingPointState/KeSaveExtendedProcessorState since SHA512 implementation uses SSE2/AVX and RIPEMD160 is pure C
2019-01-21Windows driver: remove volumes master keys from CRYPTO_INFO since they are ↵Mounir IDRASSI1-33/+31
not needed after their key schedule is created
2019-01-21Windows: remove unused fields from CRYPTO_INFO structureMounir IDRASSI1-3/+2
2017-07-27Windows driver: correctly handle IOCTL_DISK_GET_DRIVE_GEOMETRY_EX to fix ↵Mounir IDRASSI1-12/+13
issues with some disks. Implement IOCTL_STORAGE_GET_MEDIA_TYPES_EX.
2017-06-23Update IDRIX copyright yearMounir IDRASSI1-1/+1
2017-05-17Windows: use IOCTL_DISK_GET_DRIVE_GEOMETRY_EX instead of the deprecated ↵Mounir IDRASSI1-12/+12
IOCTL_DISK_GET_DRIVE_GEOMETRY in order to get accurate disk size value.
2016-10-17Windows: Fix false-positive detection of Evil-Maid attack during creation ↵Mounir IDRASSI1-3/+0
process of hidden OS by excluding the configuration byte in the boot sector whose value changes depending on the content.
2016-10-17Windows: in function CreateVolumeHeaderInMemory, properly unlock and erase ↵Mounir IDRASSI1-8/+19
sensitive stack memory.
2016-10-17Securely erase and protect buffer holding decrypted volume header.Mounir IDRASSI1-0/+3
2016-09-11Windows: in case of In-Place encryption, encrypt random data instead of ↵Mounir IDRASSI1-7/+3
existing data when filling unused space like the other cases.
2016-08-15Windows: fix error caused by requesting large number of random bytes when ↵Mounir IDRASSI1-1/+1
writing randomly generated data to unused/reserved header areas.
2016-08-15Windows: fill unused/reserved header areas with the result of encryption of ↵Mounir IDRASSI1-1/+8
random data instead of the encryption of zeros for better entropy of resulting random data.
2016-08-15Windows EFI Bootloader: modifications to prepare EFI system encryption ↵Alex1-16/+42
support (common files with DcsBoot)
2016-08-15Windows: Add support for Streebog (hash) and kuznyechik (encryption)Mounir IDRASSI1-1/+9
2016-08-15Windows: Fix vulnerability inherited from TrueCrypt that allows an attacker ↵Mounir IDRASSI1-29/+70
to detect with high probability if a hidden volume is present. Vulnerability reported by Ivanov Alexey Mikhailovich.
2016-07-25Windows: solve benchmark issue for Whirlpool which caused wrong numbers when ↵Mounir IDRASSI1-4/+4
a 1GB buffer is chosen.
2016-06-02Crypto: Add support for Japanese encryption standard Camellia, including for ↵Mounir IDRASSI1-0/+8
system encryption.
2016-05-10Remove trailing whitespaceDavid Foerster1-26/+26
2016-05-10Normalize all line terminatorsDavid Foerster1-1270/+1270
2016-04-20Windows: Add option to avoid PIM prompt in pre-boot authentication by ↵Mounir IDRASSI1-2/+3
storing PIM value unencrypted in MBR.
2016-04-17Windows: fix keys parts not shown in system encryption wizard when the ↵Mounir IDRASSI1-1/+1
display keys checkbox is checked. This occurred when the "Display pool content" in the previous wizard page was unchecked before clicking Next.
2016-02-07Windows:Fix various issues and warnings reported by static code analysis ↵Mounir IDRASSI1-4/+4
tool Coverity.
2016-01-20Copyright: update dates to include 2016.Mounir IDRASSI1-1/+1
2016-01-03Cryptography: Set 16-byte alignment for KEY_INFO structure that is used as ↵Mounir IDRASSI1-2/+2
input for Whirlpool hash. This helps improve performance.
2015-12-21Windows: Implement PIM caching, both for system encryption and for normal ↵Mounir IDRASSI1-0/+8
volumes. Add options to activate it in the Preferences and System Settings.
2015-11-26Windows: solve GUI issues caused by using ANSI string instead of UNICODE ↵Mounir IDRASSI1-6/+6
ones. Remove Unused functions.
2015-08-06Update license information to reflect the use of a dual license Apache 2.0 ↵Mounir IDRASSI1-7/+9
and TrueCrypt 3.0.
2015-07-29Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct ↵Mounir IDRASSI1-0/+37
bootloader when changing the system encryption password: this enables to recover if an attack is detected.
2015-07-11Use Pim name for internal variables instead of the old name PinMounir IDRASSI1-11/+11
2015-06-07Windows: Add support for PIN in favorites. Several enhancements to GUI ↵Mounir IDRASSI1-0/+4
handling of Dynamic Mode.
2015-05-26Windows: first implementation of dynamic modeMounir IDRASSI1-9/+12
2015-03-02Windows: if TrueCrypt volume created with a version prior to 6.0, display ↵Mounir IDRASSI1-1/+1
this version in the error message to help users understand why it is not working.
2015-01-04Windows: Add support for TrueCrypt 6.x since its format (v4) is identical to ↵Mounir IDRASSI1-1/+1
7.x apart from the sector size field which we already handle correctly.
2014-12-28Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt ↵Mounir IDRASSI1-9/+36
volumes to VeraCrypt using the change password functionality.
2014-12-27Windows: use the correct window handle for creating message boxes. This ↵Mounir IDRASSI1-6/+6
became important after the introduction of the wait dialog in order to avoid having message boxes behind the wait dialog.
2014-12-16Windows: Enhance performance by implementing the possibility to choose the ↵Mounir IDRASSI1-4/+9
correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption.
2014-11-08Simplify code handling iterations count: in boot mode, we'll set the correct ↵Mounir IDRASSI1-5/+5
iterations count inside derive_u_sha256 and derive_u_ripemd160 depending in the value of the iterations parameter. On normal mode, we use normal values of iterations count. Removes the special test parameter from RIPEMD160 functions.
2014-11-08Bootloader: in function ReadVolumeHeader, arrays dk and masterKey have the ↵Mounir IDRASSI1-12/+9
same size and they are never needed at the same time. So, we can minimize stack memory usage by using only one array instead of two. At the end of the function, the array is erased securely.