Age | Commit message (Collapse) | Author | Files | Lines |
|
* EMVCard.cpp: ArrayToHexWideString: prohibit conversion of a string constant
../Common/EMVCard.cpp: In function 'std::wstring VeraCrypt::ArrayToHexWideString(con
st unsigned char*, size_t)':
../Common/EMVCard.cpp:28:43: warning: ISO C++ forbids converting a string constant
to 'wchar_t*' [-Wwrite-strings]
28 | static wchar_t* hexChar = L"0123456789ABCDEF";
| ^~~~~~~~~~~~~~~~~~~
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
* EMVCard.cpp: ArrayToHexWideString: fix of the comparison of different types
../Common/EMVCard.cpp: In function 'std::wstring VeraCrypt::ArrayToHexWideString(con
st unsigned char*, size_t)':
../Common/EMVCard.cpp:32:43: warning: comparison of integer expressions of different
signedness: 'int' and 'size_t' {aka 'long unsigned int'} [-Wsign-compare]
32 | for (int i = 0; i < cbData; i++)
| ~~^~~~~~~~
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
* SecurityTokenKeyfilesDialog.cpp: removed initialization of an unused variable
Forms/SecurityTokenKeyfilesDialog.cpp:58:24: warning: unused variable 'i' [-Wunused-
variable]
58 | size_t i = 0;
| ^
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
* Core/Unix: throwing an exception instead of ignoring the error
Fixes: 5a6b445f ("fix warnings and UB (#1164)")
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
---------
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
Co-authored-by: Vasiliy Kovalev <kovalev@altlinux.org>
|
|
Windows 11 issues
We use only alphanumeric characters for the name in addition to the '_' character
We ensure the random desktop name doesn't already exist
We create the random desktop on the Secure Desktop thread and we look over SwitchDesktop until it works.
We call SetThreadDesktop (hOriginalDesk) in main thread once we finish
|
|
|
|
|
|
|
|
signed driver files.
|
|
- use a more standard-looking memory value tag instead of fully random one that will look suspicious and outstanding
- If we fail to allocate 1MiB for derivation area, we device the size by two in a loop until we succeed. This is better than falling back directly to 8KiB size
- Better method to derive actual encryption key: instead of simply duplicating 128bit key value, we combine a xor addition and self-encryption to build a 256-bit key
- use both encID and pbKeyDerivationArea to derive IV for encryption and not only endID
|
|
better seed for internal RNG compared to KeQueryInterruptTime
|
|
only if PC connected to Internet
|
|
Updated to the latest version for the VeraCrypt 1.26.6 release.
|
|
outdated
|
|
memory protection
Also a dedicated page in the documentation was added for it.
|
|
instead of InitCommonControls
|
|
|
|
Remove unneeded boolean
|
|
This can be useful for users who need Accessibility software that may not work when memory protection is active in VeraCrypt
|
|
mitigation (ASLR, Dynamic code, extension points)
Memory protection can be disabled using registry value "VeraCryptEnableMemoryProtection" under the key "HKLM\SYSTEM\CurrentControlSet\Services\veracrypt"
|
|
Corrected small typo
|
|
|
|
third-party file extensions usage.
|
|
Corected a typo
|
|
documentation to mention risks of third-party file extensions.
This commit also adds red color to the warning text about keyfiles in keyfiles dialogs.
|
|
interface
We remove usage of GetOpenFileNameW/GetSaveFileNameW/SHBrowseForFolderW which are deprecated by Microsoft
|
|
now minimal OS version.
|
|
loading thanks to Windows 7 being minimum supported version.
We also block execution on Windows versions older than Windows 7.
A lot of code was removed thanks to this.
|
|
|
|
* Update zlib to latest
* Update copyright
Updated copyright of zlib.
|
|
|
|
|
|
For now, we force ReadOnly mounting for such partitions.
|
|
If we can set required privilege, we ask the user using UAC to enable them.
|
|
value of MS certificate
We also rename the variables gpbSha256CodeSignCertFingerprint and gpbSha256MSCodeSignCertFingerprint to gpbSha512CodeSignCertFingerprint and gpbSha512MSCodeSignCertFingerprint respectively to reflect the fact that they are actually SHA512 hash values and not SHA256 ones.
|
|
If an error happens, error message will be read from popen pipe and so
libpcsclite.so will not be found. This is the same outcome as when
stdout is empty.
|
|
creating volumes
This is unlikely to happen thanks to random generator properties but we much add this check to prevent an attack described in page 3 of https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38e-initial-public-comments-2021.pdf
|
|
keys option is enable
When this option is enabled, we first build the list of currently inserted devices then we start listening to insertion events.
When a device insertion occurs, we check if this device is on our list and if yes, we ignore its insertion.
We also ignore devices whose Device ID starts with "SWD\" and "ROOT\" since these are not real devices.
|
|
|
|
|
|
by code
|
|
|
|
|
|
|
|
|
|
zip_source_pass_to_lower_layer.c tp VS projects
|
|
* Update LZMA to latest
* Update Libzip
Libzip updated to latest.
|
|
privilege before calling CreateFile
This ensures that the returned handle inherits the privilege
|
|
Several enhancements implemented:
- replace CreateThread by _beginthreadex to avoid potential issues when using C runtime
- use an event to notify monitoring thread to stop instead of a volatile boolean
- perform switch to the regular desktop in the main thread and not in the secure desktop thread
|
|
|
|
|
|
|
|
|