VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver/DriveFilter.c
AgeCommit message (Collapse)AuthorFilesLines
2019-10-01Windows Driver: Disable Hibernation when RAM encryption is enabled since we ↵Mounir IDRASSI1-0/+6
can't resume from Hibernation without RAM encryption keys (a chicken and egg situation)
2019-03-01Windows driver: call VcProtectKeys only when RAM encryption enabled although ↵Mounir IDRASSI1-2/+5
this function does nothing when RAM encryption is disabled.
2019-03-01Windows: use specific order for EFI boot arguments memory regions that ↵Mounir IDRASSI1-8/+11
matches the one used by EFI bootloader.
2019-03-01Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 ↵Mounir IDRASSI1-6/+48
cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha)
2019-02-08Windows: Add implementation of ChaCha20 based random generator. Use it for ↵Mounir IDRASSI1-33/+9
driver need of random bytes (currently only wipe bytes but more to come later).
2019-02-08Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy ↵Mounir IDRASSI1-3/+4
which is now disabled by default
2019-02-01Windows driver: better randomness for wipe bytes by always using Whirlpool ↵Mounir IDRASSI1-19/+28
hash of current time and random bytes retrieved using CPU RDRAND/RDSEED if available.
2019-01-28Increase password maximum length to 128 bytes from 64 bytesMounir IDRASSI1-5/+11
2019-01-21Windows driver: remove volumes master keys from CRYPTO_INFO since they are ↵Mounir IDRASSI1-3/+1
not needed after their key schedule is created
2019-01-21Windows: remove unused fields from CRYPTO_INFO structureMounir IDRASSI1-2/+1
2019-01-09Windows Security: Add new entry point in driver that allows emergency ↵Mounir IDRASSI1-2/+59
clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected.
2019-01-09Windows Driver: erase system encryption keys from memory during ↵Mounir IDRASSI1-2/+2
shutdown/reboot to help mitigate some cold boot attacks
2018-03-05Windows: Add option to block TRIM command on system encryption SSD drives.Mounir IDRASSI1-0/+43
2017-07-04Windows Driver: correctly save and restore extended processor state when ↵Mounir IDRASSI1-6/+12
performing AVX operations on Windows 7 and later. Enhance readability of code handling save/restore of floating point state.
2017-06-23Update IDRIX copyright yearMounir IDRASSI1-1/+1
2017-06-23Crypto: Add optimized SHA-512 and SHA-256 assembly implementations for ↵Mounir IDRASSI1-2/+2
x86_64 and x86. This improves speed by 30%.
2016-12-26Windows driver: fix reading of boot PRF after latest EFI hidden OS changes. ↵Mounir IDRASSI1-37/+32
Better memory cleanup and changes for code clarity.
2016-12-26comments and better cleanupkavsrf1-12/+20
Signed-off-by: kavsrf <kavsrf@gmail.com>
2016-12-26Driver with support of hidden OSkavsrf1-26/+130
Signed-off-by: kavsrf <kavsrf@gmail.com>
2016-10-17Windows: Fix false-positive detection of Evil-Maid attack during creation ↵Mounir IDRASSI1-2/+0
process of hidden OS by excluding the configuration byte in the boot sector whose value changes depending on the content.
2016-10-17Windows Driver: Erase sensitive boot memory before throwing fatal exceptionMounir IDRASSI1-0/+9
2016-08-15Windows EFI Bootloader: modifications to prepare EFI system encryption ↵Alex1-42/+50
support (common files with DcsBoot)
2016-07-25Windows: solve benchmark issue for Whirlpool which caused wrong numbers when ↵Mounir IDRASSI1-4/+4
a 1GB buffer is chosen.
2016-06-17Windows Driver: save FPU state in 32-bit mode before run Whirlpool SSE ↵Mounir IDRASSI1-0/+12
implementation to avoid issues (https://msdn.microsoft.com/fr-fr/library/ff565388(v=vs.85).aspx)
2016-05-10Remove trailing whitespaceDavid Foerster1-33/+33
2016-05-10Normalize all line terminatorsDavid Foerster1-2153/+2153
2016-04-20Windows: Add option to avoid PIM prompt in pre-boot authentication by ↵Mounir IDRASSI1-2/+3
storing PIM value unencrypted in MBR.
2016-02-07Windows Driver: if saving volume header fails, don't mark operation as ↵Mounir IDRASSI1-3/+5
successful so that it will be retried later.
2016-01-20Copyright: update dates to include 2016.Mounir IDRASSI1-1/+1
2015-12-21Windows: Implement PIM caching, both for system encryption and for normal ↵Mounir IDRASSI1-1/+4
volumes. Add options to activate it in the Preferences and System Settings.
2015-11-26Windows: Full UNICODE rewrite and implement support for UNICODE passwords.Mounir IDRASSI1-2/+8
2015-08-06Update license information to reflect the use of a dual license Apache 2.0 ↵Mounir IDRASSI1-5/+9
and TrueCrypt 3.0.
2015-08-06Windows: Add extra checks for bootloader tampering.Mounir IDRASSI1-7/+30
2015-07-29Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct ↵Mounir IDRASSI1-0/+97
bootloader when changing the system encryption password: this enables to recover if an attack is detected.
2015-07-11Use Pim name for internal variables instead of the old name PinMounir IDRASSI1-8/+8
2015-06-07Windows: Add support for PIN in favorites. Several enhancements to GUI ↵Mounir IDRASSI1-0/+2
handling of Dynamic Mode.
2015-05-26Windows: first implementation of dynamic modeMounir IDRASSI1-3/+7
2015-05-15Windows driver: avoid race condition by using ↵Mounir IDRASSI1-6/+10
IoAttachDeviceToDeviceStackSafe instead IoAttachDeviceToDeviceStack. Set BootArgs.CryptoInfoLength to 0 after clearing boot memory.
2015-02-09Static Code Analysis: in Windows Driver, avoid using uninitialized stack ↵Mounir IDRASSI1-0/+39
memory as random and use proper random value for wipe operation. Solve potential double-free issue.
2015-01-03Windows: change cascade encryption naming format to reflex mathematical ↵Mounir IDRASSI1-1/+1
composition of the encryption algorithm, thus being more clear. For example AES(Twofish(Serpent)) instead of AES-Twofish-Serpent.
2014-12-30Windows driver: don't fail if the PRF recovered from boot memory is not ↵Mounir IDRASSI1-7/+0
recognized in case we are dealing with a restored bootloader coming from a version prior to 1.0f.
2014-12-28Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt ↵Mounir IDRASSI1-2/+2
volumes to VeraCrypt using the change password functionality.
2014-12-16Windows: Enhance performance by implementing the possibility to choose the ↵Mounir IDRASSI1-15/+38
correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption.
2014-12-11Windows Driver: change inherited TrueCrypt constants in kernel objects tags ↵Mounir IDRASSI1-1/+1
by VeraCrypt specific values. These are used in crash dumps analysis and during debugging.
2014-11-08Windows Driver Sanity check: check that the password length passed from the ↵Mounir IDRASSI1-17/+21
bootloader is less than or equal to 64 before using it.
2014-11-08Implement support for creating and booting encrypted partition using ↵Mounir IDRASSI1-0/+1
SHA-256. Support SHA-256 for normal volumes as well.
2014-11-08Windows vulnerability fix: correct possible BSOD attack targeted towards ↵Mounir IDRASSI1-3/+17
GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project.
2014-11-08Windows vulnerability fix : clear sensitive data in Windows kernel driver by ↵Mounir IDRASSI1-1/+1
using burjn instead of memset
2014-11-08Fix password memory leak inside the Device driver in boot encryption mode.Mounir IDRASSI1-1/+1
2014-11-08Remove some legacy code inherited from True and that doesn't apply to VeraCryptMounir IDRASSI1-10/+1