Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2022-02-06 | Windows: Add registry setting to disable erasing encryption keys on Windows ↵ | Mounir IDRASSI | 1 | -0/+1 | |
shutdown/reboot. This helps solve BSOD during shutdown/reboot on some machines. Under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt", create a REG_DWORD value named "VeraCryptEraseKeysShutdown" and set its value to 0. | |||||
2021-07-13 | Windows: replace insecure wcscpy/wcscat/strcpy runtime functions with secure ↵ | Mounir IDRASSI | 1 | -2/+2 | |
equivalents This fixed failure to build driver for ARM64 with latest VS 2019 | |||||
2021-02-27 | Windows: Block Windows from resizing system partition if it is encrypted. ↵ | Mounir IDRASSI | 1 | -0/+5 | |
This avoid issues during Windows Upgrade that sometimes resizes system partition which create problems if it is encrypted by VeraCrypt | |||||
2021-01-02 | Windows: Fix various warnings | Mounir IDRASSI | 1 | -1/+1 | |
2020-12-11 | Windows: Fix various compiler warnings | Mounir IDRASSI | 1 | -2/+2 | |
2020-12-11 | Windows Driver: Fix build error using Windows 10 WDK caused by name conflict ↵ | Mounir IDRASSI | 1 | -2/+2 | |
for KeSaveExtendedProcessorState/KeRestoreExtendedProcessorState functions | |||||
2020-06-21 | Windows: Fix issue when RAM encryption used, AES selected and AES-NI not ↵ | Mounir IDRASSI | 1 | -0/+5 | |
supported by CPU that caused the free space of newly created volumes not filled with random data even if "quick format" is not selected by user. | |||||
2019-10-01 | Windows Driver: Disable Hibernation when RAM encryption is enabled since we ↵ | Mounir IDRASSI | 1 | -0/+6 | |
can't resume from Hibernation without RAM encryption keys (a chicken and egg situation) | |||||
2019-03-01 | Windows driver: call VcProtectKeys only when RAM encryption enabled although ↵ | Mounir IDRASSI | 1 | -2/+5 | |
this function does nothing when RAM encryption is disabled. | |||||
2019-03-01 | Windows: use specific order for EFI boot arguments memory regions that ↵ | Mounir IDRASSI | 1 | -8/+11 | |
matches the one used by EFI bootloader. | |||||
2019-03-01 | Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 ↵ | Mounir IDRASSI | 1 | -6/+48 | |
cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha) | |||||
2019-02-08 | Windows: Add implementation of ChaCha20 based random generator. Use it for ↵ | Mounir IDRASSI | 1 | -33/+9 | |
driver need of random bytes (currently only wipe bytes but more to come later). | |||||
2019-02-08 | Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy ↵ | Mounir IDRASSI | 1 | -3/+4 | |
which is now disabled by default | |||||
2019-02-01 | Windows driver: better randomness for wipe bytes by always using Whirlpool ↵ | Mounir IDRASSI | 1 | -19/+28 | |
hash of current time and random bytes retrieved using CPU RDRAND/RDSEED if available. | |||||
2019-01-28 | Increase password maximum length to 128 bytes from 64 bytes | Mounir IDRASSI | 1 | -5/+11 | |
2019-01-21 | Windows driver: remove volumes master keys from CRYPTO_INFO since they are ↵ | Mounir IDRASSI | 1 | -3/+1 | |
not needed after their key schedule is created | |||||
2019-01-21 | Windows: remove unused fields from CRYPTO_INFO structure | Mounir IDRASSI | 1 | -2/+1 | |
2019-01-09 | Windows Security: Add new entry point in driver that allows emergency ↵ | Mounir IDRASSI | 1 | -2/+59 | |
clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected. | |||||
2019-01-09 | Windows Driver: erase system encryption keys from memory during ↵ | Mounir IDRASSI | 1 | -2/+2 | |
shutdown/reboot to help mitigate some cold boot attacks | |||||
2018-03-05 | Windows: Add option to block TRIM command on system encryption SSD drives. | Mounir IDRASSI | 1 | -0/+43 | |
2017-07-04 | Windows Driver: correctly save and restore extended processor state when ↵ | Mounir IDRASSI | 1 | -6/+12 | |
performing AVX operations on Windows 7 and later. Enhance readability of code handling save/restore of floating point state. | |||||
2017-06-23 | Update IDRIX copyright year | Mounir IDRASSI | 1 | -1/+1 | |
2017-06-23 | Crypto: Add optimized SHA-512 and SHA-256 assembly implementations for ↵ | Mounir IDRASSI | 1 | -2/+2 | |
x86_64 and x86. This improves speed by 30%. | |||||
2016-12-26 | Windows driver: fix reading of boot PRF after latest EFI hidden OS changes. ↵ | Mounir IDRASSI | 1 | -37/+32 | |
Better memory cleanup and changes for code clarity. | |||||
2016-12-26 | comments and better cleanup | kavsrf | 1 | -12/+20 | |
Signed-off-by: kavsrf <kavsrf@gmail.com> | |||||
2016-12-26 | Driver with support of hidden OS | kavsrf | 1 | -26/+130 | |
Signed-off-by: kavsrf <kavsrf@gmail.com> | |||||
2016-10-17 | Windows: Fix false-positive detection of Evil-Maid attack during creation ↵ | Mounir IDRASSI | 1 | -2/+0 | |
process of hidden OS by excluding the configuration byte in the boot sector whose value changes depending on the content. | |||||
2016-10-17 | Windows Driver: Erase sensitive boot memory before throwing fatal exception | Mounir IDRASSI | 1 | -0/+9 | |
2016-08-15 | Windows EFI Bootloader: modifications to prepare EFI system encryption ↵ | Alex | 1 | -42/+50 | |
support (common files with DcsBoot) | |||||
2016-07-25 | Windows: solve benchmark issue for Whirlpool which caused wrong numbers when ↵ | Mounir IDRASSI | 1 | -4/+4 | |
a 1GB buffer is chosen. | |||||
2016-06-17 | Windows Driver: save FPU state in 32-bit mode before run Whirlpool SSE ↵ | Mounir IDRASSI | 1 | -0/+12 | |
implementation to avoid issues (https://msdn.microsoft.com/fr-fr/library/ff565388(v=vs.85).aspx) | |||||
2016-05-10 | Remove trailing whitespace | David Foerster | 1 | -33/+33 | |
2016-05-10 | Normalize all line terminators | David Foerster | 1 | -2153/+2153 | |
2016-04-20 | Windows: Add option to avoid PIM prompt in pre-boot authentication by ↵ | Mounir IDRASSI | 1 | -2/+3 | |
storing PIM value unencrypted in MBR. | |||||
2016-02-07 | Windows Driver: if saving volume header fails, don't mark operation as ↵ | Mounir IDRASSI | 1 | -3/+5 | |
successful so that it will be retried later. | |||||
2016-01-20 | Copyright: update dates to include 2016. | Mounir IDRASSI | 1 | -1/+1 | |
2015-12-21 | Windows: Implement PIM caching, both for system encryption and for normal ↵ | Mounir IDRASSI | 1 | -1/+4 | |
volumes. Add options to activate it in the Preferences and System Settings. | |||||
2015-11-26 | Windows: Full UNICODE rewrite and implement support for UNICODE passwords. | Mounir IDRASSI | 1 | -2/+8 | |
2015-08-06 | Update license information to reflect the use of a dual license Apache 2.0 ↵ | Mounir IDRASSI | 1 | -5/+9 | |
and TrueCrypt 3.0. | |||||
2015-08-06 | Windows: Add extra checks for bootloader tampering. | Mounir IDRASSI | 1 | -7/+30 | |
2015-07-29 | Windows: Implement Evil-Maid-Attack detection mechanism. Write the correct ↵ | Mounir IDRASSI | 1 | -0/+97 | |
bootloader when changing the system encryption password: this enables to recover if an attack is detected. | |||||
2015-07-11 | Use Pim name for internal variables instead of the old name Pin | Mounir IDRASSI | 1 | -8/+8 | |
2015-06-07 | Windows: Add support for PIN in favorites. Several enhancements to GUI ↵ | Mounir IDRASSI | 1 | -0/+2 | |
handling of Dynamic Mode. | |||||
2015-05-26 | Windows: first implementation of dynamic mode | Mounir IDRASSI | 1 | -3/+7 | |
2015-05-15 | Windows driver: avoid race condition by using ↵ | Mounir IDRASSI | 1 | -6/+10 | |
IoAttachDeviceToDeviceStackSafe instead IoAttachDeviceToDeviceStack. Set BootArgs.CryptoInfoLength to 0 after clearing boot memory. | |||||
2015-02-09 | Static Code Analysis: in Windows Driver, avoid using uninitialized stack ↵ | Mounir IDRASSI | 1 | -0/+39 | |
memory as random and use proper random value for wipe operation. Solve potential double-free issue. | |||||
2015-01-03 | Windows: change cascade encryption naming format to reflex mathematical ↵ | Mounir IDRASSI | 1 | -1/+1 | |
composition of the encryption algorithm, thus being more clear. For example AES(Twofish(Serpent)) instead of AES-Twofish-Serpent. | |||||
2014-12-30 | Windows driver: don't fail if the PRF recovered from boot memory is not ↵ | Mounir IDRASSI | 1 | -7/+0 | |
recognized in case we are dealing with a restored bootloader coming from a version prior to 1.0f. | |||||
2014-12-28 | Windows: support loading TrueCrypt volumes. Implement converting TrueCrypt ↵ | Mounir IDRASSI | 1 | -2/+2 | |
volumes to VeraCrypt using the change password functionality. | |||||
2014-12-16 | Windows: Enhance performance by implementing the possibility to choose the ↵ | Mounir IDRASSI | 1 | -15/+38 | |
correct hash algorithm of volumes during various operations (mount, change password...). In case of system encryption, slightly speedup Windows startup time by making the driver pickup the correct hash algorithm used for the encryption. |