Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2019-03-02 | Windows: mitigate some memory attacks by making VeraCrypt applications ↵ | Mounir IDRASSI | 2 | -0/+91 | |
memory inaccessible by non-admin users. Implementation borrowed from KeePassXC source code (https://github.com/keepassxreboot/keepassxc/blob/release/2.4.0/src/core/Bootstrap.cpp#L150) | |||||
2019-03-02 | Windows: Generalize RAM encryption for keys to VeraCrypt binaries, ↵ | Mounir IDRASSI | 12 | -6/+187 | |
especially Format and Expander | |||||
2019-03-01 | Windows Driver: Enable RAM encryption only after its security parameters ↵ | Mounir IDRASSI | 1 | -6/+5 | |
were created | |||||
2019-03-01 | Windows: better debug messages for VcProtectKeys and VcUnprotectKeys functions | Mounir IDRASSI | 1 | -3/+11 | |
2019-03-01 | Windows Driver: Implement RAM encryption for cached passwords | Mounir IDRASSI | 3 | -11/+91 | |
2019-03-01 | Windows driver: call VcProtectKeys only when RAM encryption enabled although ↵ | Mounir IDRASSI | 1 | -2/+5 | |
this function does nothing when RAM encryption is disabled. | |||||
2019-03-01 | Windows: Add some logs in functions for RAM encryption | Mounir IDRASSI | 1 | -0/+8 | |
2019-03-01 | Windows: use specific order for EFI boot arguments memory regions that ↵ | Mounir IDRASSI | 5 | -11/+63 | |
matches the one used by EFI bootloader. | |||||
2019-03-01 | Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 ↵ | Mounir IDRASSI | 21 | -21/+2241 | |
cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha) | |||||
2019-02-15 | Windows: rename IsCpuRngSupport to IsCpuRngSupported for clarity and use it ↵ | Mounir IDRASSI | 3 | -3/+3 | |
in Mount.c | |||||
2019-02-15 | Windows: Set CpuRngDisabled variable to TRUE for clarity even if it will be ↵ | Mounir IDRASSI | 1 | -1/+1 | |
set to TRUE anyway by default through EnableCpuRng calls | |||||
2019-02-12 | Add copyright and license information of JitterEntropy library by Stephan ↵ | Mounir IDRASSI | 4 | -13/+41 | |
Mueller | |||||
2019-02-12 | Windows: Use Hardware RNG based on CPU timing jitter "Jitterentropy" by ↵ | Mounir IDRASSI | 12 | -5/+1084 | |
Stephan Mueller as a good alternative to RDRAND (http://www.chronox.de/jent.html, smueller@chronox.de) | |||||
2019-02-10 | Windows: Ensure that only one thread at a time can create a secure desktop | Mounir IDRASSI | 1 | -0/+8 | |
2019-02-10 | Windows: Avoid simultaneous calls of favorites mounting, for example if ↵ | Mounir IDRASSI | 1 | -13/+26 | |
corresponding hotkey is pressed multiple times. | |||||
2019-02-10 | Fix typo in CPU RNG detection condition (Github issue #417) | Mounir IDRASSI | 1 | -1/+1 | |
2019-02-08 | Windows: Add implementation of ChaCha20 based random generator. Use it for ↵ | Mounir IDRASSI | 17 | -37/+1015 | |
driver need of random bytes (currently only wipe bytes but more to come later). | |||||
2019-02-08 | Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy ↵ | Mounir IDRASSI | 10 | -15/+70 | |
which is now disabled by default | |||||
2019-02-04 | Automatically truncate passwords for TrueCrypt volumes and System Encryption ↵ | Mounir IDRASSI | 8 | -28/+57 | |
to the first 64 characters. This fix issues encountered by users of TrueCrypt volumes who were using passwords longer than 64 characters that were truncated in previous version. | |||||
2019-02-01 | Update Release Notes and other files for 1.24-Beta2 release | Mounir IDRASSI | 7 | -4/+4 | |
2019-02-01 | Windows: Add latest 1.24 EFI bootloader files that are signed by Microsoft ↵ | Mounir IDRASSI | 12 | -0/+0 | |
that come with several enhancements and fixes especially for Rescue Disk: - Implement better timeout mechanism for password input. Implement new actions "shutdown" and "reboot". Set default timeout value to 3 minutes and default timeout action to "shutdown" - Enhance Rescue Disk implementation of restoring VeraCrypt loader. - Fix ESC on password prompt during Pre-Test not starting Windows - Add menu entry in Rescue Disk that enables starting original Windows loader | |||||
2019-02-01 | Windows driver: better randomness for wipe bytes by always using Whirlpool ↵ | Mounir IDRASSI | 3 | -19/+40 | |
hash of current time and random bytes retrieved using CPU RDRAND/RDSEED if available. | |||||
2019-02-01 | Windows: use CPU RDRAND or RDSEED as an additional entropy source for our ↵ | Mounir IDRASSI | 8 | -5/+544 | |
random generator when available | |||||
2019-02-01 | Fix detection of CPU features AVX2 & BMI2. Add detection of RDRAND & RDSEED ↵ | Mounir IDRASSI | 2 | -3/+41 | |
CPU features. Detect Hygon CPU as AMD one. | |||||
2019-02-01 | Windows driver: replace SHA512 by RIPEMD160 when calculating internal hash ↵ | Mounir IDRASSI | 2 | -6/+7 | |
of master key to avoid calling KeSaveFloatingPointState/KeSaveExtendedProcessorState since SHA512 implementation uses SSE2/AVX and RIPEMD160 is pure C | |||||
2019-01-30 | Help compiler optimize some crypto code on 64-bit build since x64 capable ↵ | Mounir IDRASSI | 1 | -0/+5 | |
CPUs always support SSE and SSE2 | |||||
2019-01-28 | Increment version to 1.24-Beta2 | Mounir IDRASSI | 17 | -31/+31 | |
2019-01-28 | Increase password maximum length to 128 bytes from 64 bytes | Mounir IDRASSI | 12 | -27/+74 | |
2019-01-28 | Windows Driver: force the input size for some IOCTLs to have a fixed value | Mounir IDRASSI | 1 | -2/+28 | |
2019-01-26 | Windows: Add a build configuration containing EFI bootloader signed with ↵ | Mounir IDRASSI | 16 | -11/+660 | |
custom SecureBoot key instead | |||||
2019-01-26 | Windows: fix building MBR bootloader following modification of Xts.c | Mounir IDRASSI | 1 | -0/+2 | |
2019-01-25 | Linux/MacOSX crypto: report XTS optimization implemented previously on Windows | Mounir IDRASSI | 1 | -49/+90 | |
c | |||||
2019-01-25 | Windows crypto: optimize XTS implementation for 64-bit builds using SSE2 ↵ | Mounir IDRASSI | 1 | -48/+122 | |
thanks to simplification of storage of whitening values in memory (normal order instead of reverse order). | |||||
2019-01-22 | Windows: Increment driver version to 1.24.1.1 | Mounir IDRASSI | 7 | -3/+3 | |
2019-01-21 | Windows driver: remove volumes master keys from CRYPTO_INFO since they are ↵ | Mounir IDRASSI | 11 | -59/+62 | |
not needed after their key schedule is created | |||||
2019-01-21 | Windows: remove unused fields from CRYPTO_INFO structure | Mounir IDRASSI | 3 | -11/+4 | |
2019-01-18 | Windows: fix editor of EFI configuration file not accepting ENTER key for ↵ | Mounir IDRASSI | 1 | -2/+2 | |
adding new lines. | |||||
2019-01-18 | MacOSX: update info.plist file to set priority at run-time to 64-bit version ↵ | Mounir IDRASSI | 1 | -0/+9 | |
and to set minimum OSX version to 10.7. | |||||
2019-01-15 | Windows: enhancements to EFI system encryption, like handling of Multi-Boot ↵ | Mounir IDRASSI | 7 | -90/+224 | |
and better compatibility with Windows Upgrade process. | |||||
2019-01-14 | Update Release Notes and language files for version 1.24-Beta1. Add signed ↵ | Mounir IDRASSI | 8 | -5/+5 | |
Windows drivers. | |||||
2019-01-14 | Windows: enhance support of new behavior of favorite service which is now ↵ | Mounir IDRASSI | 4 | -27/+46 | |
always running in case of system encryption | |||||
2019-01-14 | Windows: Implement feature that enables clearing of encryption keys when a ↵ | Mounir IDRASSI | 8 | -77/+196 | |
new device is inserted. Better implementation for update of EFI bootloader without usage of drive letters (this can fix random issues encountered during Windows upgrade). | |||||
2019-01-14 | Windows: add a 10 seconds delay between signtool calls to avoid issues ↵ | Mounir IDRASSI | 3 | -0/+13 | |
caused by antivirus software locking the newly signed files temporarily after they are signed. | |||||
2019-01-14 | Windows: fix debug packaging script by copying missing driver .inf and .cat ↵ | Mounir IDRASSI | 1 | -0/+2 | |
files from Release folder. | |||||
2019-01-14 | Increment version to 1.24-Beta1 | Mounir IDRASSI | 15 | -30/+32 | |
2019-01-09 | Windows driver: remove newly added volatile qualifier from CRYPT_INFO ↵ | Mounir IDRASSI | 3 | -3/+3 | |
pointers to fix build issue until a better approach is devised | |||||
2019-01-09 | Windows Security: Add new entry point in driver that allows emergency ↵ | Mounir IDRASSI | 9 | -6/+87 | |
clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected. | |||||
2019-01-09 | Windows Driver: erase system encryption keys from memory during ↵ | Mounir IDRASSI | 1 | -2/+2 | |
shutdown/reboot to help mitigate some cold boot attacks | |||||
2019-01-09 | Windows driver: move newly added field in VOLUME_PROPERTIES_STRUCT to the ↵ | Mounir IDRASSI | 1 | -1/+1 | |
end for compatibility with previous version. | |||||
2018-12-24 | Windows: Fix mount option to disable Windows Mount Manager can preserved ↵ | Mounir IDRASSI | 1 | -3/+1 | |
when mount options dialog opened a second time. |