VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2019-03-02Windows: Generalize RAM encryption for keys to VeraCrypt binaries, ↵Mounir IDRASSI12-6/+187
especially Format and Expander
2019-03-01Windows Driver: Enable RAM encryption only after its security parameters ↵Mounir IDRASSI1-6/+5
were created
2019-03-01Windows: better debug messages for VcProtectKeys and VcUnprotectKeys functionsMounir IDRASSI1-3/+11
2019-03-01Windows Driver: Implement RAM encryption for cached passwordsMounir IDRASSI3-11/+91
2019-03-01Windows driver: call VcProtectKeys only when RAM encryption enabled although ↵Mounir IDRASSI1-2/+5
this function does nothing when RAM encryption is disabled.
2019-03-01Windows: Add some logs in functions for RAM encryptionMounir IDRASSI1-0/+8
2019-03-01Windows: use specific order for EFI boot arguments memory regions that ↵Mounir IDRASSI5-11/+63
matches the one used by EFI bootloader.
2019-03-01Windows: Implement RAM encryption for keys on 64-bit machines using ChaCha12 ↵Mounir IDRASSI21-21/+2241
cipher and t1ha non-cryptographic fast hash (https://github.com/leo-yuriev/t1ha)
2019-02-15Windows: rename IsCpuRngSupport to IsCpuRngSupported for clarity and use it ↵Mounir IDRASSI3-3/+3
in Mount.c
2019-02-15Windows: Set CpuRngDisabled variable to TRUE for clarity even if it will be ↵Mounir IDRASSI1-1/+1
set to TRUE anyway by default through EnableCpuRng calls
2019-02-12Add copyright and license information of JitterEntropy library by Stephan ↵Mounir IDRASSI4-13/+41
Mueller
2019-02-12Windows: Use Hardware RNG based on CPU timing jitter "Jitterentropy" by ↵Mounir IDRASSI12-5/+1084
Stephan Mueller as a good alternative to RDRAND (http://www.chronox.de/jent.html, smueller@chronox.de)
2019-02-10Windows: Ensure that only one thread at a time can create a secure desktopMounir IDRASSI1-0/+8
2019-02-10Windows: Avoid simultaneous calls of favorites mounting, for example if ↵Mounir IDRASSI1-13/+26
corresponding hotkey is pressed multiple times.
2019-02-10Fix typo in CPU RNG detection condition (Github issue #417)Mounir IDRASSI1-1/+1
2019-02-08Windows: Add implementation of ChaCha20 based random generator. Use it for ↵Mounir IDRASSI17-37/+1015
driver need of random bytes (currently only wipe bytes but more to come later).
2019-02-08Windows: Add option to enable use of CPU RDRAND/RDSEED as source of entropy ↵Mounir IDRASSI10-15/+70
which is now disabled by default
2019-02-04Automatically truncate passwords for TrueCrypt volumes and System Encryption ↵Mounir IDRASSI8-28/+57
to the first 64 characters. This fix issues encountered by users of TrueCrypt volumes who were using passwords longer than 64 characters that were truncated in previous version.
2019-02-01Update Release Notes and other files for 1.24-Beta2 releaseMounir IDRASSI7-4/+4
2019-02-01Windows: Add latest 1.24 EFI bootloader files that are signed by Microsoft ↵Mounir IDRASSI12-0/+0
that come with several enhancements and fixes especially for Rescue Disk: - Implement better timeout mechanism for password input. Implement new actions "shutdown" and "reboot". Set default timeout value to 3 minutes and default timeout action to "shutdown" - Enhance Rescue Disk implementation of restoring VeraCrypt loader. - Fix ESC on password prompt during Pre-Test not starting Windows - Add menu entry in Rescue Disk that enables starting original Windows loader
2019-02-01Windows driver: better randomness for wipe bytes by always using Whirlpool ↵Mounir IDRASSI3-19/+40
hash of current time and random bytes retrieved using CPU RDRAND/RDSEED if available.
2019-02-01Windows: use CPU RDRAND or RDSEED as an additional entropy source for our ↵Mounir IDRASSI8-5/+544
random generator when available
2019-02-01Fix detection of CPU features AVX2 & BMI2. Add detection of RDRAND & RDSEED ↵Mounir IDRASSI2-3/+41
CPU features. Detect Hygon CPU as AMD one.
2019-02-01Windows driver: replace SHA512 by RIPEMD160 when calculating internal hash ↵Mounir IDRASSI2-6/+7
of master key to avoid calling KeSaveFloatingPointState/KeSaveExtendedProcessorState since SHA512 implementation uses SSE2/AVX and RIPEMD160 is pure C
2019-01-30Help compiler optimize some crypto code on 64-bit build since x64 capable ↵Mounir IDRASSI1-0/+5
CPUs always support SSE and SSE2
2019-01-28Increment version to 1.24-Beta2Mounir IDRASSI17-31/+31
2019-01-28Increase password maximum length to 128 bytes from 64 bytesMounir IDRASSI12-27/+74
2019-01-28Windows Driver: force the input size for some IOCTLs to have a fixed valueMounir IDRASSI1-2/+28
2019-01-26Windows: Add a build configuration containing EFI bootloader signed with ↵Mounir IDRASSI16-11/+660
custom SecureBoot key instead
2019-01-26Windows: fix building MBR bootloader following modification of Xts.cMounir IDRASSI1-0/+2
2019-01-25Linux/MacOSX crypto: report XTS optimization implemented previously on WindowsMounir IDRASSI1-49/+90
c
2019-01-25Windows crypto: optimize XTS implementation for 64-bit builds using SSE2 ↵Mounir IDRASSI1-48/+122
thanks to simplification of storage of whitening values in memory (normal order instead of reverse order).
2019-01-22Windows: Increment driver version to 1.24.1.1Mounir IDRASSI7-3/+3
2019-01-21Windows driver: remove volumes master keys from CRYPTO_INFO since they are ↵Mounir IDRASSI11-59/+62
not needed after their key schedule is created
2019-01-21Windows: remove unused fields from CRYPTO_INFO structureMounir IDRASSI3-11/+4
2019-01-18Windows: fix editor of EFI configuration file not accepting ENTER key for ↵Mounir IDRASSI1-2/+2
adding new lines.
2019-01-18MacOSX: update info.plist file to set priority at run-time to 64-bit version ↵Mounir IDRASSI1-0/+9
and to set minimum OSX version to 10.7.
2019-01-15Windows: enhancements to EFI system encryption, like handling of Multi-Boot ↵Mounir IDRASSI7-90/+224
and better compatibility with Windows Upgrade process.
2019-01-14Update Release Notes and language files for version 1.24-Beta1. Add signed ↵Mounir IDRASSI8-5/+5
Windows drivers.
2019-01-14Windows: enhance support of new behavior of favorite service which is now ↵Mounir IDRASSI4-27/+46
always running in case of system encryption
2019-01-14Windows: Implement feature that enables clearing of encryption keys when a ↵Mounir IDRASSI8-77/+196
new device is inserted. Better implementation for update of EFI bootloader without usage of drive letters (this can fix random issues encountered during Windows upgrade).
2019-01-14Windows: add a 10 seconds delay between signtool calls to avoid issues ↵Mounir IDRASSI3-0/+13
caused by antivirus software locking the newly signed files temporarily after they are signed.
2019-01-14Windows: fix debug packaging script by copying missing driver .inf and .cat ↵Mounir IDRASSI1-0/+2
files from Release folder.
2019-01-14Increment version to 1.24-Beta1Mounir IDRASSI15-30/+32
2019-01-09Windows driver: remove newly added volatile qualifier from CRYPT_INFO ↵Mounir IDRASSI3-3/+3
pointers to fix build issue until a better approach is devised
2019-01-09Windows Security: Add new entry point in driver that allows emergency ↵Mounir IDRASSI9-6/+87
clearing of all encryption keys from memory. This entry point requires administrative privileges and it will caused BSDO when system encryption is active. It can be useful for example to applications that monitors physical access to the machine and which need to erase sensitive key material from RAM when unauthorized access is detected.
2019-01-09Windows Driver: erase system encryption keys from memory during ↵Mounir IDRASSI1-2/+2
shutdown/reboot to help mitigate some cold boot attacks
2019-01-09Windows driver: move newly added field in VOLUME_PROPERTIES_STRUCT to the ↵Mounir IDRASSI1-1/+1
end for compatibility with previous version.
2018-12-24Windows: Fix mount option to disable Windows Mount Manager can preserved ↵Mounir IDRASSI1-3/+1
when mount options dialog opened a second time.
2018-12-19Windows: update signing script to use newly issued IDRIX EV code signing ↵Mounir IDRASSI2-3/+3
certificate.