VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/doc/html/CompilingGuidelineWin.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc/html/CompilingGuidelineWin.html')
-rw-r--r--doc/html/CompilingGuidelineWin.html98
1 files changed, 55 insertions, 43 deletions
diff --git a/doc/html/CompilingGuidelineWin.html b/doc/html/CompilingGuidelineWin.html
index a7508166..ec08af4f 100644
--- a/doc/html/CompilingGuidelineWin.html
+++ b/doc/html/CompilingGuidelineWin.html
@@ -91,29 +91,29 @@ The following components are required for compiling VeraCrypt:
</div>
<div class="wikidoc">
-<p>Below are the procedure steps:</p>
+Below are the procedure steps. Clicking on any of the link takes directly to the related step:
<ul>
-<li><a href="#InstallationOfMicrosoftVisualStudio2010">Installation of Microsoft Visual Studio 2010</a></li>
-<li><a href="#InstallationOfMicrosoftVisualStudio2010ServicePack1">Installation of Microsoft Visual Studio 2010 Service Pack 1</a></li>
-<li><a href="#InstallationOfNASM">Installation of NASM</a></li>
-<li><a href="#InstallationOfYASM">Installation of YASM</a></li>
-<li><a href="#InstallationOfVisualC++">Installation of Microsoft Visual C++ 1.52</a></li>
-<li><a href="#InstallationOfWindowsSDK71++">Installation of the Windows SDK 7.1</a></li>
-<li><a href="#InstallationOfWDK71++">Installation of the Windows Driver Kit 7.1</a></li>
-<li><a href="#InstallationOfSDK81++">Installation of the Windows 8.1 SDK</a></li>
-<li><a href="#InstallationOfGzip">Installation of gzip</a></li>
-<li><a href="#InstallationOfUpx">Installation of upx</a></li>
-<li><a href="#InstallationOf7zip">Installation of 7zip</a></li>
-<li><a href="#InstallationOfWix3">Installation of Wix3</a></li>
-<li><a href="#InstallationOfVS2019">Installation of Microsoft Visual Studio 2019</a></li>
-<li><a href="#InstallationOfWDK10">Installation of the Windows Driver Kit 2004</a></li>
-<li><a href="#InstallationOfVisualBuildTools">Installation of the Visual Studio build tools</a></li>
-<li><a href="#DownloadVeraCrypt">Download VeraCrypt Source Files</a></li>
-<li><a href="#CompileWin32X64">Compile the Win32/x64 Versions of VeraCrypt</a></li>
-<li><a href="#CompileARM64">Compile the ARM64 Version of VeraCrypt</a></li>
-<li><a href="#BuildVeraCryptExecutables">Build the VeraCrypt Executables</a></li>
-<li><a href="#ImportCertificates">Import the Certificates</a></li>
-<li><a href="#KnownIssues">Known Issues</a></li>
+<li><strong><a href="#InstallationOfMicrosoftVisualStudio2010">Installation of Microsoft Visual Studio 2010</a></li></strong>
+<li><strong><a href="#InstallationOfMicrosoftVisualStudio2010ServicePack1">Installation of Microsoft Visual Studio 2010 Service Pack 1</a></li></strong>
+<li><strong><a href="#InstallationOfNASM">Installation of NASM</a></li></strong>
+<li><strong><a href="#InstallationOfYASM">Installation of YASM</a></li></strong>
+<li><strong><a href="#InstallationOfVisualCPP">Installation of Microsoft Visual C++ 1.52</a></li></strong>
+<li><strong><a href="#InstallationOfWindowsSDK71PP">Installation of the Windows SDK 7.1</a></li></strong>
+<li><strong><a href="#InstallationOfWDK71PP">Installation of the Windows Driver Kit 7.1</a></li></strong>
+<li><strong><a href="#InstallationOfSDK81PP">Installation of the Windows 8.1 SDK</a></li></strong>
+<li><strong><a href="#InstallationOfGzip">Installation of gzip</a></li></strong>
+<li><strong><a href="#InstallationOfUpx">Installation of upx</a></li></strong>
+<li><strong><a href="#InstallationOf7zip">Installation of 7zip</a></li></strong>
+<li><strong><a href="#InstallationOfWix3">Installation of Wix3</a></li></strong>
+<li><strong><a href="#InstallationOfVS2019">Installation of Microsoft Visual Studio 2019</a></li></strong>
+<li><strong><a href="#InstallationOfWDK10">Installation of the Windows Driver Kit 2004</a></li></strong>
+<li><strong><a href="#InstallationOfVisualBuildTools">Installation of the Visual Studio build tools</a></li></strong>
+<li><strong><a href="#DownloadVeraCrypt">Download VeraCrypt Source Files</a></li></strong>
+<li><strong><a href="#CompileWin32X64">Compile the Win32/x64 Versions of VeraCrypt</a></li></strong>
+<li><strong><a href="#CompileARM64">Compile the ARM64 Version of VeraCrypt</a></li></strong>
+<li><strong><a href="#BuildVeraCryptExecutables">Build the VeraCrypt Executables</a></li></strong>
+<li><strong><a href="#ImportCertificates">Import the Certificates</a></li></strong>
+<li><strong><a href="#KnownIssues">Known Issues</a></li></strong>
</ul>
</div>
@@ -309,14 +309,14 @@ The following components are required for compiling VeraCrypt:
</div>
</div>
- <div class="textbox" id="InstallationOfVisualC++">
- <a href="#InstallationOfVisualC++">Installation of Microsoft Visual C++ 1.52</a>
+ <div class="textbox" id="InstallationOfVisualCPP">
+ <a href="#InstallationOfVisualCPP">Installation of Microsoft Visual C++ 1.52</a>
<div class="texttohide">
<p>
<ol>
<li>
Visual C++ 1.52 is available via the paid Microsoft MSDN subscription. If you do not have a subscription, you download the ISO image via the internet archive: <br>
- <a href="https://archive.org/details/ms-vc152 target="_blank">https://archive.org/details/ms-vc152</a>
+ <a href="https://archive.org/details/ms-vc152" target="_blank">https://archive.org/details/ms-vc152</a>
</li>
<li>
Create the folder “C:\MSVC15”
@@ -360,8 +360,8 @@ The following components are required for compiling VeraCrypt:
</div>
</div>
- <div class="textbox" id="InstallationOfWindowsSDK71++">
- <a href="#InstallationOfWindowsSDK71++">Installation of the Windows SDK 7.1</a>
+ <div class="textbox" id="InstallationOfWindowsSDK71PP">
+ <a href="#InstallationOfWindowsSDK71PP">Installation of the Windows SDK 7.1</a>
<div class="texttohide">
<p>
The installer requires .Net Framework 4 (Not a newer one like .Net Framework 4.8!). Since a newer version is already preinstalled with Windows 10, the installer has to be tricked:
@@ -442,8 +442,8 @@ The following components are required for compiling VeraCrypt:
</div>
</div>
- <div class="textbox" id="InstallationOfWDK71++">
- <a href="#InstallationOfWDK71++">Installation of the Windows Driver Kit 7.1</a>
+ <div class="textbox" id="InstallationOfWDK71PP">
+ <a href="#InstallationOfWDK71PP">Installation of the Windows Driver Kit 7.1</a>
<div class="texttohide">
<p>
<ol>
@@ -466,8 +466,8 @@ The following components are required for compiling VeraCrypt:
</div>
</div>
- <div class="textbox" id="InstallationOfSDK81++">
- <a href="#InstallationOfSDK81++">Installation of the Windows 8.1 SDK</a>
+ <div class="textbox" id="InstallationOfSDK81PP">
+ <a href="#InstallationOfSDK81PP">Installation of the Windows 8.1 SDK</a>
<div class="texttohide">
<p>
<ol>
@@ -655,7 +655,7 @@ The following components are required for compiling VeraCrypt:
<a href="https://github.com/wixtoolset/wix3/releases" target="_blank">https://github.com/wixtoolset/wix3/releases</a>
</li>
<li>
- Run the downloaded file as administrator and install 7zip with default settings
+ Run the downloaded file as administrator and install WiX Toolset with default settings
</li>
</ol>
</p>
@@ -898,23 +898,23 @@ The following components are required for compiling VeraCrypt:
</div>
<div class="textbox" id="InstallationOfWDK10">
- <a href="#InstallationOfWDK10">Installation of the Windows Driver Kit 2004</a>
+ <a href="#InstallationOfWDK10">Installation of the Windows Driver Kit version 2004</a>
<div class="texttohide">
<p>
<ol>
<li>
- Please download the Windows Driver Kit (WDK) 2004 at: <br>
+ Please download the Windows Driver Kit (WDK) version 2004 at: <br>
<a href="https://docs.microsoft.com/en-us/windows-hardware/drivers/other-wdk-downloads" target="_blank">https://docs.microsoft.com/en-us/windows-hardware/drivers/other-wdk-downloads</a>
</li>
<li>
Run the downloaded file as administrator and install the WDK with default settings
</li>
<li>
- At the end of the installation you will be asked, if you want to "install Windows Driver Kit Visual Studio extension". <br>
+ At the end of the installation you will be asked if you want to "install Windows Driver Kit Visual Studio extension". <br>
Please make sure, that this option is selected before closing the dialog.
</li>
<li>
- A different setup will start automatically and will detect Visual Studio Professional 2019 as possible tarket for the extension. <br>
+ A different setup will start automatically and will detect Visual Studio Professional 2019 as possible target for the extension. <br>
Please select it and proceed with the installation.
</li>
</ol>
@@ -1117,7 +1117,7 @@ The following components are required for compiling VeraCrypt:
<a href="#ImportCertificates">Import the Certificates</a>
<div class="texttohide">
<p> With the sign_test.bat script you just signed the VeraCrypt executables. This is necessary, since Windows only accepts drivers, which are trusted by a signed Certificate Authority. <br>
- Since you did not use the official VeraCrypt signing certificate to sign your code, but a public development version, you have to import and therefore trust the certifcates used.
+ Since you did not use the official VeraCrypt signing certificate to sign your code, but a public development version, you have to import and therefore trust the certificates used.
<ol>
<li>
Open the folder "src/Signing"
@@ -1132,6 +1132,7 @@ The following components are required for compiling VeraCrypt:
<li>TestCertificates/idrix_SHA256TestRootCA.crt</li>
<li>TestCertificates/idrix_TestRootCA.crt</li>
</ul>
+ Note: If prompted, the password for .pfx certificates is <b>idrix</b>.
</li>
</ol>
</p>
@@ -1146,9 +1147,14 @@ The following components are required for compiling VeraCrypt:
<li>
<b>This distribution package is damaged</b> <br>
<img src="CompilingGuidelineWin/DistributionPackageDamaged.jpg" width="20%"> <br>
- On Windows 10 or higher you might get the error message above. It occurs, if the authenticode signature check fails. <br>
- Currently this check works incorrectly, so it might fail every time. A workaround is to skip the verification. <br>
- Please see <a href="https://sourceforge.net/p/veracrypt/discussion/technical/thread/83d5a2d6e8/" target="_blank">https://sourceforge.net/p/veracrypt/discussion/technical/thread/83d5a2d6e8/</a> for further details.
+ On Windows 10 or higher you might get the error message above. In order to avoid this, you will need to:<br>
+ <ul>
+ <li>Double-check the installation of the root certificate that issued the test code signing certificate in the "Local Machine Trusted Root Certification Authorities" store.</li>
+ <li>Compute SHA512 fingerprint of the test code signing certificate and update the gpbSha512CodeSignCertFingerprint array in the file "src/Common/Dlgcode.c" accordingly.</li>
+ </ul>
+ Please see <a href="https://sourceforge.net/p/veracrypt/discussion/technical/thread/83d5a2d6e8/#db12" target="_blank">https://sourceforge.net/p/veracrypt/discussion/technical/thread/83d5a2d6e8/#db12</a> for further details.<br>
+ <br>
+ Another approach is to disable the signature verification in the VeraCrypt code. This should be done only for testing purposes and not for production use:
<ol>
<li>
Open the file "src/Common/Dlgcode.c"
@@ -1174,10 +1180,16 @@ The following components are required for compiling VeraCrypt:
</ol>
</li>
<li>
- <b>Certificate failure</b> <br>
+ <b>Driver Installation Failure during VeraCrypt Setup from Custom Builds</b> <br>
<img src="CompilingGuidelineWin/CertVerifyFails.jpg" width="20%"> <br>
Windows validates the signature for every driver which is going to be installed.<br>
- This validation can fail during the installation process of VeraCrypt for two reasons:
+ For security reasons, Windows allows only drivers signed by Microsoft to load.<br>
+ So, when using a custom build:<br>
+ <ul>
+ <li>If you have not modified the VeraCrypt driver source code, you can use the Microsoft-signed drivers included in the VeraCrypt source code (under "src\Release\Setup Files").</li>
+ <li>If you have made modifications, <strong>you will need to boot Windows into "Test Mode"</strong>. This mode allows Windows to load drivers that aren't signed by Microsoft. However, even in "Test Mode", there are certain requirements for signatures, and failures can still occur due to reasons discussed below.</li>
+ </ul>
+ Potential Causes for Installation Failure under "Test Mode":
<ol>
<li>
<b>The certificate used for signing is not trusted by Windows</b><br>
@@ -1193,7 +1205,7 @@ The following components are required for compiling VeraCrypt:
Go to the top menu "Digital Signatures". Her you will find two signatures in the Signature list
</li>
Check both by double clicking on it. If the headline says "The certificate in the signature cannot be verified", the corresponding signing certificate was not imported correctly.<br>
- Click on "View Certificate" and then on "Install Certificate..." to import the certificate to your certificate storage <br>
+ Click on "View Certificate" and then on "Install Certificate..." to import the certificate to Local Machine certificate storage. For the Root certificates, you may need to choose "Place all certificates in the following store", and select the "Trusted Root Certification Authorities" store.<br>
<img src="CompilingGuidelineWin/CertificateCannotBeVerified.jpg" width="40%"> <br>
<li>
</ol>