VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2014-11-08Simplify code handling iterations count: in boot mode, we'll set the correct ↵Mounir IDRASSI6-32/+37
iterations count inside derive_u_sha256 and derive_u_ripemd160 depending in the value of the iterations parameter. On normal mode, we use normal values of iterations count. Removes the special test parameter from RIPEMD160 functions.
2014-11-08Bootloader: in function ReadVolumeHeader, arrays dk and masterKey have the ↵Mounir IDRASSI1-12/+9
same size and they are never needed at the same time. So, we can minimize stack memory usage by using only one array instead of two. At the end of the function, the array is erased securely.
2014-11-08Bootloader: optimize code size in single cipher mode by manually inlining ↵Mounir IDRASSI3-26/+61
EAInit, EAGetFirst and EAGetKeySize, and by removing the loop in ReadVolumeHeader that tests for encryption algorithms.
2014-11-08Bootloader code optimization: remove code in HMAC implementation in case of ↵Mounir IDRASSI1-4/+24
boot compilation that is never called since passwords are always less than 64-byte length. We leave it in Windows compilation because it is used to check the implementation against test vectors.
2014-11-08Linux: remove workaround for wxFileType::GetOpenCommand bug in handling path ↵Mounir IDRASSI1-5/+0
with spaces because it was fixed in wxWidgets 3.0 and this workaround causes problems.
2014-11-08Linux: Support NTFS formatting of volume. We use mkfs.ntfs so it needs to be ↵Mounir IDRASSI3-0/+4
installed on the system.
2014-11-08Linux/MacOSX : fix encryption/decryption issues with hard drives that have a ↵Mounir IDRASSI1-1/+1
sector size bigger than 512. Now, we use the sector size as the minimum unit for data fragment encryption/decryption.
2014-11-08MacOSX : Support hard drives with a large sector size ( > 512).Mounir IDRASSI2-2/+2
2014-11-08Integrate SHA-256 support into Linux/MacOSX code. Set PRF priority to ↵Mounir IDRASSI5-5/+97
SHA-512 -> Whirlpool -> SHA-256 -> RIPEMD-160 .
2014-11-08Small code size optimization for RIPEMD-160 when compiled for boot encryption.Mounir IDRASSI1-7/+9
2014-11-08Use HashForSystemEncryption to check if the algorithm is supported for ↵Mounir IDRASSI1-1/+1
system partition encryption because we have now two supported algorithms.
2014-11-08Display only allowed hashes when encrypting the system partition (now, ↵Mounir IDRASSI1-14/+25
SHA-256 and RIPEMD-160).
2014-11-08Implement support for creating and booting encrypted partition using ↵Mounir IDRASSI9-10/+137
SHA-256. Support SHA-256 for normal volumes as well.
2014-11-08Add support for SHA-256 in key derivation for bootloader encryption. Create ↵Mounir IDRASSI7-28/+252
separate bootloader images for SHA-256 and RIPEMD-160. Set SHA-256 as the default PRF for boot encryption and SHA-512 as default PRF for all other cases. Depricate RIPEMD-160.
2014-11-08Add SHA-256 source specific for upcoming bootloader build because of its ↵Mounir IDRASSI2-0/+301
small size. It was derived from the libtomcrypt public domain source.
2014-11-08Correctly support reinstalling the same version. Overwrite the bootloader if ↵Mounir IDRASSI3-3/+7
the same version detected.
2014-11-08Windows vulnerability fix : finally make bootloader decompressor more robust ↵Mounir IDRASSI3-411/+448
and secure by adding multiple checks and validation code. This solves the issue found by the Open Crypt Audit project. Note that we had to switch to the slow implementation of the function decode in order to keep the size of the decompressor code under 2K.
2014-11-08Optimization to reduce code size of derive_u_ripemd160. Useful for boatloader.Mounir IDRASSI1-25/+20
2014-11-08Optimize code space and solve the Serpent issue ↵Mounir IDRASSI6-20/+16
(https://sourceforge.net/p/veracrypt/discussion/technical/thread/fb09633a/#6406) by removing key length parameter from serpent_set_key and twofish_set_key
2014-11-08Call RegCloseKey only if handle is valid.Mounir IDRASSI1-1/+2
2014-11-08Windows : display the correct tray icon when explorer is restarted (i.e. ↵Mounir IDRASSI2-12/+18
after an explorer crash).
2014-11-08Use absolute path in ShellExecute call that was missed when the security fix ↵Mounir IDRASSI1-1/+1
for Microsoft Security Advisory 2269637 was implemented.
2014-11-08Update Readme.txt to include more accurate build instructions for Linux and ↵VeraCrypt_MacOSX_1.0eVeraCrypt_Linux_1.0eVeraCrypt_1.0eMounir IDRASSI1-10/+31
MacOSX
2014-11-08MacOSX : increment MacOSX installer version to 1.0eMounir IDRASSI1-3/+3
2014-11-08Adapt certain functions in the case of Windows bootloader in order to make ↵Mounir IDRASSI3-5/+44
its size as small as possible.
2014-11-08Increment version to 1.0e for the next releaseMounir IDRASSI6-21/+21
2014-11-08Include language xml files in the setupMounir IDRASSI2-2/+80
2014-11-08Windows vulnerability fix: correct some integer overflow issues using the ↵Mounir IDRASSI2-6/+40
IntSafe library. Detected by the Open Crypto Audit project
2014-11-08Windows vulnerability fix: correct checking device name to avoid possible ↵Mounir IDRASSI1-1/+17
bypass attack detected by the Open Crypto Audit project
2014-11-08Windows vulnerability fix: correct possible BSOD attack targeted towards ↵Mounir IDRASSI5-10/+42
GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project.
2014-11-08Revert previous modification on boad-loader decompressor because it ↵Mounir IDRASSI3-54/+18
increased its size and it became impossible to include it with the SERPENT version of bootloader. The decompressor and the compressed bootloader are copied twice (original and backup) in the 63 first sectors of the hard drive (32K), thus the size limitation. This reverts commit 154235d589222e3c31cda05aa53e73ab69a89a6e.
2014-11-08Windows vulnerability fix : make boot-loader decompressor more robust and ↵Mounir IDRASSI3-18/+54
secure by adding multiple checks and validation code. Note that we had to switch to the slow implementation of the function decode in order to keep the size of the decompressor code under 2K.
2014-11-08Windows vulnerability fix : clear sensitive data in Windows kernel driver by ↵Mounir IDRASSI1-1/+1
using burjn instead of memset
2014-11-08Windows vulnerability fix : avoid kernel pointer disclosure through a call ↵Mounir IDRASSI1-1/+3
to TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG but restricting this call to Kernel Mode.
2014-11-08Windows : Specify "IDRIX" in signtool for the subject of the code signing ↵Mounir IDRASSI1-5/+5
certificate.
2014-11-08Remove driver version test that is non application to VeraCrypt and that was ↵Mounir IDRASSI1-3/+0
wrongly inherited from TrueCrypt.
2014-11-08Correctly handle dialogs from previous versions that used 'TRUE' instead of ↵Mounir IDRASSI2-3/+6
'VERA' as a value for GWLP_USERDATA.
2014-11-08Windows : correct bug in construction of Format.exe path that prevented the ↵Mounir IDRASSI1-1/+1
new volume wizard to launch.
2014-11-08MacOSX : Update Main Makefile to used the new package name that include the ↵VeraCrypt_MacOSX_1.0dMounir IDRASSI1-1/+1
version.
2014-11-08MacOSX : Add detection of MacFUSE compatibility layer in installer. Change ↵Mounir IDRASSI1-3/+50
package name to include version in order to avoid specifying manually the title of the installer window.
2014-11-08MacOSX : Correct typos in Main MakefileMounir IDRASSI1-3/+3
2014-11-08MacOSX : change OSXFuse error message to indicate the MacFUSE compatibility ↵Mounir IDRASSI1-1/+1
layer is needed.
2014-11-08MacOSX : modify Makefile to automatically build and sign the MacOSX ↵Mounir IDRASSI1-1/+3
installer for VeraCrypt.
2014-11-08MacOSX : add Packages project that creates the MacOSX installer for VeraCryptMounir IDRASSI1-0/+1018
2014-11-08MacOSX : Since we link directly with OSXFuse, change error message to ↵Mounir IDRASSI1-1/+1
indicate that OSXFuse 2.3+ is needed.
2014-11-08MacOSX : Copy console version of VeraCrypt inside the bundle under the name ↵Mounir IDRASSI1-0/+11
veracrypt_console.
2014-11-08MacOSX : Update Fuse error message to display OSXFUSE requirement alongside ↵Mounir IDRASSI1-1/+1
MacFuse.
2014-11-08MacOSX : Support detection of OSXFUSE and the presence of MacFUSE ↵Mounir IDRASSI1-3/+29
compatibility layer.
2014-11-08MacOSX : copy the help pdf into the VeraCrypt bundle during package creationMounir IDRASSI1-0/+1
2014-11-08MacOSX : correct the name of dmg file used by the rm commandMounir IDRASSI1-1/+1