VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2023-09-29Windows: enhancement to RAM encryptionMounir IDRASSI1-17/+55
- use a more standard-looking memory value tag instead of fully random one that will look suspicious and outstanding - If we fail to allocate 1MiB for derivation area, we device the size by two in a loop until we succeed. This is better than falling back directly to 8KiB size - Better method to derive actual encryption key: instead of simply duplicating 128bit key value, we combine a xor addition and self-encryption to build a 256-bit key - use both encID and pbKeyDerivationArea to derive IV for encryption and not only endID
2023-09-29Windows Driver: Use KeQueryInterruptTimePrecise on Windows 8.1 and newer as ↵Mounir IDRASSI2-2/+24
better seed for internal RNG compared to KeQueryInterruptTime
2023-09-26Windows: during Setup, and if VeraCrypt already installed, open online help ↵Mounir IDRASSI2-3/+40
only if PC connected to Internet
2023-09-24Windows: make Setup correctly manage option to disable memory protection ↵Mounir IDRASSI3-2/+8
during upgrade
2023-09-24Libzip 1.10.1 (#1209)DLL12518-32/+87
Updated to the latest version for the VeraCrypt 1.26.6 release.
2023-09-24Windows: always open online help in case of Setup because local help may be ↵Mounir IDRASSI2-1/+7
outdated
2023-09-24Windows: Add tooltip message and help button for new option to disable ↵Mounir IDRASSI9-8/+187
memory protection Also a dedicated page in the documentation was added for it.
2023-09-22Linux/MacOSX: Increment packaging version to 1.26.6Mounir IDRASSI5-8/+8
2023-09-21Windows: Load Riched20.dll to use RichEdit control. Use InitCommonControlsEx ↵VeraCrypt_1.26.6Mounir IDRASSI1-2/+7
instead of InitCommonControls
2023-09-21Update Release Notes. Increment version to 1.26.6.Mounir IDRASSI32-39/+39
2023-09-21Windows: use separate name for SetProcessMitigationPolicy function point. ↵Mounir IDRASSI1-11/+5
Remove unneeded boolean
2023-09-20Windows: Add setting in main UI and setup wizard to disable memory protectionMounir IDRASSI10-20/+69
This can be useful for users who need Accessibility software that may not work when memory protection is active in VeraCrypt
2023-09-18Windows Security: make memory protection enabled by default. Add process ↵Mounir IDRASSI7-6/+139
mitigation (ASLR, Dynamic code, extension points) Memory protection can be disabled using registry value "VeraCryptEnableMemoryProtection" under the key "HKLM\SYSTEM\CurrentControlSet\Services\veracrypt"
2023-09-18Windows: use same manifest structure for Expander as in Mount and FormatMounir IDRASSI1-9/+9
2023-09-15Update Language.xml (#1199)TigerxWood1-1/+1
Corrected small typo
2023-09-11Windows: replace CoInitialize calls with CoInitializeExMounir IDRASSI6-15/+15
2023-09-10Windows: Indicate in manifest files that support starts from Windows 7Mounir IDRASSI5-4/+45
2023-09-08Linux/macOS: simplify logic of handling /dev/random reading failure ↵Mounir IDRASSI2-16/+11
(proposed by @Lavode in #1187) Fixes #1187
2023-09-08Windows: Add link in keyfiles dialog to documentation page for risks of ↵Mounir IDRASSI5-10/+33
third-party file extensions usage.
2023-09-08Update Language.xml (#1192)TigerxWood1-1/+1
Corected a typo
2023-09-06Windows: remove recommendation of keyfiles files extensions and update ↵Mounir IDRASSI2-1/+14
documentation to mention risks of third-party file extensions. This commit also adds red color to the warning text about keyfiles in keyfiles dialogs.
2023-09-03Windows: Replace legacy file/dir selection APIs with modern IFileDialog ↵Mounir IDRASSI7-201/+275
interface We remove usage of GetOpenFileNameW/GetSaveFileNameW/SHBrowseForFolderW which are deprecated by Microsoft
2023-09-03Windows: remove legacy code (XP, Vista). Simplify code since Windows 7 is ↵Mounir IDRASSI7-317/+130
now minimal OS version.
2023-09-03Windows: simpler and more robust safe dll loading combined with delay ↵Mounir IDRASSI15-968/+164
loading thanks to Windows 7 being minimum supported version. We also block execution on Windows versions older than Windows 7. A lot of code was removed thanks to this.
2023-09-02Linux/macOS: preserve unknown entries in configuration fileMounir IDRASSI2-10/+28
This helps to preserve unknown entries that may be used by future versions of VeraCrypt (forward compatibility) or entries used by old versions that were removed from current version (backward compatibility)
2023-08-21Allow cross compilation. (#1182)Unit 1933-5/+6
2023-08-20Windows: Set minimum build target to Windows 7Mounir IDRASSI1-1/+1
2023-08-20Windows: delay load bcrypt.dll to reduce startup dependency loading until ↵Mounir IDRASSI9-62/+62
setting safe dll loading
2023-08-20Update zlib to latest (#1181)DLL12523-1485/+918
* Update zlib to latest * Update copyright Updated copyright of zlib.
2023-08-19Linux: try use IOCTL BLKGETSIZE64 to get size of device instead of lseekMounir IDRASSI1-0/+11
2023-08-19Linux: Fix wrong max size for hidden volume in CLI direct mode creationMounir IDRASSI1-8/+15
There was a logical bug that made the code check the filesystem size of the device path "/dev" instead of using the actual size of the device Fix #1180
2023-08-15Windows: Update MBR bootloader files to 1.26.5 buildMounir IDRASSI20-0/+0
2023-08-15Update Release Notes and set date of 1.26.5 to August 15thMounir IDRASSI1-1/+1
2023-08-14Increment version to 1.26.5. Update signed Windows drivers.Mounir IDRASSI23-45/+45
2023-08-13Windows: Implement support for mounting partially encrypted system partitionsMounir IDRASSI7-5/+34
For now, we force ReadOnly mounting for such partitions.
2023-08-13Windows: Better way to enable required privileges for FastCreate OptionsMounir IDRASSI10-8/+183
If we can set required privilege, we ask the user using UAC to enable them.
2023-08-12Linux: Flush stdout explicitly when reading stdin (#1172)Jertzukka1-1/+1
Rules of automatic flushing of stdout buffer is implementation-defined behaviour. In glibc this is automatically flushed, but we can't rely on it for other implementations such as musl.
2023-08-12Linux: Typo fix and consistency in help command (#1169)Jertzukka1-1/+2
2023-08-10Windows: Fix failure creating Traveler Disk caused by outdated hardcoded ↵Mounir IDRASSI1-10/+10
value of MS certificate We also rename the variables gpbSha256CodeSignCertFingerprint and gpbSha256MSCodeSignCertFingerprint to gpbSha512CodeSignCertFingerprint and gpbSha512MSCodeSignCertFingerprint respectively to reflect the fact that they are actually SHA512 hash values and not SHA256 ones.
2023-08-07Call EnsureVisible() for OSX in OnActivate (#1167)Deniz Türkoglu1-0/+1
When using multiple monitors, the resolution can change in OSX, during plug-in/off off the display(s). To avoid window becoming non-usable, there is EnsureVisible, that is called in several places. However, if you minimize VeraCrypt on the bigger screen, and restore it in the main screen of a MacBook, after unplugging, the window will become unusable (unless you know that clicking 'About' calls EnsureVisible :-)). Call EnsureVisible OnActivate so MainFrame is always functional across screens, even when minimized.
2023-08-06Linux/macOS: Add explicit include of <sys/types.h> to define ssize_tMounir IDRASSI1-0/+2
Some systems (e.g. Alpine Linux) seems to require this.
2023-08-06Linux: capture both stdout and stderr in popen call to avoid printing anythingMounir IDRASSI1-2/+2
If an error happens, error message will be read from popen pipe and so libpcsclite.so will not be found. This is the same outcome as when stdout is empty.
2023-08-05Security: ensure that XTS primary key is different from secondary key when ↵Mounir IDRASSI2-0/+14
creating volumes This is unlikely to happen thanks to random generator properties but we much add this check to prevent an attack described in page 3 of https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38e-initial-public-comments-2021.pdf
2023-08-05Windows: Fix false positive detection of new device insertion when clear ↵Mounir IDRASSI13-9/+255
keys option is enable When this option is enabled, we first build the list of currently inserted devices then we start listening to insertion events. When a device insertion occurs, we check if this device is on our list and if yes, we ignore its insertion. We also ignore devices whose Device ID starts with "SWD\" and "ROOT\" since these are not real devices.
2023-08-04fix warnings and UB (#1164)kovalev04-5/+8
* Crypto: fix warning mismatched bound ../Crypto/cpu.c:67:32: warning: argument 2 of type 'uint32[4]' {aka 'unsigned int[4]'} with mismatched bound [-Warray-parameter=] 67 | int CpuId(uint32 input, uint32 output[4]) | ~~~~~~~^~~~~~~~~ In file included from ../Crypto/cpu.c:3: ../Crypto/cpu.h:236:33: note: previously declared as 'uint32 *' {aka 'unsigned int *'} 236 | int CpuId(uint32 input, uint32 *output); Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org> * Core/Unix: fix warning ignoring return value Unix/CoreUnix.cpp: In member function 'virtual std::shared_ptr<VeraCrypt:\ :VolumeInfo> VeraCrypt::CoreUnix::MountVolume(VeraCrypt::MountOptions&)': Unix/CoreUnix.cpp:682:55: warning: ignoring return value of 'int chown(const char*, __uid_t, __gid_t)' declared with attribute 'warn_unused_result' [-Wunused-result] 682 | chown (mountPoint.c_str(), GetRealUserId(), GetRealGroupId()); | ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org> * Main/Forms: fix warning cast to pointer from integer of different size Forms/MainFrame.cpp: In member function 'void VeraCrypt::MainFrame:\ :UpdateVolumeList()': Forms/MainFrame.cpp:1718:106: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 1718 | Gui->InsertToListCtrl (SlotListCtrl, ++prevItemIndex, fields, 0, (void *) volume->SlotNumber); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ Forms/MainFrame.cpp:1753:114: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 1753 | Gui->InsertToListCtrl (SlotListCtrl, ++prevItemIndex, fields, 0, (void *) slotNumber); | ^~~~~~~~~~~~~~~~~~~ Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org> * Crypto: fix undefined behavior signed integer overflow In function 'twofish_set_key': cc1: warning: iteration 4 invokes undefined behavior [-Waggressive-loop-optimizations] ../Crypto/Twofish.c:626:23: note: within this loop 626 | for (i = 0; i != 40; i += 2) | ~~^~~~~ Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org> --------- Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org> Co-authored-by: Vasiliy Kovalev <kovalev@altlinux.org>
2023-07-29Windows: Add installer language support for rest of the translations (#1160)Jertzukka6-0/+156
Currently there are a lot of translated strings that are never seen anywhere as the installer doesn't offer all the available languages as options in the installer wizard (sans Burmese).
2023-07-25Linux/macOS: Increment version to 1.26.4 in installation packagesMounir IDRASSI5-8/+8
2023-07-24Windows: remove unused variableMounir IDRASSI1-1/+0
2023-07-24Update Release Notes and set date of 1.26.4 to July 24thMounir IDRASSI1-1/+1
2023-07-24Linux/macOS: Remove TrueCrypt supportMounir IDRASSI42-348/+133