Mounir IDRASSI
|
809394d383
|
Include language xml files in the setup
|
2014-11-08 23:23:13 +01:00 |
|
Mounir IDRASSI
|
7c501359b3
|
Windows vulnerability fix: correct some integer overflow issues using the IntSafe library. Detected by the Open Crypto Audit project
|
2014-11-08 23:23:10 +01:00 |
|
Mounir IDRASSI
|
f82e16f0a1
|
Windows vulnerability fix: correct checking device name to avoid possible bypass attack detected by the Open Crypto Audit project
|
2014-11-08 23:23:08 +01:00 |
|
Mounir IDRASSI
|
4fa4d6d227
|
Windows vulnerability fix: correct possible BSOD attack targeted towards GetWipePassCount() / WipeBuffer() found by the Open Crypto Audit Project.
|
2014-11-08 23:23:05 +01:00 |
|
Mounir IDRASSI
|
e0efb36f33
|
Revert previous modification on boad-loader decompressor because it increased its size and it became impossible to include it with the SERPENT version of bootloader. The decompressor and the compressed bootloader are copied twice (original and backup) in the 63 first sectors of the hard drive (32K), thus the size limitation.
This reverts commit 154235d589222e3c31cda05aa53e73ab69a89a6e.
|
2014-11-08 23:23:02 +01:00 |
|
Mounir IDRASSI
|
ef4355acf8
|
Windows vulnerability fix : make boot-loader decompressor more robust and secure by adding multiple checks and validation code. Note that we had to switch to the slow implementation of the function decode in order to keep the size of the decompressor code under 2K.
|
2014-11-08 23:22:59 +01:00 |
|
Mounir IDRASSI
|
5fcb262539
|
Windows vulnerability fix : clear sensitive data in Windows kernel driver by using burjn instead of memset
|
2014-11-08 23:22:57 +01:00 |
|
Mounir IDRASSI
|
d6aa653648
|
Windows vulnerability fix : avoid kernel pointer disclosure through a call to TC_IOCTL_GET_SYSTEM_DRIVE_DUMP_CONFIG but restricting this call to Kernel Mode.
|
2014-11-08 23:22:54 +01:00 |
|
Mounir IDRASSI
|
6de2c143b9
|
Windows : Specify "IDRIX" in signtool for the subject of the code signing certificate.
|
2014-11-08 23:22:51 +01:00 |
|
Mounir IDRASSI
|
9083f95db0
|
Remove driver version test that is non application to VeraCrypt and that was wrongly inherited from TrueCrypt.
|
2014-11-08 23:22:49 +01:00 |
|
Mounir IDRASSI
|
03cf7cc566
|
Correctly handle dialogs from previous versions that used 'TRUE' instead of 'VERA' as a value for GWLP_USERDATA.
|
2014-11-08 23:22:46 +01:00 |
|
Mounir IDRASSI
|
f158df394e
|
Windows : correct bug in construction of Format.exe path that prevented the new volume wizard to launch.
|
2014-11-08 23:22:43 +01:00 |
|
Mounir IDRASSI
|
bb7ef68040
|
MacOSX : Update Main Makefile to used the new package name that include the version.
|
2014-11-08 23:22:41 +01:00 |
|
Mounir IDRASSI
|
37891c2bb0
|
MacOSX : Add detection of MacFUSE compatibility layer in installer. Change package name to include version in order to avoid specifying manually the title of the installer window.
|
2014-11-08 23:22:38 +01:00 |
|
Mounir IDRASSI
|
3e2cf28d92
|
MacOSX : Correct typos in Main Makefile
|
2014-11-08 23:22:35 +01:00 |
|
Mounir IDRASSI
|
92af806488
|
MacOSX : change OSXFuse error message to indicate the MacFUSE compatibility layer is needed.
|
2014-11-08 23:22:32 +01:00 |
|
Mounir IDRASSI
|
ce44ad4c57
|
MacOSX : modify Makefile to automatically build and sign the MacOSX installer for VeraCrypt.
|
2014-11-08 23:22:29 +01:00 |
|
Mounir IDRASSI
|
a857f6c087
|
MacOSX : add Packages project that creates the MacOSX installer for VeraCrypt
|
2014-11-08 23:22:27 +01:00 |
|
Mounir IDRASSI
|
0d6443e05a
|
MacOSX : Since we link directly with OSXFuse, change error message to indicate that OSXFuse 2.3+ is needed.
|
2014-11-08 23:22:24 +01:00 |
|
Mounir IDRASSI
|
41a31ac76f
|
MacOSX : Copy console version of VeraCrypt inside the bundle under the name veracrypt_console.
|
2014-11-08 23:22:21 +01:00 |
|
Mounir IDRASSI
|
4fefd61cee
|
MacOSX : Update Fuse error message to display OSXFUSE requirement alongside MacFuse.
|
2014-11-08 23:22:19 +01:00 |
|
Mounir IDRASSI
|
8ee17fd727
|
MacOSX : Support detection of OSXFUSE and the presence of MacFUSE compatibility layer.
|
2014-11-08 23:22:16 +01:00 |
|
Mounir IDRASSI
|
7aceaf124e
|
MacOSX : copy the help pdf into the VeraCrypt bundle during package creation
|
2014-11-08 23:22:13 +01:00 |
|
Mounir IDRASSI
|
f143182cbc
|
MacOSX : correct the name of dmg file used by the rm command
|
2014-11-08 23:22:10 +01:00 |
|
Mounir IDRASSI
|
f94707e4ef
|
MacOSX : correct compilation issue caused by system API deprication and use of new wxWidgets.
|
2014-11-08 23:22:08 +01:00 |
|
Mounir IDRASSI
|
73bf608efc
|
MacOSX : Correct issue of compiling assembly files in both 32-bit and 64-bit mode. Modify Makefiles to correct compilation process using latest Xcode.
|
2014-11-08 23:22:05 +01:00 |
|
Mounir IDRASSI
|
6688c9d85a
|
MacOSX : add icns file to be used by VeraCrypt bundle
|
2014-11-08 23:22:02 +01:00 |
|
Mounir IDRASSI
|
e8fbc912ce
|
MacOSX : add nasm binary to be used instead of the native one because of the limitations of the version shipped by Apple
|
2014-11-08 23:22:00 +01:00 |
|
Mounir IDRASSI
|
80a26745a6
|
Linux GUI : hide the wipe choice during volume creation. Remove extra content from wipe choice list.
|
2014-11-08 23:21:57 +01:00 |
|
Mounir IDRASSI
|
88b4628c34
|
Correct message in Linux VeraCrypt installer to replace truecrypt-uninstall.sh by veracrypt-uninstall.sh
|
2014-11-08 23:21:54 +01:00 |
|
Mounir IDRASSI
|
ee9f3101fd
|
Correct compilation error under Linux introduced in latest commit
|
2014-11-08 23:21:52 +01:00 |
|
Mounir IDRASSI
|
cb6dad6bd2
|
Linux/MacOSX port of manual selection of number of passes for volume header over-write operation.
|
2014-11-08 23:21:49 +01:00 |
|
Mounir IDRASSI
|
4d8d59c23d
|
Add description string for the new wipe mode WIPE_MODE_256 in language files.
|
2014-11-08 23:21:46 +01:00 |
|
Mounir IDRASSI
|
1c11ee428d
|
Add option in select the number of passes for volume header over-writing. By default, it is set to 3 but it can be increased to 256 passes (which can lead to a delay of many hours for a single password change operation).
|
2014-11-08 23:21:43 +01:00 |
|
Mounir IDRASSI
|
97154aaf51
|
Lower number of times we overwrite volume header during the encryption of a partition if the user choose to wipe the driver. Latest studies show that even one pass is enough to make data irretrievable. A value of 3 is a conservative approach that enhance performance without scarifying security. http://www.infosecisland.com/blogview/16130-The-Urban-Legend-of-Multipass-Hard-Disk-Overwrite.html http://digital-forensics.sans.org/blog/2009/01/15/overwriting-hard-drive-data/
|
2014-11-08 23:21:40 +01:00 |
|
Mounir IDRASSI
|
1ddae20932
|
Correct Linux compilation after removing legacy cryptographic code.
|
2014-11-08 23:21:38 +01:00 |
|
Mounir IDRASSI
|
a5c1978eef
|
Remove remaining legacy cryptographic algorithms that are never used by VeraCrypt.
|
2014-11-08 23:21:35 +01:00 |
|
Mounir IDRASSI
|
75f7808719
|
Remove deprecated/legacy cryptographic algorithms and encryption modes that are never used by VeraCrypt. This will speed up volumes opening in many cases.
|
2014-11-08 23:21:32 +01:00 |
|
Mounir IDRASSI
|
0594532cf1
|
Mount.c : call burn directly in szFileName instead of (&szFileName). This was not an issue because the compiler returns the same address for both, but for the sake of clarity it had to be corrected.
|
2014-11-08 23:21:30 +01:00 |
|
Mounir IDRASSI
|
c220db0128
|
Static Code Analysis : Generalize the use of Safe String functions. Add some NULL pointer checks. Avoid false-positive detection in AppendMenu (MF_SEPARATOR) calls by setting the last parameter to "" instead of NULL.
|
2014-11-08 23:21:27 +01:00 |
|
Mounir IDRASSI
|
c01f392a7b
|
Static Code Analysis : Use Safe String function in Dlgcode.c. Add byte size parameter in various functions to help implement secure handling of strings.
|
2014-11-08 23:21:24 +01:00 |
|
Mounir IDRASSI
|
bbc738c490
|
Static Code Analysis : Add various NULL pointers checks
|
2014-11-08 23:21:21 +01:00 |
|
Mounir IDRASSI
|
8bf58486af
|
Static Code Analysis : Add NULL pointers checks on the result of ATL string conversion. Avoid some conversions by using UNICODE functions directly.
|
2014-11-08 23:21:18 +01:00 |
|
Mounir IDRASSI
|
ba733dd032
|
Use Safe String functions in Registry.c and add a unicode version of WriteLocalMachineRegistryDword function to avoid doing conversions when used.
|
2014-11-08 23:21:16 +01:00 |
|
Mounir IDRASSI
|
016edc150b
|
Static Code Analysis : Use Safe String functions in Setup code to avoid potential security issues.
|
2014-11-08 23:21:13 +01:00 |
|
Mounir IDRASSI
|
5c1db9d0e1
|
Static Code Analysis : Add check on the return of strtok inside mkfulldir_internal to avoid warning.
|
2014-11-08 23:21:10 +01:00 |
|
Mounir IDRASSI
|
f3625a080f
|
Static Code Analysis: Correctly initialize variables to avoid false-positive detection in the boot code.
|
2014-11-08 23:21:07 +01:00 |
|
Mounir IDRASSI
|
3137d36d9a
|
Static Code Analysis : Use Safe string functions inside VeraCrypt Device Driver to avoid potential security issues. Add many checks for NULL pointers to handle low memory use cases.
|
2014-11-08 23:21:04 +01:00 |
|
Mounir IDRASSI
|
516fda09a7
|
Remove test inherited from TrueCrypt because it's always true since we inherited from version 0x71a
|
2014-11-08 23:21:02 +01:00 |
|
Mounir IDRASSI
|
626a3aedd7
|
Disable posting the results of minidump analysis until a dedicated URL is put in place.
|
2014-11-08 23:20:59 +01:00 |
|