VeraCrypt/src
2015-02-09 11:01:18 +01:00
..
Boot/Windows Add support for SHA-256 in key derivation for bootloader encryption. Create separate bootloader images for SHA-256 and RIPEMD-160. Set SHA-256 as the default PRF for boot encryption and SHA-512 as default PRF for all other cases. Depricate RIPEMD-160. 2014-11-08 23:23:50 +01:00
Build MacOSX: add shell script to perform build under MacOSX 2014-11-08 23:24:57 +01:00
Common Static Code Analysis: code potential memory leaks in inflate.c used by the setup. 2015-02-09 11:01:13 +01:00
Core Linux/MacOSX: Implement TrueCrypt conversion and loading support. Correct many GTK issues linked to multi-threaded origine of events by implementing an automatic mechanism for handling such requests in the main thread. 2014-12-30 17:06:20 +01:00
Crypto Static Code Analysis: clarify macros definition and use. 2015-02-09 11:01:06 +01:00
Driver Static Code Analysis: in Windows Driver, avoid using uninitialized stack memory as random and use proper random value for wipe operation. Solve potential double-free issue. 2015-02-09 11:01:16 +01:00
ExpandVolume Static Code Analysis: solve issues in Expander. Use real random values for wipe buffers. 2015-02-09 11:01:18 +01:00
Format Windows: retry UAC prompt operation in case of failure. This avoids cancel the whole operation if the user is not in front of the machine during UAC prompt (this happens ofter during in-place encryption of big NTFS partitions). 2015-02-08 10:07:44 +01:00
Main Linux: solve rare issue where VeraCrypt wrongly reports that another instance is already running. That happens when VeraCrypt doesn't close cleanly upon shutdown/reboot and on the next startup another process is running with the same PID as VeraCrypt before shutdow/reboot. 2015-02-08 17:57:00 +01:00
Mount Activate support of mounting TrueCrypt system partitions. 2015-02-08 10:07:36 +01:00
PKCS11 Add PKCS#11 2.20 headers to the source tree 2014-11-08 23:19:22 +01:00
Platform Linux/MacOSX: Implement TrueCrypt conversion and loading support. Correct many GTK issues linked to multi-threaded origine of events by implementing an automatic mechanism for handling such requests in the main thread. 2014-12-30 17:06:20 +01:00
Release/Setup Files Update the FAQ section of the user guide to include TrueCrypt support information. 2015-01-06 00:19:03 +01:00
Resources Update license text to show VeraCrypt name while maintaining the TrueCrypt license. 2014-12-11 18:31:35 +01:00
Setup Windows Setup: implement removal of non-empty directories to avoid errors during uninstall. 2015-02-08 10:07:38 +01:00
Signing Windows: Add first version of VeraCryptExpander who is based on extcv. Minor modification to Mount.c to avoid link errors when building VeraCryptExpander. 2015-01-20 12:42:04 +01:00
Volume Linux/MacOSX: mark RIPEMD-160 as deprecated like it's the case on Windows. It will no more be available for the creation of volumes. 2015-02-08 16:20:40 +01:00
License.html Update license text to show VeraCrypt name while maintaining the TrueCrypt license. 2014-12-11 18:31:35 +01:00
License.txt Update license text to show VeraCrypt name while maintaining the TrueCrypt license. 2014-12-11 18:31:35 +01:00
Makefile Linux: solve link error on recent Ubuntu when using shared wxWidgets. 2015-01-02 17:12:36 +01:00
Readme.txt Readme: add makeself to the build requirements for Linux. 2015-01-02 14:55:04 +01:00
VeraCrypt.sln Windows: rename VeraCryptExpander project in the global solution 2015-02-08 10:07:41 +01:00

This archive contains the source code of VeraCrypt.
It is based on original TrueCrypt 7.1a with security enhancements and modifications.


Important
=========

You may use the source code contained in this archive only if you accept and
agree to the license terms contained in the file 'License.txt', which is
included in this archive.

Note that the license specifies, for example, that a derived work must not be
called 'TrueCrypt' or 'VeraCrypt'



Contents
========

I. Windows
	Requirements for Building VeraCrypt for Windows
	Instructions for Building VeraCrypt for Windows
	Instructions for Signing and Packaging VeraCrypt for Windows

II. Linux and Mac OS X
	Requirements for Building VeraCrypt for Linux and Mac OS X
	Instructions for Building VeraCrypt for Linux and Mac OS X
	Mac OS X specifics
	
III. FreeBSD and OpenSolaris

IV. Third-Party Developers (Contributors)

V. Legal Information

VI. Further Information



I. Windows
==========

Requirements for Building VeraCrypt for Windows:
------------------------------------------------

- Microsoft Visual C++ 2008 SP1 (Professional Edition or compatible)
- Microsoft Visual C++ 1.52 (available from MSDN Subscriber Downloads)
- Microsoft Windows SDK for Windows 7 (configured for Visual C++)
- Microsoft Windows Driver Kit 7.1.0 (build 7600.16385.1)
- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20
  header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20)
- NASM assembler 2.08 or compatible
- gzip compressor

IMPORTANT:

The 64-bit editions of Windows Vista and later versions of Windows, and in
some cases (e.g. playback of HD DVD content) also the 32-bit editions, do not
allow the VeraCrypt driver to run without an appropriate digital signature.
Therefore, all .sys files in official VeraCrypt binary packages are digitally
signed with the digital certificate of the IDRIX, which was
issued by Thawt certification authority. At the end of each official .exe and
.sys file, there are embedded digital signatures and all related certificates
(i.e. all certificates in the relevant certification chain, such as the
certification authority certificates, CA-MS cross-certificate, and the
IDRIX certificate). Keep this in mind if you compile VeraCrypt
and compare your binaries with the official binaries. If your binaries are
unsigned, the sizes of the official binaries will usually be approximately
10 KB greater than sizes of your binaries (there may be further differences
if you use a different version of the compiler, or if you install a different
or no service pack for Visual Studio, or different hotfixes for it, or if you
use different versions of the required SDKs).


Instructions for Building VeraCrypt for Windows:
------------------------------------------------

1) Create an environment variable 'MSVC16_ROOT' pointing to the folder 'MSVC15'
   extracted from the Visual C++ 1.52 self-extracting package.

   Note: The 16-bit installer MSVC15\SETUP.EXE cannot be run on 64-bit Windows,
   but it is actually not necessary to run it. You only need to extract the
   folder 'MSVC15', which contains the 32-bit binaries required to build the
   VeraCrypt Boot Loader.

2) If you have installed the Windows Driver Development Kit in another
   directory than '%SYSTEMDRIVE%\WinDDK', create an environment variable
   'WINDDK_ROOT' pointing to the DDK installation directory.

3) Copy the PKCS #11 header files to a standard include path or create an
   environment variable 'PKCS11_INC' pointing to the directory where
   the PKCS #11 header files are installed.

4) Open the solution file 'VeraCrypt.sln' in Microsoft Visual Studio 2008.

5) Select 'All' as the active solution configuration.

6) Build the solution.

7) If successful, there should be newly built VeraCrypt binaries in the
   'Release' folder.

Instructions for Signing VeraCrypt for Windows:
------------------------------------------------

The folder "Signing" contains a batch file (sign.bat) that will sign all 
VeraCrypt components using a code signing certificate present on the 
certificate store and also build the final installation setup.
The batch file suppose that the code signing certificate is issued by Thawt.
This is the case for IDRIX's certificate. If yours is issued by another CA, 
then you should put the Root and Intermediate certificates in the "Signing" 
folder and then modify sign.bat accordingly.


II. Linux and Mac OS X
======================

Requirements for Building VeraCrypt for Linux and Mac OS X:
-----------------------------------------------------------

- GNU Make
- GNU C++ Compiler 4.0 or compatible
- Apple Xcode (Mac OS X only)
- NASM assembler 2.08 or compatible (x86/x64 architecture only)
- pkg-config
- makeself (Linux only)
- wxWidgets 3.0 shared library and header files installed or
  wxWidgets 3.0 library source code (available at http://www.wxwidgets.org)
- FUSE library and header files (available at http://fuse.sourceforge.net
  and https://osxfuse.github.io/)
- RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20
  header files (available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20).
  They are already included in the source tree under the directory PKCS11 but 
  it is possible to override it using the environment variable 'PKCS11_INC'. 


Instructions for Building VeraCrypt for Linux and Mac OS X:
-----------------------------------------------------------

1) Change the current directory to the root of the VeraCrypt source code.

2) If you have no wxWidgets shared library installed, run the following
   command to configure the wxWidgets static library for VeraCrypt and to
   build it: 

   $ make WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild

   The variable WX_ROOT must point to the location of the source code of the
   wxWidgets library. Output files will be placed in the './wxrelease/'
   directory.

3) To build VeraCrypt, run the following command:

   $ make

   or if you have no wxWidgets shared library installed:
   
   $ make WXSTATIC=1

4) If successful, the VeraCrypt executable should be located in the directory
   'Main'.

By default, a universal executable supporting both graphical and text user
interface is built. To build a console-only executable, which requires no GUI
library, use the 'NOGUI' parameter:

   $ make NOGUI=1 WXSTATIC=1 WX_ROOT=/usr/src/wxWidgets wxbuild
   $ make NOGUI=1 WXSTATIC=1
   

Mac OS X specifics:
-----------------------------------------------------------
   
Under MacOSX, the SDK for OSX 10.7 is used by default. To use another version
of the SDK (e.i. 10.6), you can export the environment variable VC_OSX_TARGET :
	
	$ export VC_OSX_TARGET=10.6


Before building under MacOSX, pkg-config must be installed if not yet available.
Get it from http://pkgconfig.freedesktop.org/releases/pkg-config-0.28.tar.gz and
compile using the following commands : 

	$ ./configure --with-internal-glib
	$ make
	$ sudo make install

After making sure pkg-config is available, download and install OSXFuse from
https://osxfuse.github.io/ (MacFUSE compatibility layer must selected)

The script build_veracrypt_macosx.sh available under "src/Build" performs the 
full build of VeraCrypt including the creation of the installer pkg. It expects
to find the wxWidgets 3.0.2 sources at the same level as where you put 
VeraCrypt sources (e.i. if "src" path is "/Users/joe/Projects/VeraCrypt/src" 
then wxWidgets should be at "/Users/joe/Projects/wxWidgets-wxWidgets-3.0.2")

The build process uses Code Signing certificates whose ID is specified in
src/Main/Main.make (lines 167 & 169). You'll have to modify these lines to put
the ID of your Code Signing certificates or comment them if you don't have one.

Because of incompatibility issues with OSXFUSE, the SDK 10.9 generates a
VeraCrypt binary that has issues communicating with the OSXFUSE kernel extension.
Thus, we recommend to use the SDK 10.8 or earlier for building VeraCrypt.



III. FreeBSD and OpenSolaris
============================

FreeBSD and OpenSolaris are not yet supported.



IV. Third-Party Developers (Contributors)
=========================================

If you intend to implement a feature, please contact us first to make sure:

1) That the feature has not been implemented (we may have already implemented
   it, but haven't released the code yet).
2) That the feature is acceptable.
3) Whether we need help of third-party developers with implementing the feature.

Information on how to contact us can be found at:
https://veracrypt.codeplex.com/



V. Legal Information
====================

Copyright Information
---------------------

This software as a whole:
Copyright (c) 2013-2015 IDRIX. All rights reserved.

Portions of this software:
Copyright (c) 2003-2012 TrueCrypt Developers Association. All rights reserved.
Copyright (c) 1998-2000 Paul Le Roux. All rights reserved.
Copyright (c) 1998-2008 Brian Gladman, Worcester, UK. All rights reserved.
Copyright (c) 2002-2004 Mark Adler. All rights reserved.
For more information, please see the legal notices attached to parts of the
source code.

Trademark Information
---------------------

Any trademarks contained in the source code, binaries, and/or in the 
documentation, are the sole property of their respective owners.



VI. Further Information
=======================

http://www.veracrypt.fr