Commit Graph

25 Commits

Author SHA1 Message Date
Mounir IDRASSI adac089fd6 Linux/macOS: surface post-sudo elevation errors
Separate sudo authentication success from elevated request execution state by acknowledging when the elevated core service starts successfully.

Once that channel is available, propagate later failures instead of showing repeated administrator password dialogs. Initialize the sudo dummy-password flag consistently on macOS, avoiding an uninitialized read of UseDummySudoPassword.

Register admin-password cleanup before elevation attempts so plaintext sudo credentials are erased on early-return and post-sudo failure paths.

References #1788.
2026-06-21 04:29:32 +02:00
Mounir IDRASSI d26be95861 Update copyright year to 2026 2026-06-09 09:56:25 +09:00
Mounir IDRASSI c3ce2db9ac Document fixed Argon2id header key size
Argon2id includes the requested output length in its computation, so deriving 192 bytes and using a prefix is not equivalent to deriving only the selected cipher's key material length. This differs from PBKDF2, where the prefix property made this detail invisible.

VeraCrypt derives the maximum header key material currently needed by the supported cipher/cascade set, which is 192 bytes, and then uses the required prefix for the selected encryption algorithm. For AES-XTS this means the first 64 bytes of the 192-byte Argon2id output are used.

Make this design rule explicit in code and documentation by introducing ARGON2_HEADER_KEYDATA_SIZE instead of relying implicitly on GetMaxPkcs5OutSize. If a future cipher or cascade requires more than 192 bytes, that must be handled as an explicit format/design change.

Document the 192-byte Argon2id header KDF output requirement so third-party implementations derive the same header key material.

References: https://github.com/veracrypt/VeraCrypt/issues/1614
2026-05-21 18:10:06 +09:00
Mounir IDRASSI e59eb421fb Linux/macOS: Implement missing Argon2 KDF support on Unix 2026-04-19 17:52:44 +09:00
Mounir IDRASSI b673901503 Move copyright and links to "AM Crypo", amcrypto.jp and veracrypt.jp 2025-05-11 16:02:20 +09:00
Mounir IDRASSI 078d1410dd Linux/FreeBSD: Prevent mounting volumes on system directories and PATH (CVE-2025-23021, reported by SivertPL @__tfr)
Added security checks to prevent mounting VeraCrypt volumes on system directories (like /usr/bin) or directories in the user's PATH, which could theoretically allow execution of malicious binaries instead of legitimate system binaries.

Key changes:
- Block mounting on protected system directories (/usr, /bin, /lib, etc.)
  This restriction cannot be overridden
- Block mounting on directories present in user's PATH environment variable
  This can be overridden with --allow-insecure-mount flag
- Add visual warnings (red border, "[INSECURE MODE]") when mounting on PATH directories is allowed
- Handle symlinks properly when checking paths
- Add new error messages for blocked mount points

To override PATH-based restrictions only (system directories remain protected):
veracrypt --allow-insecure-mount [options] volume mountpoint

Security Impact: Low to Medium
The attack requires either:
- User explicitly choosing a system directory as mount point instead of using VeraCrypt's default mount points
- Or attacker having both filesystem access to modify favorites configuration AND knowledge of the volume password
Default mount points are not affected by this vulnerability.

Security: CVE-2025-23021
2025-01-14 14:59:45 +01:00
Mounir IDRASSI 1b35abb191 Increment version to 1.26.18. Update copyright date. Update Release Notes. Update Windows drivers. 2025-01-14 12:26:28 +01:00
Mounir IDRASSI ed1263bf8c Implement detection of volumes with vulnerable XTS master key.
If vulnerability detected, a warning message is displayed during mount or backup/restore header, and changing the password is disallowed since it will not change the master key.
2024-08-02 00:20:53 +02:00
Mounir IDRASSI 455a4f2176 Avoid conflict with C++17 features std::byte by using uint8 type instead of byte 2024-06-12 12:30:04 +02:00
Mounir IDRASSI 3f976c24d2 Linux/macOS: Remove TrueCrypt support 2023-07-24 08:48:52 +02:00
Mounir IDRASSI 034b64f415 EMV keyfile support: Overall code improvements and bug fixes 2023-06-29 00:06:20 +02:00
mmauv 502ab9112a Add EMV functionality (#1080)
* Add basic strcture needed for EMV implementation

* Add demo EMV functionality with C code pasted in a very dirty and unsafe way. NOT FINAL

* Refactor IccExtractor Structure

* Fix Makefile

* fix include file

* move global variables from h to c

* revert to memcpy

* fix icc data recovery functions

* Add EMV functionalities on windows

* Make EMVToken structures like SecurityToken

* Define constants instead of hard coded values

* Token structures created with inheritance

* refactor TokenKeyfile to use inherit. + polymor.

* add Token.h + Token.cpp in modules in VS2010

* Add a comment at each use of SecurityToken class or objects

* SecurityTokenKeyfilesDialog preparation

* Implemennt GetAvailableTokens in Token class on windows

* merge

* up (patching for Windows)

* foreach Token.cpp corrected

* Display EMV keyfiles on first window in graphic interface

* Add token to Windows UI

* EMVToken selection on OKButton on Linux

* Keyfile.cpp optimization

* Move getKeyfileData in the token class

* EMV::Token GetAvailableKeyfiles() base

* Move getKeyfileData in the token class on unix

* Remove test comments

* Warnings resolved

* RemoveeSecurityTokenLibraryNotInitialized exception if at least one emv token is detected

* Adding new files

* Remove old files and add the new version to the windows project

* Change make_shared to shared_ptr constructor

* IccExtractor integration working on linux

* Throwing card not EMV execption

* catch error when not EMV type in EMVToken::GetAvailableKeyfiles

* Change types to compile on windows

* list all keyfiles, security keyfiles and emv keyfiles in command line

* Change type to be coherent and remove old todo comments

* Remove todo comments

* Change indentation and resolve a bug from previous commit

* Use polymorphism for GetKeyfileData and add export option for EMVTokens on Linux

* Linux : Allow to export EMV Tokens in command lines, Windows : Disable the delete button when EMV Keyfiles are selected

* Remove SlotId from TokenInfo as it is already in Token

* Correct errors on Linux

* Disable delete option if one EMV Token is selected on Linux

* Fix bug enabling delete button if nothing is selected

* emv data used as reference then burnt

* use of normal files in linux corrected

* help updated

* help updated for export functionnality

* option EMV added to graphic interface but not yet working

* Bug fix : Allow to use multiple EMV on windows

* EMV Option added to UserPreferences

* EMV Option working for Linux

* EMV option added to Windows (not working yet)

* [NOT TESTED] EMV option for Windows

* Working EMV option on Windows

* EMV Option for data extraction working for volume creation

* EMV Option for data extraction working for Mount

* EMV Option for data extraction working for mounting favorites volumes

* EMV Option for extraction working for Changing volume password, Set Derivation Key Algorithm and Add or remove keyfile from volume

* Windows : re-checking EMV Option when getting data

* Removing error catches in the IccDataExtractor classe (It only throws error now). Changing GetPan signature to resemble the other functions signatures more

* Changing EMV errors

- Only throwing ICCExtractionException from outside of the ICC module.
- Catching all TLVExceptions and PCSCExceptions to throw the right ICCExtractionException

- Deleting APDU exceptions.

* First version of the documentation

* Adding function pointers for winscard library (but it crashes VeraCrypt)

* Debugging function pointers

* The import of the library on windows work as expected now

* Reverting EMVToken.cpp changes used to test to library import

* Searching for the System32 path instead of hard codding it

* Fixing the bug were VeraCrypt crashes if there is no readers when  "add Token files" is clicked

* Winscard library not initialized in object constructor anymore to delay it after EMVOption check

* Remove winscard lib from windows dependencies

* Properly displaying errors

* Adding a dot in Language.xml

* Catching TLVException

* Removing unused code

* Remove unusefull comments

* Trying to fix 0x1f error

* Update IccDataExtractor.cpp

* Delete History.xml

* Fix get data without get pan

* Cleanup code

* changes for linux compilation but linking not working

* error handling for linux

* erasing emv data

* Burn PAN

* Burn PAN from memory

* Uncomment selfcheck before merging master

* burn corrected

* EMV errors handling for Linux

* EMV working for Linux CLI

* Doc : Winscard Linux package and VeraCrypt versions

---------

Co-authored-by: doriandu45 <d45.poubelle@gmail.com>
Co-authored-by: red4game <redemgaiming@gmail.com>
Co-authored-by: Brice.Namy <brice.namy@insa-rennes.fr>
Co-authored-by: vocthor <pieceo108@gmail.com>
Co-authored-by: vocthor <67202139+vocthor@users.noreply.github.com>
Co-authored-by: Andrei COCAN <andrei.cocan@insa-rennes.fr>
Co-authored-by: AndreiCocan <95496161+AndreiCocan@users.noreply.github.com>
Co-authored-by: francoisLEROUX <francois3443@gmail.com>
2023-06-28 22:51:43 +02:00
Mounir IDRASSI 5fb407cffe Linux/MacOSX: use standard std::shared_ptr instead of our custom implementation which is kept for compatibility with older compilers. We also introduce compatibility code for old compilers that don't define std::unique_ptr 2020-06-26 01:22:18 +02:00
Mounir IDRASSI ce78f89017 Linux/FreeBSD: Add CLI switch to force use of old sudo behavior of sending a dummy password
The new switch is --use-dummy-sudo-password
2019-11-04 00:10:08 +01:00
Mounir IDRASSI 0ebc26e125 Update IDRIX copyright year 2017-06-23 22:15:59 +02:00
David Foerster 11716ed2da Remove trailing whitespace 2016-05-10 22:18:34 +02:00
Mounir IDRASSI bda7a1d0bd Copyright: update dates to include 2016. 2016-01-20 00:53:24 +01:00
Mounir IDRASSI 041024fbb9 Update license information to reflect the use of a dual license Apache 2.0 and TrueCrypt 3.0. 2015-08-06 00:04:25 +02:00
Mounir IDRASSI 2cd39b37c2 Linux/MacOSX: restore normal file mode to some source files 2015-06-24 15:33:23 +02:00
Mounir IDRASSI 9913af3a8e Linux/MacOSX: first dynamic mode implementation 2015-06-24 15:33:16 +02:00
Mounir IDRASSI c178e325b8 Linux/MacOSX: Implement TrueCrypt conversion and loading support. Correct many GTK issues linked to multi-threaded origine of events by implementing an automatic mechanism for handling such requests in the main thread. 2014-12-30 17:06:20 +01:00
Mounir IDRASSI 07156b6c09 Linux/MacOSX: Enhance performance by implementing the possibility to choose the correct hash algorithm of volumes during various operations (mount, change password...), both using the GUI and the command line. 2014-12-19 18:41:41 +01:00
Mounir IDRASSI cb6dad6bd2 Linux/MacOSX port of manual selection of number of passes for volume header over-write operation. 2014-11-08 23:21:49 +01:00
Mounir IDRASSI 41a22ca4e7 Change namespace from TrueCrypt to VeraCrypt. Rename method from Resources Resources::GetTrueCryptIcon to Resources::GetVeraCryptIcon. 2014-11-08 23:20:14 +01:00
Mounir IDRASSI 7ffce028d0 Add TrueCrypt 7.1a MacOSX/Linux specific source files. 2014-11-08 23:18:59 +01:00