Key Escrow Service
The following explains how to apply the necessary modifications to the regular Windows TrueCrypt source to create the escrow enabled version.

NOTE: Using the prepared project files is the recommended method for creating the windows client. This page exists to document the additions to the original TrueCrypt source code.


The TrueCrypt escrow client install begins with the TrueCrypt source code file and the wfu.tar.gz file. The first step is to download these two files.

These instructions assume you will begin with these two files in the same directory on a unix system. We will assign a variable to this directory. Download and unzip the files.

This will create the directory wfu containing the libwfu files, and the directory truecrypt-4.3a-source-code containing the TrueCrypt source code.

Apply Patch

A patch file needs to be applied to a few files of the TrueCrypt source code. A couple of additional files are added to the client.


The majority of the escrow functionality is developed in the libwfu library file. The above patches add function calls to the libwfu routines that perform the escrow process. Thus, the compilation should be perfomed in two phases. The first phase compiles the client portion of the libwfu code. Next, you would compile the modified TrueCrypt code and link it with the libwfu library.

Using the prepared project files simplifies this process.