| 1 | // -------------------------------------------------------------------------- |
|---|
| 2 | // |
|---|
| 3 | // File |
|---|
| 4 | // Name: BackupClientCryptoKeys.cpp |
|---|
| 5 | // Purpose: function for setting up all the backup client keys |
|---|
| 6 | // Created: 1/12/03 |
|---|
| 7 | // |
|---|
| 8 | // -------------------------------------------------------------------------- |
|---|
| 9 | |
|---|
| 10 | #include "Box.h" |
|---|
| 11 | |
|---|
| 12 | #include <string.h> |
|---|
| 13 | |
|---|
| 14 | #include "BackupClientCryptoKeys.h" |
|---|
| 15 | #include "FileStream.h" |
|---|
| 16 | #include "BackupStoreFilenameClear.h" |
|---|
| 17 | #include "BackupStoreException.h" |
|---|
| 18 | #include "BackupClientFileAttributes.h" |
|---|
| 19 | #include "BackupStoreFile.h" |
|---|
| 20 | |
|---|
| 21 | #include "MemLeakFindOn.h" |
|---|
| 22 | |
|---|
| 23 | // -------------------------------------------------------------------------- |
|---|
| 24 | // |
|---|
| 25 | // Function |
|---|
| 26 | // Name: BackupClientCryptoKeys_Setup(const char *) |
|---|
| 27 | // Purpose: Read in the key material file, and set keys to all the backup elements required. |
|---|
| 28 | // Created: 1/12/03 |
|---|
| 29 | // |
|---|
| 30 | // -------------------------------------------------------------------------- |
|---|
| 31 | void BackupClientCryptoKeys_Setup(const std::string& rKeyMaterialFilename) |
|---|
| 32 | { |
|---|
| 33 | // Read in the key material |
|---|
| 34 | unsigned char KeyMaterial[BACKUPCRYPTOKEYS_FILE_SIZE]; |
|---|
| 35 | |
|---|
| 36 | // Open the file |
|---|
| 37 | FileStream file(rKeyMaterialFilename); |
|---|
| 38 | |
|---|
| 39 | // Read in data |
|---|
| 40 | if(!file.ReadFullBuffer(KeyMaterial, BACKUPCRYPTOKEYS_FILE_SIZE, 0)) |
|---|
| 41 | { |
|---|
| 42 | THROW_EXCEPTION(BackupStoreException, CouldntLoadClientKeyMaterial) |
|---|
| 43 | } |
|---|
| 44 | |
|---|
| 45 | // Setup keys and encoding method for filename encryption |
|---|
| 46 | BackupStoreFilenameClear::SetBlowfishKey( |
|---|
| 47 | KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_KEY_START, |
|---|
| 48 | BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH, |
|---|
| 49 | KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_IV_START, |
|---|
| 50 | BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH); |
|---|
| 51 | BackupStoreFilenameClear::SetEncodingMethod( |
|---|
| 52 | BackupStoreFilename::Encoding_Blowfish); |
|---|
| 53 | |
|---|
| 54 | // Setup key for attributes encryption |
|---|
| 55 | BackupClientFileAttributes::SetBlowfishKey( |
|---|
| 56 | KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, |
|---|
| 57 | BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH); |
|---|
| 58 | |
|---|
| 59 | // Setup secret for attribute hashing |
|---|
| 60 | BackupClientFileAttributes::SetAttributeHashSecret( |
|---|
| 61 | KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START, |
|---|
| 62 | BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_LENGTH); |
|---|
| 63 | |
|---|
| 64 | // Setup keys for file data encryption |
|---|
| 65 | BackupStoreFile::SetBlowfishKeys( |
|---|
| 66 | KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, |
|---|
| 67 | BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH, |
|---|
| 68 | KeyMaterial + BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START, |
|---|
| 69 | BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_LENGTH); |
|---|
| 70 | |
|---|
| 71 | #ifndef HAVE_OLD_SSL |
|---|
| 72 | // Use AES where available |
|---|
| 73 | BackupStoreFile::SetAESKey( |
|---|
| 74 | KeyMaterial + BACKUPCRYPTOKEYS_FILE_AES_KEY_START, |
|---|
| 75 | BACKUPCRYPTOKEYS_FILE_AES_KEY_LENGTH); |
|---|
| 76 | #endif |
|---|
| 77 | |
|---|
| 78 | // Wipe the key material from memory |
|---|
| 79 | #ifdef _MSC_VER // not defined on MinGW |
|---|
| 80 | SecureZeroMemory(KeyMaterial, BACKUPCRYPTOKEYS_FILE_SIZE); |
|---|
| 81 | #else |
|---|
| 82 | ::memset(KeyMaterial, 0, BACKUPCRYPTOKEYS_FILE_SIZE); |
|---|
| 83 | #endif |
|---|
| 84 | } |
|---|
| 85 | |
|---|
