| 1 | // -------------------------------------------------------------------------- |
|---|
| 2 | // |
|---|
| 3 | // File |
|---|
| 4 | // Name: BackupClientCryptoKeys.h |
|---|
| 5 | // Purpose: Format of crypto keys file, and function for setting everything up |
|---|
| 6 | // Created: 1/12/03 |
|---|
| 7 | // |
|---|
| 8 | // -------------------------------------------------------------------------- |
|---|
| 9 | |
|---|
| 10 | #ifndef BACKUPCLIENTCRYTOKEYS__H |
|---|
| 11 | #define BACKUPCLIENTCRYTOKEYS__H |
|---|
| 12 | |
|---|
| 13 | |
|---|
| 14 | // All keys are the maximum size that Blowfish supports. Since only the |
|---|
| 15 | // setup time is affected by key length (encryption same speed whatever) |
|---|
| 16 | // there is no disadvantage to using long keys as they are never |
|---|
| 17 | // transmitted and are static over long periods of time. |
|---|
| 18 | |
|---|
| 19 | |
|---|
| 20 | // All sizes in bytes. Some gaps deliberately left in the used material. |
|---|
| 21 | |
|---|
| 22 | // How long the key material file is expected to be |
|---|
| 23 | #define BACKUPCRYPTOKEYS_FILE_SIZE 1024 |
|---|
| 24 | |
|---|
| 25 | // key for encrypting filenames (448 bits) |
|---|
| 26 | #define BACKUPCRYPTOKEYS_FILENAME_KEY_START 0 |
|---|
| 27 | #define BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH 56 |
|---|
| 28 | #define BACKUPCRYPTOKEYS_FILENAME_IV_START (0 + BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH) |
|---|
| 29 | #define BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH 8 |
|---|
| 30 | |
|---|
| 31 | // key for encrypting attributes (448 bits) |
|---|
| 32 | #define BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START (BACKUPCRYPTOKEYS_FILENAME_KEY_START+64) |
|---|
| 33 | #define BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH 56 |
|---|
| 34 | |
|---|
| 35 | // Blowfish key for encrypting file data (448 bits (max blowfish key length)) |
|---|
| 36 | #define BACKUPCRYPTOKEYS_FILE_KEY_START (BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START+64) |
|---|
| 37 | #define BACKUPCRYPTOKEYS_FILE_KEY_LENGTH 56 |
|---|
| 38 | |
|---|
| 39 | // key for encrypting file block index entries |
|---|
| 40 | #define BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START (BACKUPCRYPTOKEYS_FILE_KEY_START+64) |
|---|
| 41 | #define BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_LENGTH 56 |
|---|
| 42 | |
|---|
| 43 | // Secret for hashing attributes |
|---|
| 44 | #define BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START (BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START+64) |
|---|
| 45 | #define BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_LENGTH 128 |
|---|
| 46 | |
|---|
| 47 | // AES key for encrypting file data (256 bits (max AES key length)) |
|---|
| 48 | #define BACKUPCRYPTOKEYS_FILE_AES_KEY_START (BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START+128) |
|---|
| 49 | #define BACKUPCRYPTOKEYS_FILE_AES_KEY_LENGTH 32 |
|---|
| 50 | |
|---|
| 51 | |
|---|
| 52 | void BackupClientCryptoKeys_Setup(const std::string& rKeyMaterialFilename); |
|---|
| 53 | |
|---|
| 54 | #endif // BACKUPCLIENTCRYTOKEYS__H |
|---|
| 55 | |
|---|
