Changeset 2272 for box/trunk/lib/backupclient/BackupClientCryptoKeys.cpp

Timestamp:

06/09/2008 11:50:33 (4 years ago)

Author:

chris

Message:

Reformat for readability.

Use SecureZeroMemory? rather than memset() to wipe key material on Windows.

File:

• box/trunk/lib/backupclient/BackupClientCryptoKeys.cpp (modified) (2 diffs)

box/trunk/lib/backupclient/BackupClientCryptoKeys.cpp

@@ -36 +36 @@
         // Open the file
         FileStream file(rKeyMaterialFilename);
+
         // Read in data
         if(!file.ReadFullBuffer(KeyMaterial, BACKUPCRYPTOKEYS_FILE_SIZE, 0))
@@ -42 +43 @@
         }
         
-        // Tell the filename how to encrypt
-        BackupStoreFilenameClear::SetBlowfishKey(KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_KEY_START, BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH,
-                KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_IV_START, BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH);
-        BackupStoreFilenameClear::SetEncodingMethod(BackupStoreFilename::Encoding_Blowfish);
+        // Setup keys and encoding method for filename encryption
+        BackupStoreFilenameClear::SetBlowfishKey(
+                KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_KEY_START,
+                BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH,
+                KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_IV_START,
+                BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH);
+        BackupStoreFilenameClear::SetEncodingMethod(
+                BackupStoreFilename::Encoding_Blowfish);
 
-        // Tell the attributes how to encrypt
-        BackupClientFileAttributes::SetBlowfishKey(KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH);
-        // and the secret for hashing
-        BackupClientFileAttributes::SetAttributeHashSecret(KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START, BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_LENGTH);
+        // Setup key for attributes encryption
+        BackupClientFileAttributes::SetBlowfishKey(
+                KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, 
+                BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH);
 
-        // Tell the files how to encrypt
-        BackupStoreFile::SetBlowfishKeys(KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH,
-                KeyMaterial + BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START, BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_LENGTH);
+        // Setup secret for attribute hashing
+        BackupClientFileAttributes::SetAttributeHashSecret(
+                KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START,
+                BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_LENGTH);
+
+        // Setup keys for file data encryption
+        BackupStoreFile::SetBlowfishKeys(
+                KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START,
+                BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH,
+                KeyMaterial + BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START,
+                BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_LENGTH);
+
 #ifndef HAVE_OLD_SSL
         // Use AES where available
-        BackupStoreFile::SetAESKey(KeyMaterial + BACKUPCRYPTOKEYS_FILE_AES_KEY_START, BACKUPCRYPTOKEYS_FILE_AES_KEY_LENGTH);
+        BackupStoreFile::SetAESKey(
+                KeyMaterial + BACKUPCRYPTOKEYS_FILE_AES_KEY_START,
+                BACKUPCRYPTOKEYS_FILE_AES_KEY_LENGTH);
 #endif
 
         // Wipe the key material from memory
-        ::memset(KeyMaterial, 0, BACKUPCRYPTOKEYS_FILE_SIZE);
+        #ifdef _MSC_VER // not defined on MinGW
+                SecureZeroMemory(KeyMaterial, BACKUPCRYPTOKEYS_FILE_SIZE);
+        #else
+                ::memset(KeyMaterial, 0, BACKUPCRYPTOKEYS_FILE_SIZE);
+        #endif
 }
 
-
-