Import upstream version 0.11~rc3~r2491

1 files changed, 35 insertions, 17 deletions

diff --git a/lib/backupclient/BackupClientCryptoKeys.cpp b/lib/backupclient/BackupClientCryptoKeys.cpp
index 46b77f0a..7a8da7ba 100644
--- a/lib/backupclient/BackupClientCryptoKeys.cpp
+++ b/lib/backupclient/BackupClientCryptoKeys.cpp
@@ -28,40 +28,58 @@
 //		Created: 1/12/03
 //
 // --------------------------------------------------------------------------
-void BackupClientCryptoKeys_Setup(const char *KeyMaterialFilename)
+void BackupClientCryptoKeys_Setup(const std::string& rKeyMaterialFilename)
 {
 	// Read in the key material
 	unsigned char KeyMaterial[BACKUPCRYPTOKEYS_FILE_SIZE];
 	
 	// Open the file
-	FileStream file(KeyMaterialFilename);
+	FileStream file(rKeyMaterialFilename);
+
 	// Read in data
 	if(!file.ReadFullBuffer(KeyMaterial, BACKUPCRYPTOKEYS_FILE_SIZE, 0))
 	{
 		THROW_EXCEPTION(BackupStoreException, CouldntLoadClientKeyMaterial)
 	}
 	
-	// Tell the filename how to encrypt
-	BackupStoreFilenameClear::SetBlowfishKey(KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_KEY_START, BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH,
-		KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_IV_START, BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH);
-	BackupStoreFilenameClear::SetEncodingMethod(BackupStoreFilename::Encoding_Blowfish);
+	// Setup keys and encoding method for filename encryption
+	BackupStoreFilenameClear::SetBlowfishKey(
+		KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_KEY_START,
+		BACKUPCRYPTOKEYS_FILENAME_KEY_LENGTH,
+		KeyMaterial + BACKUPCRYPTOKEYS_FILENAME_IV_START,
+		BACKUPCRYPTOKEYS_FILENAME_IV_LENGTH);
+	BackupStoreFilenameClear::SetEncodingMethod(
+		BackupStoreFilename::Encoding_Blowfish);
+
+	// Setup key for attributes encryption
+	BackupClientFileAttributes::SetBlowfishKey(
+		KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, 
+		BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH);
+
+	// Setup secret for attribute hashing
+	BackupClientFileAttributes::SetAttributeHashSecret(
+		KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START,
+		BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_LENGTH);
 
-	// Tell the attributes how to encrypt
-	BackupClientFileAttributes::SetBlowfishKey(KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH);
-	// and the secret for hashing
-	BackupClientFileAttributes::SetAttributeHashSecret(KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_START, BACKUPCRYPTOKEYS_ATTRIBUTE_HASH_SECRET_LENGTH);
+	// Setup keys for file data encryption
+	BackupStoreFile::SetBlowfishKeys(
+		KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START,
+		BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH,
+		KeyMaterial + BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START,
+		BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_LENGTH);
 
-	// Tell the files how to encrypt
-	BackupStoreFile::SetBlowfishKeys(KeyMaterial + BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_START, BACKUPCRYPTOKEYS_ATTRIBUTES_KEY_LENGTH,
-		KeyMaterial + BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_START, BACKUPCRYPTOKEYS_FILE_BLOCK_ENTRY_KEY_LENGTH);
 #ifndef HAVE_OLD_SSL
 	// Use AES where available
-	BackupStoreFile::SetAESKey(KeyMaterial + BACKUPCRYPTOKEYS_FILE_AES_KEY_START, BACKUPCRYPTOKEYS_FILE_AES_KEY_LENGTH);
+	BackupStoreFile::SetAESKey(
+		KeyMaterial + BACKUPCRYPTOKEYS_FILE_AES_KEY_START,
+		BACKUPCRYPTOKEYS_FILE_AES_KEY_LENGTH);
 #endif
 
 	// Wipe the key material from memory
-	::memset(KeyMaterial, 0, BACKUPCRYPTOKEYS_FILE_SIZE);
+	#ifdef _MSC_VER // not defined on MinGW
+		SecureZeroMemory(KeyMaterial, BACKUPCRYPTOKEYS_FILE_SIZE);
+	#else
+		::memset(KeyMaterial, 0, BACKUPCRYPTOKEYS_FILE_SIZE);
+	#endif
 }
 
-
-