Security Audit report: 4.2. Enhance encryption of values in memory.

This commit is contained in:
Jim Norman 2006-04-19 20:22:39 +00:00
parent 3fbb9e92d2
commit ac0dbfc4e4
2 changed files with 17 additions and 14 deletions

View File

@ -1,3 +1,7 @@
-------------------------------------------------------------------
Wed Apr 19 14:22:10 MST 2006 - jnorman@novell.com
- Security Audit report: 4.2. Enhance encryption of values in memory.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Apr 17 15:47:10 MST 2006 - jnorman@novell.com Mon Apr 17 15:47:10 MST 2006 - jnorman@novell.com
- Security Audit. Checkpoint changes thus far to c code. - Security Audit. Checkpoint changes thus far to c code.

View File

@ -132,7 +132,7 @@ namespace sscs.cache
return mLinkedKeys; return mLinkedKeys;
} }
private DateTime m_dtEncryptTime = DateTime.Now;
private DateTime m_created; private DateTime m_created;
public DateTime CreatedTime public DateTime CreatedTime
{ {
@ -177,6 +177,8 @@ namespace sscs.cache
private byte[] EncryptValue(byte[] baValueClear) private byte[] EncryptValue(byte[] baValueClear)
{ {
// set encrypttime
m_dtEncryptTime = DateTime.Now;
return (XORValue(baValueClear)); return (XORValue(baValueClear));
} }
@ -193,15 +195,12 @@ namespace sscs.cache
private byte[] XORValue(byte[] baInput) private byte[] XORValue(byte[] baInput)
{ {
byte[] baOutput = new byte[baInput.Length]; byte[] baOutput = new byte[baInput.Length];
Random rand = new Random((int)m_created.Ticks); Random ranNum = new Random(this.Key.GetHashCode());
for (int i=0; i<baInput.Length; i++) for (int i=0; i<baInput.Length; i++)
{ {
baOutput[i] = (byte)((int)baInput[i] ^ rand.Next()); baOutput[i] = (byte)((int)baInput[i] ^ ranNum.Next() ^ (~i) ^ m_dtEncryptTime.Ticks);
} }
return baOutput; return baOutput;
} }