xanasoft · love-code-yeyixiao · Jun 20, 2025 · Jun 20, 2025 · Jun 21, 2025 · Jun 21, 2025
diff --git a/ImBox/CryptoIO.cpp b/ImBox/CryptoIO.cpp
@@ -74,6 +74,14 @@ CCryptoIO::CCryptoIO(CAbstractIO* pIO, const WCHAR* pKey, const std::wstring& Ci
 	m = new SCryptoIO;
 	m->Cipher = Cipher;
 	m->AllowFormat = false;
+/*
+#ifdef ENCLAVE_ENABLED
+	if (!IsEnclaveTypeSupported(ENCLAVE_TYPE_VBS))
+	{
+		OutputDebugString(L"Enclave not supported!\n");
+		ExitProcess(STATUS_NOT_SUPPORTED);
+	}
+#endif //  ENCLAVE_ENABLED*/
 
 	if (m->password) {
 		m->password->size = wcslen(pKey) * sizeof(wchar_t);
@@ -176,10 +184,67 @@ int CCryptoIO::InitCrypto()
 	m_pIO->DiskRead(header.ptr, sizeof(dc_header), 0);
 
 	int ret = dc_decrypt_header(header.ptr, m->password.ptr) ? ERR_OK : (m->AllowFormat ? ERR_INTERNAL : ERR_WRONG_PASSWORD);
+/*
+#ifdef ENCLAVE_ENABLED
+	// Create the enclave
+	if (ret == ERR_OK) {
+		constexpr ENCLAVE_CREATE_INFO_VBS CreateInfo
+		{
+			//ENCLAVE_VBS_FLAG_DEBUG, // Flags
+			0,
+			{ 0x10, 0x22, 0x30, 0x45, 0x41, 0x37, 0x21, 0x13 }, // OwnerID
+		};
+		Enclave = CreateEnclave(GetCurrentProcess(),
+			nullptr, // Preferred base address
+			0x10000000, // size
+			0,
+			ENCLAVE_TYPE_VBS,
+			&CreateInfo,
+			sizeof(ENCLAVE_CREATE_INFO_VBS),
+			nullptr);
+	}
+		if (Enclave == NULL) {
+			DbgPrint(L"CreateEnclave failed\n");
+			ret = ERR_INTERNAL;
+		}
+		if (ret == ERR_OK)
+			if (LoadEnclaveImageW(Enclave, L"ImBoxEnclave.dll") == FALSE)
+				ret = ERR_INTERNAL;
+		if (ret == ERR_OK) {
+			ENCLAVE_INIT_INFO_VBS InitInfo{};
+
+			InitInfo.Length = sizeof(ENCLAVE_INIT_INFO_VBS);
+			InitInfo.ThreadCount = 1;
+			if (InitializeEnclave(GetCurrentProcess(),
+				Enclave,
+				&InitInfo,
+				InitInfo.Length,
+				nullptr) == 0) {
+				ret= ERR_INTERNAL;
+			}
+		}
+
 
+#endif // ENCLAVE_ENABLED
+*/
 	if (ret == ERR_OK) {
+//#ifndef ENCLAVE_ENABLED
 		xts_set_key(header->key_1, header->alg_1, &m->benc_k);
-
+//#else
+		/*
+		PENCLAVE_ROUTINE EnclaveSetKey = reinterpret_cast<PENCLAVE_ROUTINE>(GetProcAddress(reinterpret_cast<HMODULE>(Enclave), "EnclaveSetKey"));
+		KeySetArgs args;
+		memset(&args,0,sizeof(args));
+		args.alg = header->alg_1;
+		args.key= header->key_1;
+		args.skey= &m->benc_k;
+		LPVOID rtn = 0;//We ignore the return value
+		if (CallEnclave(EnclaveSetKey, &args, 0, &rtn) == FALSE) {
+			return ERR_INTERNAL;
+		}
+		SecureZeroMemory(&args,sizeof(args));
+		SecureZeroMemory(rtn, sizeof(rtn));
+#endif*/
 		if (m->section && header->info_magic == DC_INFO_MAGIC) {
 			m->section->magic = SECTION_MAGIC;
 			m->section->id = SECTION_PARAM_ID_DATA;
@@ -202,6 +267,12 @@ int CCryptoIO::Init()
 		ret = InitCrypto();
 
 	m->password.free();
+#ifdef ENCLAVE_ENABLED
+	delete& m->benc_k;
+	//delete& m->Cipher;
+	//Clear key in the enternal thread
+#endif
+
 
 	return ret;
 }

diff --git a/ImBox/CryptoIO.h b/ImBox/CryptoIO.h
@@ -30,10 +30,20 @@ class CCryptoIO : public CAbstractIO
 protected:
 	virtual int InitCrypto();
 	virtual int WriteHeader(struct _dc_header* header);
-
+/*#ifdef ENCLAVE_ENABLED
+	PVOID Enclave;
+#endif*/
 	struct SCryptoIO* m;
 
 public:
 	CAbstractIO* m_pIO;
 };
-
+/*#ifdef ENCLAVE_ENABLED
+typedef struct KeySetArgs {
+	const unsigned char* key;
+	int alg;
+	xts_key* skey;
+} KeySetArgs;
+#endif
+
+*/
diff --git a/ImBox/ImBox.cpp b/ImBox/ImBox.cpp
@@ -142,6 +142,55 @@ int APIENTRY wWinMain(_In_ HINSTANCE hInstance,
 	}
 
     if (!key.empty() || !section.empty()) {
+#ifdef ENCLAVE_ENABLED
+        if (!IsEnclaveTypeSupported(ENCLAVE_TYPE_VBS))
+        {
+            OutputDebugString(L"Enclave not supported!\n");
+            ExitProcess(STATUS_NOT_SUPPORTED);
+        }
+#endif //  ENCLAVE_ENABLED
+#ifdef ENCLAVE_ENABLED
+        // Create the enclave
+        DWORD ret = 0;
+        if (ret == ERR_OK) {
+            constexpr ENCLAVE_CREATE_INFO_VBS CreateInfo
+            {
+                //ENCLAVE_VBS_FLAG_DEBUG, // Flags
+                0,
+                { 0x10, 0x22, 0x30, 0x45, 0x41, 0x37, 0x21, 0x13 }, // OwnerID
+            };
+            Enclave = CreateEnclave(GetCurrentProcess(),
+                nullptr, // Preferred base address
+                0x10000000, // size
+                0,
+                ENCLAVE_TYPE_VBS,
+                &CreateInfo,
+                sizeof(ENCLAVE_CREATE_INFO_VBS),
+                nullptr);
+        }
+        if (Enclave == NULL) {
+            DbgPrint(L"CreateEnclave failed\n");
+            ret = ERR_INTERNAL;
+        }
+        if (ret == ERR_OK)
+            if (LoadEnclaveImageW(Enclave, L"ImBoxEnclave.dll") == FALSE)
+                ret = ERR_INTERNAL;
+        if (ret == ERR_OK) {
+            ENCLAVE_INIT_INFO_VBS InitInfo{};
+
+            InitInfo.Length = sizeof(ENCLAVE_INIT_INFO_VBS);
+            InitInfo.ThreadCount = 1;
+            if (InitializeEnclave(GetCurrentProcess(),
+                Enclave,
+                &InitInfo,
+                InitInfo.Length,
+                nullptr) == 0) {
+                ret = ERR_INTERNAL;
+            }
+        }
+
+
+#endif
         CCryptoIO* pCrypto;
         if (key.empty()) {
             if (!pSection)

diff --git a/ImBox/ImBox.vcxproj b/ImBox/ImBox.vcxproj
@@ -37,39 +37,39 @@
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v142</PlatformToolset>
+    <PlatformToolset>v143</PlatformToolset>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v142</PlatformToolset>
+    <PlatformToolset>v143</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v142</PlatformToolset>
+    <PlatformToolset>v143</PlatformToolset>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>true</UseDebugLibraries>
-    <PlatformToolset>v142</PlatformToolset>
+    <PlatformToolset>v143</PlatformToolset>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v142</PlatformToolset>
+    <PlatformToolset>v143</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'" Label="Configuration">
     <ConfigurationType>Application</ConfigurationType>
     <UseDebugLibraries>false</UseDebugLibraries>
-    <PlatformToolset>v142</PlatformToolset>
+    <PlatformToolset>v143</PlatformToolset>
     <WholeProgramOptimization>true</WholeProgramOptimization>
     <CharacterSet>Unicode</CharacterSet>
   </PropertyGroup>

diff --git a/ImBox/dc/crypto_fast/xts_fast.c b/ImBox/dc/crypto_fast/xts_fast.c
@@ -16,6 +16,13 @@
     You should have received a copy of the GNU General Public License
     along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
+
+//!!IMPORTANT!! Please adjust it when you are going to publish non-enclave version
+#ifndef ENCLAVE_ENABLED
+#define ENCLAVE_ENABLED
+#endif // !
+
+
 #include <intrin.h>
 #include <emmintrin.h>
 //#include <excpt.h>

diff --git a/ImBox/dc/crypto_fast/xts_fast.h b/ImBox/dc/crypto_fast/xts_fast.h
@@ -1,6 +1,9 @@
 #ifndef _XTS_FAST_H_
 #define _XTS_FAST_H_
 
+
+
+
 #include <memory.h>
 #include "aes_key.h"
 #include "twofish.h"
@@ -52,4 +55,4 @@ int  _stdcall xts_aes_ni_available();
 	extern void load_fpu_state(unsigned char state[32]);
 #endif
 
-#endif
+#endif
diff --git a/ImBox/framework.h b/ImBox/framework.h
@@ -43,4 +43,7 @@ extern "C" {
 #include <memory>
 #include <locale>
 #include <codecvt>
-#include <algorithm>
+#include <algorithm>
+
+//Please adjust it when you are going to publish non-enclave version
+#define ENCLAVE_ENABLED