07.11.2015 15:57, Vlad Khorsun wrote: > I'd say it will be good to have ability to validate encryption key when > it is passed into the engine. I.e. not at every page read
Say, a malefactor has algorithm, but not a key (which is usual situation in OSS world). In this case it is easy to forge a key that pass validation but still crash the server. I'd suggest to reserve last four bytes on every page and put CRC32 checksum there. This way we can be protected from both wrong decryption and partial hardware writes (which has bigger probability when we have bigger pages). -- WBR, SD. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
