08.11.2015 15:53, Vlad Khorsun wrote: > Only reliable way to validate encryption key is to use it in encryption, > for example: > encrypt something using correct key and decrypt using key to validate and > compare results.
It is nice, but if you have a correct key and an user provided key, why not just to compare them, without wasting time to encryption/decryption?.. And generally, if you already have a key, what the point to use one received from user? At least for symmetric algorithms. -- WBR, SD. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
