On 11/17/2015 07:48 PM, Dimitry Sibiryakov wrote: > 17.11.2015 17:40, Leyne, Sean wrote: >> For me, the sequence of operations for accessing a database would be: >> >> - Client initiates connection to remote server, requesting access to >> database XYZ.fdb (there is nothing new in the connection string other than >> what is available now) >> - engine tries to open database XYZ.fdb and read header page >> - engine determines that header page reads "I am encrypted and need key with >> name = ABCD" >> - engine determines (through server/database config settings) which plug-in >> to use >> - engine loads/calls plug-in asking "I have database which needs key with >> name = ABCD, are you able/ready to work?" >> - if plug-in says "Yes", then the engine proceeds with database open, and >> all non-header page operations are channeled through the plug-in >> - if plug-in says "No", then engine stops the database open, and returns >> error to client. > Currently it is this way: > > - Client application set callback for providing a key > - client application initiates connection to a database > - engine reads header > - engine reads crypt-plugin name from header > - engine loads the plugin > - plugin ask all configured key holders "does anybody have a key for me?" > - keyholder either can give the key or call application's callback to get > confirmation > beforehand > - if any piece of the chain raise error, connect fail > - if provided key is wrong, engine crash >
I must pay attention that this is how things are done in trivial _sample_ of crypt plugin, provided with fb3. But even with it it's not _required_ to use all this steps exactly. This sample maybe configured making keyholder (or crypt) plugin read encryption key from configuration file instead calling someone else for it. Certainly, that's not a way to store keys in reality but taking into an account that 1-byte key is also not good for reality seems ok for demonstration. In general case crypt plugin may ask key holder(s) to provide a key or do it in some other way. Key holder also not enforced to use callback to client - it may get a key in any pther manner, for example from key server on LAN. ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
