On 11/20/2015 03:19 PM, Dimitry Sibiryakov wrote: > 20.11.2015 13:12, Vlad Khorsun wrote: >> Key holder allows engine to never see encryption key. It is very >> important as >> engine is open for everyone while plugins are private\closed code and could >> protect >> itself. It is not required by design to send the secret key over the wire in >> open form. >> All engine know about the key - its name\id. All engine see - some >> plugin-specific data >> passed in callback. Plugin author should take care how to hide secret key >> from attacker. > And?.. After my changes it still see "some plugin-specific data passed in > callback". No > difference. >
- uint callback(uint dataLength, const void* data, + uint callback(uint keyNameLength, const string keyName, Yes I understand that one can put some binary data into string :) But may be better not to suggest such technique to people? ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
