How does the protocol for the database encryption callback work? If I look at the implementation in Firebird, it just tries and keep sending the same key in a while loop until Firebird responds with something other than op_crypt_key_callback, which seems a bit weird.

So what is in the buffer of the op_crypt_key_callback from server to client, and what should be in the op_crypt_key_callback from client to server? Or is that plugin specific?

Also, IIRC, there was a change for database encryption that led to wire protocol v14, exactly what changed between wire protocol v13 and v14?

On a related note, when using the native API, it looks like the encryption callback registration is process-wide instead of attachment-specific. Isn't that a great way to send encryption keys to the wrong system (if you're using multiple databases and/or systems)?

Mark Rotteveel

Check out the vibrant tech community on one of the world's most
engaging tech sites,!
Firebird-Devel mailing list, web interface at

Reply via email to