14.05.2018 11:42, Alex Peshkoff via Firebird-devel wrote:
Returning to your cases:
a) ICryptKeyCallback::callback() returned zero because application key not
needed
Well written key holder will not try to talk to client at all if it already has
a key...
No matter how key holder is written: it has no idea which crypt plugin and database it
is loaded for at the point when keyCallback is called. There is no information to decide
if it has needed key or the key it has is not for this database.
c) Key plugin is refused by application as a fake one.
It's normal error from server's POV. I'm even not sure is it good idea to notify fake
plugin that it's attack was detected ;-)
Ok, but how can application inform server that this key holder is wrong?
--
WBR, SD.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
