On 05/14/18 12:52, Dimitry Sibiryakov wrote:
14.05.2018 11:42, Alex Peshkoff via Firebird-devel wrote:
Returning to your cases:
a) ICryptKeyCallback::callback() returned zero because application
key not needed
Well written key holder will not try to talk to client at all if it
already has a key...
No matter how key holder is written: it has no idea which crypt
plugin and database it is loaded for at the point when keyCallback is
called. There is no information to decide if it has needed key or the
key it has is not for this database.
If key holder is expected to work with both types of keys secrtainly it
should try to talk to client. One written only for use of non-client
keys should not. Wjat a problem?
c) Key plugin is refused by application as a fake one.
It's normal error from server's POV. I'm even not sure is it good
idea to notify fake plugin that it's attack was detected ;-)
Ok, but how can application inform server that this key holder is
wrong?
Return empty reply.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel