LMDB encryption support

2017-08-10 Thread Howard Chu
I've recently added support for page-level encryption to LMDB 1.x using user-supplied callbacks: /** @brief A callback function used to encrypt/decrypt pages in the env. * * Encrypt or decrypt the data in src and store the result in dst using the * provided key. The result must be the same

Re: LMDB encryption support

2017-08-10 Thread Greg Hudson
On 08/10/2017 11:55 AM, Howard Chu wrote: > Thoughts? Hardcode 1 algorithm, or leave it pluggable? Some thoughts, without advocating for either option: * If support isn't built-in, then generic LMDB tools (including mdb_copy/dump/load/stat) can't operate on encrypted databases, if they need

Re: LMDB encryption support

2017-08-10 Thread Howard Chu
Greg Hudson wrote: On 08/10/2017 11:55 AM, Howard Chu wrote: Thoughts? Hardcode 1 algorithm, or leave it pluggable? Some thoughts, without advocating for either option: * If support isn't built-in, then generic LMDB tools (including mdb_copy/dump/load/stat) can't operate on encrypted

Re: LMDB encryption support

2017-08-10 Thread Timur Kristóf
Hi, > I've recently added support for page-level encryption to LMDB 1.x > using user-supplied callbacks That does sound cool. :) > One question is whether we should actually make this pluggable like > this, or > we should just hardcode support for a specific algorithm and leave it > at that.

Re: LMDB encryption support

2017-08-10 Thread Milosz Tanski
On Thu, Aug 10, 2017 at 11:55 AM, Howard Chu wrote: > > I've recently added support for page-level encryption to LMDB 1.x using > user-supplied callbacks: > > /** @brief A callback function used to encrypt/decrypt pages in the env. > * > * Encrypt or decrypt the data in src and

Re: LMDB encryption support

2017-08-10 Thread Howard Chu
Timur Kristóf wrote: Hi, I've recently added support for page-level encryption to LMDB 1.x using user-supplied callbacks That does sound cool. :) One question is whether we should actually make this pluggable like this, or we should just hardcode support for a specific algorithm and leave

Re: LMDB encryption support

2017-08-10 Thread Michael Ströder
Howard Chu wrote: > I've recently added support for page-level encryption to LMDB 1.x using > user-supplied > callbacks: Interesting. > Thoughts? Hardcode 1 algorithm, or leave it pluggable? "Cryptographic algorithms age; they become weaker with time." [1] Ciao, Michael. [1]