New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve control over database crypt keys [CORE5100] #2002
Comments
Modified by: @AlexPeshkoffassignee: Alexander Peshkov [ alexpeshkoff ] |
Modified by: @AlexPeshkoffstatus: Open [ 1 ] => Resolved [ 5 ] resolution: Fixed [ 1 ] Fix Version: 3.0 RC2 [ 10048 ] |
Commented by: @aafemt Didn't you say that databases.conf have to be used for configuring a key holder for a particular database?.. |
Commented by: @AlexPeshkoff I hope I've said _may_ be used, but anyway I do not see direct relationship between providing key name and using different key holder plugins. |
Commented by: @aafemt No, you said exactly that: "key holder must never be configured in (common) firebird.conf, they have to be set in databases.conf for each encrypted database separately, so no problem with keys because every single key holder is used for exactly one database". That time I didn't agree and now in Avalerion every database has unique id and this id is provided to crypt plugin and key holder for db/key identification. |
Commented by: @AlexPeshkoff I can't find that phrase in Sent email... |
Commented by: @aafemt Your implementation is plain wrong. You must not remove key name and hash from header until complete database decode. Otherwise you lose ability to resume the process if it is aborted in a half and leave database broken. |
Commented by: @aafemt BTW, to make from 128 bits sample 160 bits hash and then blow it even more with base64 - also not a perfect idea. You'd better use sample of a page size at least and store the hash as is (header clumplet can keep binary data w/o problem). |
Commented by: @AlexPeshkoff Implementation fixed. |
Modified by: @pavel-zotovstatus: Resolved [ 5 ] => Resolved [ 5 ] QA Status: No test => Cannot be tested |
Submitted by: @AlexPeshkoff
It's necessary to be able to provide different keys to dbcrypt plugin for different databases. In case when invalid key is provided an error should be reported (segfault in server due to damaged ODS is not accepted to be good way to report such errors).
Commits: 0e45ec6 e7270be 0c2f694 c824acf bebf1d5 FirebirdSQL/fbt-repository@a4e31f2 FirebirdSQL/fbt-repository@90723ab FirebirdSQL/fbt-repository@6839df9 FirebirdSQL/fbt-repository@a05d8f3 FirebirdSQL/fbt-repository@0bbc34e
The text was updated successfully, but these errors were encountered: