Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for database encryption callback [JDBC527] #561

Closed
firebird-automations opened this issue Apr 14, 2018 · 6 comments
Closed

Add support for database encryption callback [JDBC527] #561

firebird-automations opened this issue Apr 14, 2018 · 6 comments

Comments

@firebird-automations
Copy link

Submitted by: @mrotteveel

Add basic support for handling database encryption callback (op_crypt_key_callback), supporting a fixed response with a value provided through a connection property. The implementation will not support pluggability, but will prepare for future plugin support.

The connection property should take a base64 value, but it might be wise to prepare it for supporting additional types (maybe use dbCryptData=base64:<base64-value>, this could also allow for hex:<hex-value> and maybe <plain-value>). Support must be available for DriverManager and data sources.

This should be implemented as an internal minimal plugin/SPI, which is created using the (string) value of dbCryptData, decoding the base64 would be the responsibility of this plugin(!). The implementation should call this plugin with the received server-data (+ size) and return the client-data (in this case the fixed value configured using dbCryptData, or null/empty if no value is provided). Choosing this implementation will allow building this out to support additional plugins in the future.

Support for JNA will only be done if it is simple enough to do, otherwise a new ticket will be created for future addition.

Commits: df6d50b ccc512e

@firebird-automations
Copy link
Author

Modified by: @mrotteveel

description: Add basic support for handling database encryption callback (op_crypt_key_callback), supporting a fixed response with a value provided through a connection property. The implementation will not support pluggability, but will prepare for future plugin support.

The connection property should take a base64 value, but it might be wise to prepare it for supporting additional types (maybe use dbCryptData=base64:<base64-value>, this could also allow for hex:<hex-value> and maybe <plain-value>). Support must be available for DriverManager and data sources.

This should be implemented as an internal minimal plugin/SPI, which is created using the (string) value of dbCryptData, decoding the base64 would be the responsibility of this plugin(!). The implementation should call this plugin with the received server-data (+ size) and return the client-data (in this case the fixed value configured using dbCryptData, or null/empty if no value is provided. Choosing this implementation will allow building this out to support additional plugins in the future.

Support for JNA will only be done if it is simple enough to do, otherwise a new ticket will be created for future addition.

=>

Add basic support for handling database encryption callback (op_crypt_key_callback), supporting a fixed response with a value provided through a connection property. The implementation will not support pluggability, but will prepare for future plugin support.

The connection property should take a base64 value, but it might be wise to prepare it for supporting additional types (maybe use dbCryptData=base64:<base64-value>, this could also allow for hex:<hex-value> and maybe <plain-value>). Support must be available for DriverManager and data sources.

This should be implemented as an internal minimal plugin/SPI, which is created using the (string) value of dbCryptData, decoding the base64 would be the responsibility of this plugin(!). The implementation should call this plugin with the received server-data (+ size) and return the client-data (in this case the fixed value configured using dbCryptData, or null/empty if no value is provided). Choosing this implementation will allow building this out to support additional plugins in the future.

Support for JNA will only be done if it is simple enough to do, otherwise a new ticket will be created for future addition.

@firebird-automations
Copy link
Author

Modified by: @mrotteveel

Fix Version: Jaybird 3.0.4 [ 10861 ]

Fix Version: Jaybird 4 [ 10441 ]

Version: Jaybird 3.0.4 [ 10861 ] =>

Version: Jaybird 4 [ 10441 ] =>

@firebird-automations
Copy link
Author

Modified by: @mrotteveel

Component: JNI/JNA layer [ 10051 ] =>

@firebird-automations
Copy link
Author

Commented by: @mrotteveel

Initial implementation done. Only supported in wire protocol v13, not in native/embedded.

@firebird-automations
Copy link
Author

Modified by: @mrotteveel

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

@firebird-automations
Copy link
Author

Modified by: @mrotteveel

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants