08.11.2015 19:13, Dimitry Sibiryakov wrote: > 08.11.2015 18:11, Vlad Khorsun wrote: >> 08.11.2015 17:01, Dimitry Sibiryakov wrote: >>>> 08.11.2015 15:53, Vlad Khorsun wrote: >>>>>> Only reliable way to validate encryption key is to use it in >>>>>> encryption, for example: >>>>>> encrypt something using correct key and decrypt using key to validate >>>>>> and compare results. >>>> >>>> It is nice, but if you have a correct key >> I have no key, expect of what user provide to me > > Ok. Then explain what you meant with "encrypt something using correct key > and decrypt > using key to validate" if you have only one key?
I have correct encryption key when user first encrypt database. It is possible to encrypt something known to the engine by this key and store somewhere. Next time this encrypted data could be used to verify user-supplied key. BTW, this also could by done by crypto-plugin itself, especially if engine have no access to the keys (i don't remember enough details right now). Regards, Vlad ------------------------------------------------------------------------------ Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
