Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for database encryption callback [JDBC527] #561

Closed
firebird-issue-importer opened this issue Apr 14, 2018 · 6 comments
Closed

Add support for database encryption callback [JDBC527] #561

firebird-issue-importer opened this issue Apr 14, 2018 · 6 comments

Comments

@firebird-issue-importer

Submitted by: @mrotteveel

Add basic support for handling database encryption callback (op_crypt_key_callback), supporting a fixed response with a value provided through a connection property. The implementation will not support pluggability, but will prepare for future plugin support.

The connection property should take a base64 value, but it might be wise to prepare it for supporting additional types (maybe use dbCryptData=base64:<base64-value>, this could also allow for hex:<hex-value> and maybe <plain-value>). Support must be available for DriverManager and data sources.

This should be implemented as an internal minimal plugin/SPI, which is created using the (string) value of dbCryptData, decoding the base64 would be the responsibility of this plugin(!). The implementation should call this plugin with the received server-data (+ size) and return the client-data (in this case the fixed value configured using dbCryptData, or null/empty if no value is provided). Choosing this implementation will allow building this out to support additional plugins in the future.

Support for JNA will only be done if it is simple enough to do, otherwise a new ticket will be created for future addition.

Commits: df6d50b ccc512e

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Apr 14, 2018

Modified by: @mrotteveel

description: Add basic support for handling database encryption callback (op_crypt_key_callback), supporting a fixed response with a value provided through a connection property. The implementation will not support pluggability, but will prepare for future plugin support.

The connection property should take a base64 value, but it might be wise to prepare it for supporting additional types (maybe use dbCryptData=base64:<base64-value>, this could also allow for hex:<hex-value> and maybe <plain-value>). Support must be available for DriverManager and data sources.

This should be implemented as an internal minimal plugin/SPI, which is created using the (string) value of dbCryptData, decoding the base64 would be the responsibility of this plugin(!). The implementation should call this plugin with the received server-data (+ size) and return the client-data (in this case the fixed value configured using dbCryptData, or null/empty if no value is provided. Choosing this implementation will allow building this out to support additional plugins in the future.

Support for JNA will only be done if it is simple enough to do, otherwise a new ticket will be created for future addition.

=>

Add basic support for handling database encryption callback (op_crypt_key_callback), supporting a fixed response with a value provided through a connection property. The implementation will not support pluggability, but will prepare for future plugin support.

The connection property should take a base64 value, but it might be wise to prepare it for supporting additional types (maybe use dbCryptData=base64:<base64-value>, this could also allow for hex:<hex-value> and maybe <plain-value>). Support must be available for DriverManager and data sources.

This should be implemented as an internal minimal plugin/SPI, which is created using the (string) value of dbCryptData, decoding the base64 would be the responsibility of this plugin(!). The implementation should call this plugin with the received server-data (+ size) and return the client-data (in this case the fixed value configured using dbCryptData, or null/empty if no value is provided). Choosing this implementation will allow building this out to support additional plugins in the future.

Support for JNA will only be done if it is simple enough to do, otherwise a new ticket will be created for future addition.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Apr 14, 2018

Modified by: @mrotteveel

Fix Version: Jaybird 3.0.4 [ 10861 ]

Fix Version: Jaybird 4 [ 10441 ]

Version: Jaybird 3.0.4 [ 10861 ] =>

Version: Jaybird 4 [ 10441 ] =>

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Apr 29, 2018

Modified by: @mrotteveel

Component: JNI/JNA layer [ 10051 ] =>

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Apr 29, 2018

Commented by: @mrotteveel

Initial implementation done. Only supported in wire protocol v13, not in native/embedded.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Apr 29, 2018

Modified by: @mrotteveel

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 5, 2018

Modified by: @mrotteveel

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants