mirror of
https://github.com/FirebirdSQL/firebird.git
synced 2025-01-24 01:23:03 +01:00
Enabled generic support for the database encryption. The key part of the feature is still protected by the macro. Proven to work on win32.
This commit is contained in:
dimitr
parent
3d156a0aab
commit
c11ec94f4f
@ -302,9 +302,7 @@ typedef struct dpb
|
||||
TEXT* dpb_password_enc;
|
||||
TEXT* dpb_role_name;
|
||||
TEXT* dpb_journal;
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
TEXT* dpb_key;
|
||||
#endif
|
||||
TEXT* dpb_log;
|
||||
TEXT* dpb_wal_backup_dir;
|
||||
USHORT dpb_wal_action;
|
||||
@ -562,11 +560,16 @@ BOOLEAN invalid_client_SQL_dialect = FALSE;
|
||||
|
||||
/* External hook definitions */
|
||||
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
#define ENCRYPT_IMAGE "ISCCRYPT"
|
||||
#define ENCRYPT "ISC_ENCRYPT"
|
||||
#define DECRYPT "ISC_DECRYPT"
|
||||
#endif
|
||||
/* dimitr: just uncomment the following line to use this feature.
|
||||
Requires support from the PIO modules. Only Win32 is 100% ready
|
||||
for this so far. Note that the database encryption code in the
|
||||
PIO layer seems to be incompatible with the SUPERSERVER_V2 code.
|
||||
2003.02.09 */
|
||||
//#define ISC_DATABASE_ENCRYPTION
|
||||
|
||||
static const char* CRYPT_IMAGE = "fbcrypt";
|
||||
static const char* ENCRYPT = "encrypt";
|
||||
static const char* DECRYPT = "decrypt";
|
||||
|
||||
|
||||
#ifdef SHLIB_DEFS
|
||||
@ -733,26 +736,24 @@ STATUS DLL_EXPORT GDS_ATTACH_DATABASE(STATUS* user_status,
|
||||
ERR_post(gds_unavailable, 0);
|
||||
}
|
||||
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
/* Worry about encryption key */
|
||||
|
||||
if (dbb->dbb_decrypt) {
|
||||
if (dbb->dbb_filename) {
|
||||
if (dbb->dbb_filename && (dbb->dbb_encrypt_key || options.dpb_key)) {
|
||||
if ((dbb->dbb_encrypt_key && !options.dpb_key) ||
|
||||
(!dbb->dbb_encrypt_key && options.dpb_key) ||
|
||||
strcmp(options.dpb_key, dbb->dbb_encrypt_key->str_data))
|
||||
strcmp(options.dpb_key, reinterpret_cast<char*>(dbb->dbb_encrypt_key->str_data)))
|
||||
ERR_post(gds_no_priv,
|
||||
gds_arg_string, "encryption",
|
||||
gds_arg_string, "database",
|
||||
gds_arg_string,
|
||||
ERR_string(reinterpret_cast< char *>(file_name), fl),
|
||||
ERR_string(reinterpret_cast<char*>(file_name), fl),
|
||||
0);
|
||||
}
|
||||
else if (options.dpb_key)
|
||||
dbb->dbb_encrypt_key =
|
||||
copy_string(options.dpb_key, strlen(options.dpb_key));
|
||||
}
|
||||
#endif
|
||||
|
||||
tdbb->tdbb_attachment = attachment = FB_NEW(*dbb->dbb_permanent) att();
|
||||
attachment->att_database = dbb;
|
||||
@ -1864,11 +1865,9 @@ STATUS DLL_EXPORT GDS_CREATE_DATABASE(STATUS* user_status,
|
||||
TRUE)) ERR_post(gds_unavailable, 0);
|
||||
}
|
||||
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
if (options.dpb_key)
|
||||
dbb->dbb_encrypt_key =
|
||||
copy_string(options.dpb_key, strlen(options.dpb_key));
|
||||
#endif
|
||||
|
||||
tdbb->tdbb_attachment = attachment = FB_NEW(*dbb->dbb_permanent) att();
|
||||
attachment->att_database = dbb;
|
||||
@ -5621,14 +5620,16 @@ static DBB init(TDBB tdbb,
|
||||
|
||||
TRA_init(tdbb);
|
||||
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
/* Lookup some external "hooks" */
|
||||
|
||||
if (dbb_->dbb_encrypt = ISC_lookup_entrypoint(ENCRYPT_IMAGE, ENCRYPT, NULL))
|
||||
{
|
||||
dbb_->dbb_decrypt = ISC_lookup_entrypoint(ENCRYPT_IMAGE, DECRYPT, NULL);
|
||||
PluginManager::Plugin crypt_lib =
|
||||
PluginManager::getEnginePluginManager().findPlugin(CRYPT_IMAGE);
|
||||
if (crypt_lib) {
|
||||
dbb_->dbb_encrypt =
|
||||
(dbb::crypt_routine) crypt_lib.lookupSymbol(Firebird::string(ENCRYPT));
|
||||
dbb_->dbb_decrypt =
|
||||
(dbb::crypt_routine) crypt_lib.lookupSymbol(Firebird::string(DECRYPT));
|
||||
}
|
||||
#endif
|
||||
|
||||
INTL_init(tdbb);
|
||||
|
||||
|
||||
@ -113,6 +113,8 @@ class tdbb;
|
||||
class dbb : private pool_alloc<type_dbb>
|
||||
{
|
||||
public:
|
||||
typedef int (*crypt_routine) (char*, void*, int, void*);
|
||||
|
||||
static dbb* newDbb(MemoryPool& p) {
|
||||
return FB_NEW(p) dbb(p);
|
||||
}
|
||||
@ -170,9 +172,7 @@ public:
|
||||
USHORT dbb_prefetch_pages; /* prefetch pages per request */
|
||||
class str *dbb_spare_string; /* random buffer */
|
||||
class str *dbb_filename; /* filename string */
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
class str *dbb_encrypt_key; /* encryption key */
|
||||
#endif
|
||||
|
||||
JrdMemoryPool* dbb_permanent;
|
||||
JrdMemoryPool* dbb_bufferpool;
|
||||
@ -215,12 +215,10 @@ public:
|
||||
SLONG dbb_lock_owner_handle; /* Handle for the lock manager */
|
||||
|
||||
USHORT unflushed_writes; /* unflushed writes */
|
||||
time_t last_flushed_write; /* last flushed write time */
|
||||
time_t last_flushed_write; /* last flushed write time */
|
||||
|
||||
#ifdef ISC_DATABASE_ENCRYPTION
|
||||
int (*dbb_encrypt) (); /* External encryption routine */
|
||||
int (*dbb_decrypt) (); /* External decryption routine */
|
||||
#endif
|
||||
crypt_routine dbb_encrypt; /* External encryption routine */
|
||||
crypt_routine dbb_decrypt; /* External decryption routine */
|
||||
|
||||
class map *dbb_blob_map; /* mapping of blobs for REPLAY */
|
||||
struct log *dbb_log; /* log file for REPLAY */
|
||||
|
||||
Loading…
Reference in New Issue
Block a user