Instantiating Encryption Context
Collaboration diagram for Instantiating Encryption Context:


RDM_RETCODE rdm_tfsAllocEncrypt (RDM_TFS hTFS, const char *passcode, RDM_ENCRYPT *pEnc)
Allocate an encryption context. More...

Detailed Description

The encryption instantiation API. The functions here are located in RDM Encrytion Library. Linker option:


Function Documentation


RDM_RETCODE rdm_tfsAllocEncrypt ( RDM_TFS hTFS,
const char * passcode,

#include <rdmtfsapi.h>

Allocate an encryption context.

This function allocates and initializes an encryption context. The encryption context will be associated with the TFS and will be automatically used by any database associated with that TFS. The encryption handle can be associated with a specific database using rdm_dbSetEncrypt(). A encryption context associated with a specific database will be used to encrypt a database when it is created. In order to open an already encrypted database the runtime engine will first use an encryption context associated with the database handle, if that encryption context is not correct it will try each encryption context associated with the TFS.

Encryption Ciphers

RDM supports an implementation of the Advanced Encryption Standard (AES) specification and a simple XOR cipher. The XOR cipher encrypts the data by applying the bitwise XOR operator to every character using a given passcode. The AES cipher allows the user to specify a key size of 128, 192, or 256 bits. As a symmetric-key block cipher the number of bits of input match the number of bits of encrypted data returned by the AES implementation.

AES encryption is not available on all versions of RDM.


The encryption passcode contains the optional encryption type and the security key used for generating encryption key.

AES128 | AES192 | AES256
| aes128 | aes192 | aes256

If the encryption type (enc_type) is omitted, the default encryption key will be AES128 for installations that support AES encryption and XOR for those that do not.

There is no error checking on the encryption type string. If an unrecognized encryption type is provided, the entire passcode string will be used as the security key with the default encryption type.

The security key (security_key) can be any NULL-terminated character string of any length.

Locking Requirements
Return values
sOKAY Normal, successful return.
See also
[in] hTFS TFS handle
[in] passcode Encryption passcode. Can be an empty string but cannot be NULL
[out] pEnc Pointer to an encryption context