Instantiating Encryption Context
Collaboration diagram for Instantiating Encryption Context:

Functions

RDM_RETCODE rdm_tfsAllocEncrypt (RDM_TFS hTFS, const char *passcode, RDM_ENCRYPT *pEnc)
Allocate an encryption context. More...

Detailed Description

The encryption instantiation API. The functions here are located in RaimaDB Encryption Library. Linker option:

    -lrdmenc

Function Documentation

rdm_tfsAllocEncrypt()

RDM_RETCODE rdm_tfsAllocEncrypt ( RDM_TFS hTFS,
const char * passcode,
RDM_ENCRYPT * pEnc
)

#include <rdmtfsapi.h>

Allocate an encryption context.

This function allocates and initializes an encryption context. The encryption context will be associated with the TFS and will be automatically used by any database associated with that TFS. The encryption handle can be associated with a specific database using rdm_dbSetEncrypt(). A encryption context associated with a specific database will be used to encrypt a database when it is created. In order to open an already encrypted database the runtime engine will first use an encryption context associated with the database handle, if that encryption context is not correct it will try each encryption context associated with the TFS.

Encryption Ciphers

RaimaDB supports an implementation of the Advanced Encryption Standard (AES) specification and a simple XOR cipher. The XOR cipher encrypts the data by applying the bitwise XOR operator to every character using a given passcode. The AES cipher allows the user to specify a key size of 128, 192, or 256 bits. As a symmetric-key block cipher the number of bits of input match the number of bits of encrypted data returned by the AES implementation.

AES encryption is not available on all versions of RaimaDB.

Passcodes

The encryption passcode contains the optional encryption type and the security key used for generating encryption key.

passcode:
[enc_type':']security_key
enc_type:
AES128 | AES192 | AES256
| aes128 | aes192 | aes256

If the encryption type (enc_type) is omitted, the default encryption key will be AES128 for installations that support AES encryption and XOR for those that do not.

There is no error checking on the encryption type string. If an unrecognized encryption type is provided, the entire passcode string will be used as the security key with the default encryption type.

The security key (security_key) can be any NULL-terminated character string of any length.

Locking Requirements
None
Return values
sOKAY Normal, successful return.
See also
rdm_encryptGetType
rdm_dbSetEncrypt
rdm_dbEncrypt
rdm_encryptFree
Parameters
[in] hTFS TFS handle
[in] passcode Encryption passcode. Can be an empty string but cannot be NULL
[out] pEnc Pointer to an encryption context
Examples
core18Example_main.c, and core36Example_main.c.