Um, that's not a terribly clever interface. Most, if not all,
encryption algorithm require computation to transform the key into a
computationally efficient form. Passing the key on the same call as the
data either requires the key to be computed on each message or for the
encryption code to transparently cache processed keys, which add
complexity, overhead, and a guaranteed memory leak.

Also, the output size isn't the same as the input size. DES rounds up
to an eight byte boundary, AES to 16 bytes. How is the called to know
what to expect?

On 11/5/2010 10:50 AM, Dimitry Sibiryakov wrote:
> 05.11.2010 15:12, ettotev wrote:
>> Well, all I'm actually asking for is a clearly defined and documented interface for the disk encryption plug-in.
> Interface: DLL named fbcrypt.dll (libfbcrypt.so) with two functions called "encrypt" and
> "decrypt". Both functions have the same declaration:
>
> int (*crypt_routine) (const char* key, void* in_buffer, int size, void* out_buffer);
>
> All they need to do is somehow transform data from in_buffer of size "size" into
> out_buffer of the same size.
>
> Is this definition clear enough?
>
>> I remember reading about the "current solution" some time ago, but can't find it again. Could someone please point me to some documentation?
> Sources is the only documentation, unfortunately. Fortunately, encryption plugin
> interface is much simpler than any other plugin (intl or external routines) interface.
>


--
Jim Starkey
Founder, NimbusDB, Inc.
978 526-1376