crow.iv = generateRandIV();
key = m_keyMap[row.ownerLabel];
- CLEAR_FLAG(crow.encryptionScheme);
+ CLEAR_FLAGS(crow.encryptionScheme);
SET_FLAG(ENCR_APPKEY, crow.encryptionScheme);
auto dataPair = Crypto::SW::Internals::encryptDataAesGcm(key, crow.data,
#include <map>
#include <ckm/ckm-type.h>
#include <db-crypto.h>
+#include <exception.h>
namespace CKM {
private:
// Encryption scheme flags (enable/disable specific encryption type, multiple choice)
- static const int ENCR_BASE64 = 1 << 0;
- static const int ENCR_APPKEY = 1 << 1;
+ static const int ENCR_BASE64 = 1 << 0;
+ static const int ENCR_APPKEY = 1 << 1;
static const int ENCR_PASSWORD = 1 << 2;
static const int ENCR_ORDER_OFFSET = 24;
- static inline void CLEAR_FLAG(int &encryptionScheme) {
+ /*
+ * available maximum encryption version.
+ * This limitation is from bitset which is in DB::Row::encryptionScheme(int).
+ * 24bit is used for schema flag and upper 7 bit is for schema version.
+ */
+ static const int ENCRYPTION_V_MAX = 128;
+
+ static inline void CLEAR_FLAGS(int &encryptionScheme) {
encryptionScheme = 0;
}
return encryptionScheme & fieldId;
}
- static inline void SET_ENCRYPTION_VERSION(int version, int &encryptionScheme) {
+ static void SET_ENCRYPTION_VERSION(int version, int &encryptionScheme) {
+ if (version >= ENCRYPTION_V_MAX)
+ ThrowErr(Exc::InputParam,
+ "encryption schema version is bigger than max: ", version);
+
encryptionScheme |= (version << ENCR_ORDER_OFFSET);
}