Realm中默认支持AES-256,但是我们可以将加密算法改为AES-256以外的其他算法吗?
答案 0 :(得分:2)
简答:不,它不是一个动态可插拔的系统。
AES加密在编译时烘焙到realm-core共享C++库,并使用各种可用的平台加密功能(基于操作系统/硬件)。它是开源的,因此从理论上讲,您可以根据需要编写不同的提供程序并处理realm::util::encryption_read_barrier和realm::util::encryption_write_barrier等方法的更改...或者根据您的自定义加密要求与Realm签订付费合同
回复:https://github.com/realm/realm-core/blob/master/src/realm/util/aes_cryptor.hpp
class AESCryptor {
public:
AESCryptor(const uint8_t* key);
~AESCryptor() noexcept;
void set_file_size(off_t new_size);
bool read(FileDesc fd, off_t pos, char* dst, size_t size);
void write(FileDesc fd, off_t pos, const char* src, size_t size) noexcept;
private:
enum EncryptionMode {
#if REALM_PLATFORM_APPLE
mode_Encrypt = kCCEncrypt,
mode_Decrypt = kCCDecrypt
#elif defined(_WIN32)
mode_Encrypt = 0,
mode_Decrypt = 1
#else
mode_Encrypt = AES_ENCRYPT,
mode_Decrypt = AES_DECRYPT
#endif
};
#if REALM_PLATFORM_APPLE
CCCryptorRef m_encr;
CCCryptorRef m_decr;
#elif defined(_WIN32)
BCRYPT_KEY_HANDLE m_aes_key_handle;
#else
AES_KEY m_ectx;
AES_KEY m_dctx;
#endif
uint8_t m_hmacKey[32];
std::vector<iv_table> m_iv_buffer;
std::unique_ptr<char[]> m_rw_buffer;
std::unique_ptr<char[]> m_dst_buffer;
void calc_hmac(const void* src, size_t len, uint8_t* dst, const uint8_t* key) const;
bool check_hmac(const void* data, size_t len, const uint8_t* hmac) const;
void crypt(EncryptionMode mode, off_t pos, char* dst, const char* src, const char* stored_iv) noexcept;
iv_table& get_iv_table(FileDesc fd, off_t data_pos) noexcept;
};