-
- this is a 64bits XXHASH64 check that replace the 32bits - The old crc32 location is used for a "block option" bit field - use the block header option bit field to store information about - if block checksum (XXH64) is used - encryption is used - if "this" block is encrypted (volume label are not) - add encryption_command - use the BlockNum for the IV - new SD->Device->BlockEncryption directive to enable encryption - the xxhas64 is in one block at the end of the header - add documentation - add a unittest for block_crypto, to show how to use it and do some basic encrypte/decrypte - 2 options bit in the block header - BLKHOPT_ENCRYPT_VOL if the volume is encrypter - BLKHOPT_ENCRYPT_BLOCK if THIS block is encrypted - bsdjson can display the encryption type - high level protocol between the sd_encryption_script and the SD - use ENV to send the data - use stdout/stdin to read the answere from the keymanager - handle error reported by the script - obfuscate data in the volume when needed (BlockEncryption = STRONG) - support data spooling (don't encode data in the spool) - support %V in edit_device_codes() but not used anymore, use environment instead - add support for a master key (store encoded version of the encryption key and the key id of the masterkey) - DEVICE::load_encryption_key() that call the keymanager - Add new fields to volume label : EncCipherKey[Size] & MasterKeyId[Size] - add int DEV_RECORD::BlockVer to know the volume version, in case we decode the volume header and its extra fields - add the NULL cipher only for testing purpose - the XXHASH is always there in the block header event when not used (set to 0) - the block header has a constant length # Conflicts: # bacula/src/stored/stored_conf.h- this is a 64bits XXHASH64 check that replace the 32bits - The old crc32 location is used for a "block option" bit field - use the block header option bit field to store information about - if block checksum (XXH64) is used - encryption is used - if "this" block is encrypted (volume label are not) - add encryption_command - use the BlockNum for the IV - new SD->Device->BlockEncryption directive to enable encryption - the xxhas64 is in one block at the end of the header - add documentation - add a unittest for block_crypto, to show how to use it and do some basic encrypte/decrypte - 2 options bit in the block header - BLKHOPT_ENCRYPT_VOL if the volume is encrypter - BLKHOPT_ENCRYPT_BLOCK if THIS block is encrypted - bsdjson can display the encryption type - high level protocol between the sd_encryption_script and the SD - use ENV to send the data - use stdout/stdin to read the answere from the keymanager - handle error reported by the script - obfuscate data in the volume when needed (BlockEncryption = STRONG) - support data spooling (don't encode data in the spool) - support %V in edit_device_codes() but not used anymore, use environment instead - add support for a master key (store encoded version of the encryption key and the key id of the masterkey) - DEVICE::load_encryption_key() that call the keymanager - Add new fields to volume label : EncCipherKey[Size] & MasterKeyId[Size] - add int DEV_RECORD::BlockVer to know the volume version, in case we decode the volume header and its extra fields - add the NULL cipher only for testing purpose - the XXHASH is always there in the block header event when not used (set to 0) - the block header has a constant length # Conflicts: # bacula/src/stored/stored_conf.h
Loading