https://bugs.openldap.org/show_bug.cgi?id=9364
Issue ID: 9364 Summary: Rework encryption API Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: liblmdb Assignee: bugs@openldap.org Reporter: hyc@openldap.org Target Milestone: ---
Currently a single initialization vector is set at env creation time, and is used for the entire life of the DB. Ideally it should be a value uniquely generated on every write to a page. The most straightforward approach would be to use a combination of the page number and txid. Even better would be to use a keyed hash of these two values.
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #1 from Quanah Gibson-Mount quanah@openldap.org ---
Commits: • 8dc526c5 by Howard Chu at 2020-10-11T13:56:52+01:00 ITS#9364 rework crypto API
And add support for per-page checksums. Reserve space for checksum at tail of page. Pass pgno+txnid as IV input for encryption.
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #2 from Quanah Gibson-Mount quanah@openldap.org --- Commits: • 0bc8a4e9 by Howard Chu at 2020-10-11T14:07:26+01:00 ITS#9364 add error code texts
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #3 from Quanah Gibson-Mount quanah@openldap.org ---
Commits: • 93c72a77 by Howard Chu at 2020-10-11T17:29:54+01:00 ITS#9364 add sample for authenticated encryption
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #4 from Quanah Gibson-Mount quanah@openldap.org --- Commits: • 34fd2815 by Howard Chu at 2020-10-11T18:17:07+01:00 ITS#9364 tweak sample
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #5 from Quanah Gibson-Mount quanah@openldap.org ---
Commits: • 21d21a09 by Howard Chu at 2020-10-11T18:19:10+01:00 ITS#9364 tweak crypto sample again
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #6 from Quanah Gibson-Mount quanah@openldap.org ---
Commits: • 12c63d29 by Howard Chu at 2020-10-12T03:09:48+01:00 ITS#9364 use crypto table properly
https://bugs.openldap.org/show_bug.cgi?id=9364
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9367
https://bugs.openldap.org/show_bug.cgi?id=9364
--- Comment #7 from Quanah Gibson-Mount quanah@openldap.org --- Commits: • b220a665 by Howard Chu at 2020-10-12T21:57:05+01:00 ITS#9364 Add crypto support to all tools
Commits: • 8e8371d1 by Howard Chu at 2020-10-12T22:28:27+01:00 ITS#9364 Add docs for crypto modules
Commits: • fccd990c by Howard Chu at 2020-10-12T22:55:51+01:00 ITS#9364 fix doxygen comment
https://bugs.openldap.org/show_bug.cgi?id=9364
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |TEST
-
openldap-its@openldap.org