Details

    Description

      For Aria, only table files get encrypted, while Aria log apparently does not. I assume it's on purpose, but then it should probably mentioned in the documentation, I could not find anything about it.

      A short specification if we would make Aria log encrypted:

      • First log page of each log file should not be encrypted (has no user data, so it's not important). However we can add a marker on the first page that the file is encrypted, including some 'random' encryption seed used for the rest of the file.
      • We encryption key could be depending on something that changes, like the file number (part of the file name) and the above encryption seed. Note that we need to be able to access all keys ever used for the logs also with aria_read_log and aria_dump_log !
      • Each log file is either fully encrypted (except for first page) or not at all. One should be able to mix encrypted at not encrypted files.
      • The Aria log is designed so that one can write additional data on a log page without affecting the previous content on the page. Encrypted files must do the same! This is critical as the engine assumes that if a page part has been written and synced it, it will always be able to read that part again, even if future writes on the same page would fail or be half written! One implication of this is that each write to the log page should be independently encrypted!
      • Encrypted segments can have additional data or be longer than non encrypted segments. This may be needed if the encrypted data is longer than the not encrypted data (for example if there needs to be a checksum for each encrypted segment).

      Attachments

        Issue Links

          Activity

            jorje_rd the above is the main problem with the patch wich prevent it to be accepted

            sanja Oleksandr Byelkin added a comment - jorje_rd the above is the main problem with the patch wich prevent it to be accepted

            Ok. But I didn't do anything new. I took the table encryption code and ported it to log encryption.

            jorje_rd Yuri Radchenko added a comment - Ok. But I didn't do anything new. I took the table encryption code and ported it to log encryption.

            jorje_rd can you please declare that you are providing this commit under the 3-clause BSD license?

            TheLinuxJedi Andrew Hutchings (Inactive) added a comment - jorje_rd can you please declare that you are providing this commit under the 3-clause BSD license?

            Yes. I did it just for fun. You can put any license, including the 3-clause BSD license.

            jorje_rd Yuri Radchenko added a comment - Yes. I did it just for fun. You can put any license, including the 3-clause BSD license.

            jorje_rd as an FYI, Monty has updated the description of this ticket with everything that is needed to make this work safely.

            TheLinuxJedi Andrew Hutchings (Inactive) added a comment - jorje_rd as an FYI, Monty has updated the description of this ticket with everything that is needed to make this work safely.

            People

              Unassigned Unassigned
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.