Replies: 1 comment
-
I could imagine that |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The command options for RAW mode decryption are hard to understand, and I think would benefit from rethinking or removal. After reading the SCSI specification for tape drives (SSP-5), the nominal reason RAW decrypt mode exists is for copying encrypted data from one volume to another without needing the key (referred to "keyless copy"). The source drive is set to return raw encrypted data, and the destination drive is put into "external" encryption mode where it assumes the incoming data is already encrypted.
In order for this to work, either the device needs to support RAW output by default, or a flag needs to be set when encryption is enabled, and this setting applies on a per-record basis when writing to the tape (hence the
--protect
and--unprotect
options).However, stenc doesn't support the external encrypt mode to go along with raw decrypt mode, and moreover doesn't allow encrypt and decrypt settings to be controlled independently. For example, it is not allowed to turn off writing encrypted data, while leaving decryption on. This is fine, it just means stenc is opinionated and only supports the typical use case where encrypt and decrypt settings are set in tandem.
Ideas:
--rawread
and associated--protect
/--unprotect
options.--mixed
makes sense to keep, so in this case stenc will support 3 configurations: encrypt on + decrypt on, encrypt on + decrypt mixed, and encrypt off + decrypt off.--decrypt-raw
and--decrypt-mixed
, and change--unprotect
to--allow-raw-decrypt
. If keyless copy is something stenc should support, corresponding options for external encryption mode should be added.-e external -d mixed --allow-raw-decrypt
or something like that.Basically, first consider what the reasons are for allowing RAW decrypt mode in the program. Is it for supporting keyless copy, or completeness, or something else? If for keyless copy, we should also add support for external encryption mode. If completeness, I think that is a bad idea since there are also dozens of other option flags stenc doesn't support that would better be handled in custom site builds for those who need it, and these settings are difficult to use correctly.
Beta Was this translation helpful? Give feedback.
All reactions