[pbs-devel] [PATCH proxmox-backup 0/7] master key improvements

Fabian Grünbichler f.gruenbichler at proxmox.com
Wed Dec 16 14:41:04 CET 2020


this series fixes a bug preventing encrypted-key-restore that got
introduced with fingerprint checks when restoring files, and further
improves master key handling by providing an import command that takes a
restored encrypted key and a private master key to create a PBS keyfile.

Fabian Grünbichler (7):
  master key: store blob name in constant
  fix #3197: skip fingerprint check when restoring key
  key: move RSA-encryption to KeyConfig
  client: add 'import-with-master-key' command
  docs: replace openssl command with client
  KeyConfig: add encrypt/decrypt test
  KeyConfig: always calculate fingerprint

 docs/backup-client.rst               |   6 +-
 src/backup/crypt_config.rs           |  26 +------
 src/backup/key_derivation.rs         | 104 +++++++++++++++++++++++++--
 src/backup/manifest.rs               |   1 +
 src/bin/proxmox-backup-client.rs     |  33 +++++----
 src/bin/proxmox_backup_client/key.rs |  95 ++++++++++++++++++++++++
 6 files changed, 218 insertions(+), 47 deletions(-)

-- 
2.20.1





More information about the pbs-devel mailing list