Improved Handling of Encryption Attributes During File Compact and Rebuild
The file compact utility (ctcmpcif) and the CompactIFile() API function now better handle file encryption The following improvements were made:
The compact API function and utility can optionally change encryption attributes. To use this option when calling the compact API function, use the setIFILoptions() macro to set the setencryptIFILoption bit in the tfilno field of the IFIL structure whose address you pass to the compact API function, and call ctSETENCRYPT() with the desired encryption attributes before calling the compact API function. For example:
The ctcmpcif utility now supports an option to specify the encryption cipher for the data and index files created by the compact operation. Usage:
-encrypt=cipher - Create the compacted file using the specified cipher:
for AES, use aes16, aes24, or aes32
for Blowfish, use blf8, blf9, ..., or blf56
for DES, use des8, des16, or des24
for Twofish, use twf16, twf24, or twf32
for no encryption, use none
for the deprecated CAMO option, use camo:MY_ENCRYPTION_KEYNote: CAMO or "Camouflage" is an older, legacy method of hiding data, which is not a standards-conforming encryption scheme, such as AES. It is not intended as a replacement for Advanced Encryption or other security systems.
Note: If an index file does not exist, the original data file's encryption attributes are used when creating that index file.
To change the encryption attributes of a file using the compact API function from a client, you must add the option CHANGE_ENCRYPTION_ON_COMPACT YES to ctsrvr.cfg. Otherwise, the operation fails with error NSUP_ERR (454, not supported).
Compact now always deletes and recreates index files after saving resources from the original index file. This provides the expected behavior of (possibly) reducing the size of the index file.
