GOAL: Design a querying language that is both easy to understand and not superficially limited.
Here are some examples to get the creative juices flowing:
#include <assert.h> | |
#include <stdio.h> | |
#include <stdarg.h> | |
static FILE *stddbg = NULL; | |
int | |
debugto(int fd) | |
{ | |
FILE *f; |
key: 0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B0B | |
ipad: 3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D363636363636363636363636 | |
3636363636363636363636363636363636363636363636363636363636363636 | |
3636363636363636363636363636363636363636363636363636363636363636 | |
3636363636363636363636363636363636363636363636363636363636363636 | |
H(K^ipad) h: 0EBFEA2ED70968F46649C33AC5507D49D17ACD355017B87BA1B0169309CF0DE1 | |
E3533B8BC94A2790A4586E021D6EEE30D465F22352073900A3A784F4C6772518 |
--- | |
name: cf | |
director_uuid: fb70f16a-4d6f-41f8-bc2e-0181a03dff18 | |
meta: | |
cf: | |
base_domain: 10.244.0.34.netip.cc | |
system_domain: (( concat "system." meta.cf.base_domain )) | |
blobstore: |
diff --git a/agent/request.go b/agent/request.go | |
index c539ca2..89648d2 100644 | |
--- a/agent/request.go | |
+++ b/agent/request.go | |
@@ -23,6 +23,9 @@ type Request struct { | |
StorePlugin string `json:"store_plugin"` | |
StoreEndpoint string `json:"store_endpoint"` | |
RestoreKey string `json:"restore_key"` | |
+ EncryptionMode string `json:"encryption_mode"` | |
+ EncryptionKey string `json:"encryption_key"` |
# this is pretty standard boilerplate configuration | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_param QUERY_STRING $query_string; | |
fastcgi_param REQUEST_METHOD $request_method; | |
fastcgi_param CONTENT_TYPE $content_type; | |
fastcgi_param CONTENT_LENGTH $content_length; |
The Design of the SHIELD Archive Encryption System | |
================================================== | |
The goals of the archive encryption system are: | |
1. Archive encryption happens as early as possible | |
2. Archive decryption happens as late as possible | |
3. The same data does not produce the same encrypted archive | |
4. Ciphers and modes can be upgraded by operators | |
5. Operators are minimally involved in day-to-day management |
+14:51:11:504:0:16784m 10.0.1.18 jhunt@mac ~ | |
→ dig x.1.2.3.4.netip.cc @173.255.229.191 | |
; <<>> DiG 9.8.3-P1 <<>> x.1.2.3.4.netip.cc @173.255.229.191 | |
;; global options: +cmd | |
;; Got answer: | |
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5032 | |
;; flags: qr aa; QUERY: 0, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 | |
;; ANSWER SECTION: |
; <<>> DiG 9.8.3-P1 <<>> +trace +all x.1.2.3.4.netip.cc | |
;; global options: +cmd | |
;; Got answer: | |
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 267 | |
;; flags: qr ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 | |
;; QUESTION SECTION: | |
;. IN NS |
### global | |
| Component | Network Segment | IP Count | | |
| --------- | --------------- | -------- | | |
| infra | 10.50.0.0/24 | 256 | | |
| proto-bosh | 10.50.1.0/24 | 256 | | |
| vault | 10.50.2.0/24 | 256 | | |
| shield | 10.50.3.0/24 | 256 | | |
| concourse | 10.50.4.0/24 | 256 | |