AES - initilization vector [#2200253]

I tried and failed and eventually succeeded in backing up a live site with backup encryption and then restoring on a local dev site.

The missing piece of the puzzle had been the initialization vector stored by the AES Encryption module in the variables table.

The initialization vector seems to be generated by the AES module when first required. This means that different versions of the same site can have different initialization vectors, preventing decryption of a backup.

It's pretty obvious (I assume) that to restore an encrypted backup from another site the key file is required. It's not obvious that an initialization vector is required. Should this requirement be added to Backup Migrate's documentation? If so, where? In the README file?

I'm happy to write the guidance myself.

Comments

Comment #1

crantok CreditAttribution: crantok commented 21 February 2017 at 11:11

As a result of this issue, someone just contacted me to ask how to edit the initialisation vector on a dev site so that they could restore their production backup. I'm pasting my answer in here in case it helps anyone else:

The initialisation vector is stored in the variables table, so you can use whatever method you normally use to edit the variables table. I like the variables editor from the Devel module.

Comment #2

couturier CreditAttribution: couturier as a volunteer commented 28 September 2017 at 14:23

Status:

Active

» Closed (won't fix)

@DamienMcKenna has proposed that the 7.x-2.x branch be deprecated once the upgrade path to 7.x-3.x is verified. See this issue: Verify 7.x-2.x -to- 7.x-3.x upgrade path, mark 7.x-2.x as unsupported

In order to reduce the maintenance burden the 7.x-2.x branch should be deprecated. In order to do this the upgrade path to 7.x-3.x has to be verified and any issues fixed.