Feature/encrypted dump (#3777)

CHANGELOG

@@ -1,6 +1,9 @@
 devel
 -----
 
+* added options `--encryption.keyfile` and `--encryption.key-generator` to arangodump
+  and arangorestore
+
 * removed `--recycle-ids` option for arangorestore
 
   using that option could have led to problems on the restore, with potential

Documentation/Books/Manual/Administration/Arangodump.md

@@ -122,3 +122,40 @@ individually.
 
 No that in consequence, restoring such a collection without its
 prototype is affected. [arangorestore](Arangorestore.md)
+
+
+### Encryption
+
+In the ArangoDB Enterprise Edition there are the additional parameters:
+
+#### Encryption key stored in file
+
+*--encryption.keyfile path-of-keyfile*
+
+The file `path-to-keyfile` must contain the encryption key. This
+file must be secured, so that only `arangod` can access it. You should
+also ensure that in case some-one steals the hardware, he will not be
+able to read the file. For example, by encryption `/mytmpfs` or
+creating a in-memory file-system under `/mytmpfs`.
+
+#### Encryption key generated by a program
+
+*--encryption.key-generator path-to-my-generator*
+
+The program `path-to-my-generator` must output the encryption on
+standard output and exit.
+
+#### Creating keys
+
+The encryption keyfile must contain 32 bytes of random data.
+
+You can create it with a command line this.
+
+```
+dd if=/dev/random bs=1 count=32 of=yourSecretKeyFile
+```
+
+For security, it is best to create these keys offline (away from your
+database servers) and directly store them in you secret management
+tool.
+

Documentation/Books/Manual/Administration/Arangorestore.md

@@ -107,6 +107,10 @@ collections being processed before all [edge collection](../Appendix/Glossary.md
 data into edge collections will have the document collections linked in edges (*_from* and
 *_to* attributes) loaded.
 
+### Encryption
+
+See [arangodump](Arangodump.md) for details.
+
 ### Restoring Revision Ids and Collection Ids
  
 _arangorestore_ will reload document and edges data with the exact same *_key*, *_from* and 

arangosh/Restore/RestoreFeature.cpp

@@ -386,6 +386,29 @@ static bool SortCollections(VPackBuilder const& l, VPackBuilder const& r) {
 }
 
 int RestoreFeature::processInputDirectory(std::string& errorMsg) {
+  std::string encryptionType;
+  try {
+    std::string const encryptionFilename = FileUtils::buildFilename(_inputDirectory, "ENCRYPTION");
+    if (FileUtils::exists(encryptionFilename)) {
+      encryptionType = StringUtils::trim(FileUtils::slurp(encryptionFilename));
+    } else {
+      encryptionType = "none";
+    }
+  } catch (...) {
+    // file not found etc.
+  }
+
+  if (encryptionType != "none") {
+#ifdef USE_ENTERPRISE
+    if (!_encryption->keyOptionSpecified()) {
+      std::cerr << "the dump data seems to be encrypted with " << encryptionType << ", but no key information was specified to decrypt the dump" << std::endl;
+      std::cerr << "it is recommended to specify either `--encryption.key-file` or `--encryption.key-generator` when invoking arangorestore with an encrypted dump" << std::endl;
+    } else {
+      std::cout << "# using encryption type " << encryptionType << " for reading dump" << std::endl;
+    }
+#endif
+  }
+
   // create a lookup table for collections
   std::map<std::string, bool> restrictList;
   for (size_t i = 0; i < _collections.size(); ++i) {

etc/jenkins/arangod-common.conf

@@ -1,6 +1,7 @@
 [log]
 force-direct = false
 line-number = true
+foreground-tty = false
 level = info
 level = replication=warn
 level = development=debug