Data Protector Practitioners Forum


Trusted Contributor.


Hi All,


1- what is different from AES and encode?
2-How to export and import keystore file?



many thanx :-)

Micro Focus Expert

Re: Encrption


Data Protector offers a simple built-in XOR algorithm implemented in a shared C program library. Since Data Protector provides the API used by the Disk Agent to interface with the data encoding module, you can substitute your own internal data encoding algorithms for greater security. Do this by writing your own data encoding module, compiling it into a library, and substituting the new library for the default Data Protector library. Note that after changing the encoding library, a full backup should be performed.


AES 256

The Data Protector software encryption, based on the AES-CTR (Advanced Encryption Standard in Counter Mode) encryption algorithm that uses random keys of 256-bit length. The same key is used for both encryption and decryption. With AES 256-bit encryption, data is encrypted before it is transferred over a network and before it is written to media.


The short answer here is that if you just use 'Encode' and do not write your own encryption algorithms, and facility that has DP installed  would be able to decode your backups.  The AES-256 method is much more secure


In the Command Line Interpreter (CLI) Guide, in section iM, review the options for 'omnikeytool' command


    omnikeytool -export [CSV File] [export options]

Exports encryption key records into the specified comma separated values (CSV) file. The file

is exported only to the directory


Program Data\Omniback\Config\Server\export\keys (Windows Server  2008),

Program Files\Omniback\Config\Server\export\keys (other Windows systems),


/var/opt/omni/server/export/keys (UNIX systems).



To export the active encryption key "10B53673B8232747A806000001000000

5B9381955B 9381955B9381955B938321" to a comma-separated values (CSV) file "a.csv",



omnikeytool -export a.csv -keyid 10B53673B8232747A806000001000000

5B9381955B 9381955B9381955B938321


Exporting does not delete encryption keys from the keystore.


     omnikeytool -import [CSV File]

Imports encryption key record matching the key number from the specified keystore file. The

file is imported to the directory


ProgramData\Omniback\Config\Server\import\keys (Windows Server 2008),

Program Files\Omniback\Config\Server\import\keys (other Windows systems),


/var/opt/omni/server/import/keys (UNIX systems



All of this information is available by, in the GUI, clicking on HELP -> List Topic for the AES information, and

Help -> Guides -> CLI Guide