I have read the patch and did some simple tests. I'm not entirely sure about some code segments; e.g.:
In the BootStrapKmgr() we generate a data encryption key by: key = generate_crypto_key(file_encryption_keylen);
However, I found that the file_encryption_keylen is always 0 in bootstrap mode because there exitst another variable bootstrap_file_encryption_keylen in xlog.c and bootstrap.c.
We get the REL/WAL key by KmgrGetKey() call and it works like: return (const CryptoKey *) &(KmgrShmem->intlKeys[id]);
But in bootstrap mode, the KmgrShmem are not assigned. So, if we want to use it to encrypt something in bootstrap mode, I suggest we make the following changes: if ( in bootstrap mode) return intlKeys[id]; // a static variable which contains key else reutrn (const CryptoKey *) &(KmgrShmem->intlKeys[id]);