bug-recutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-recutils] Encryption


From: Daiki Ueno
Subject: Re: [bug-recutils] Encryption
Date: Mon, 26 Aug 2013 11:25:56 +0900
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)

address@hidden (Jose E. Marchesi) writes:

> As we found out during the GHM at Paris, the reason is that between 1.5
> was released and today salt was added to the algorithm which
> crypts/decrypts the stuff.
>
> I think we should add an ephimeral option for 1.6 to support decryption
> of fields encrypted with 1.5, along with a note in the NEWS file and
> release notes.  What do you think?

To be precise, fields encrypted with 1.5 (non-salted) can be decrypted
with 1.6 (salted), but the opposite is not:
http://git.savannah.gnu.org/cgit/recutils.git/tree/src/rec-crypt.c#n174

Since the non-salted format may leads to a security issue, I'd rather
suggest to add a way to migrate from the non-salted format to the salted
format, maybe by running recfix --encrypt again?  And yes, a NEWS entry
would also be helpful.

Regards,
-- 
Daiki Ueno



reply via email to

[Prev in Thread] Current Thread [Next in Thread]