[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-recutils] Encryption
From: |
Daiki Ueno |
Subject: |
Re: [bug-recutils] Encryption |
Date: |
Mon, 26 Aug 2013 11:25:56 +0900 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux) |
address@hidden (Jose E. Marchesi) writes:
> As we found out during the GHM at Paris, the reason is that between 1.5
> was released and today salt was added to the algorithm which
> crypts/decrypts the stuff.
>
> I think we should add an ephimeral option for 1.6 to support decryption
> of fields encrypted with 1.5, along with a note in the NEWS file and
> release notes. What do you think?
To be precise, fields encrypted with 1.5 (non-salted) can be decrypted
with 1.6 (salted), but the opposite is not:
http://git.savannah.gnu.org/cgit/recutils.git/tree/src/rec-crypt.c#n174
Since the non-salted format may leads to a security issue, I'd rather
suggest to add a way to migrate from the non-salted format to the salted
format, maybe by running recfix --encrypt again? And yes, a NEWS entry
would also be helpful.
Regards,
--
Daiki Ueno