On Thu, May 05, 2016 at 01:13:53PM +0200, u-myfx_at_aetey.se wrote:
>
> But those 8-byte limitations, they become too bad now.

    ~/coda$ git grep RPC2_EncryptionKey | wc -l
    144

That is just the places where there is a reference to the rpc2
encryption key in the source typically either as a variable definition
or as function argument. There are more places because they are also
part of other structures such as the secret and clear parts of a Coda
token. (and maybe even more)

    # filtering out EncryptedSecretToken references
    ~/coda$ git grep [^d]SecretToken | wc -l
    32
    ~/coda$ git grep ClearToken | wc -l
    58

Now these are just places where variable or function arguments are
defined, these then lead to places where they are used and each place
needs to be checked to make sure it can safely adapt to a different
size. And you are unlikely to use variable length because this ends up
in persistent RVM memory structures and on the wire rpc messages, which
results in incompatibility between clients and servers as well as
reintializing clients, hopefully no server side rvm reinitialization.

That is a lot of changes needed, IMHO not worth immediate action at the
moment when there are clearly questions about the home-grown-edness of
the crypto implementation, and if it adequately covers all places where
file data is exposed.

Jan