(Illustration by Gaich Muramatsu)
On Thu, May 05, 2016 at 01:13:53PM +0200, u-myfx_at_aetey.se wrote: > > But those 8-byte limitations, they become too bad now. ~/coda$ git grep RPC2_EncryptionKey | wc -l 144 That is just the places where there is a reference to the rpc2 encryption key in the source typically either as a variable definition or as function argument. There are more places because they are also part of other structures such as the secret and clear parts of a Coda token. (and maybe even more) # filtering out EncryptedSecretToken references ~/coda$ git grep [^d]SecretToken | wc -l 32 ~/coda$ git grep ClearToken | wc -l 58 Now these are just places where variable or function arguments are defined, these then lead to places where they are used and each place needs to be checked to make sure it can safely adapt to a different size. And you are unlikely to use variable length because this ends up in persistent RVM memory structures and on the wire rpc messages, which results in incompatibility between clients and servers as well as reintializing clients, hopefully no server side rvm reinitialization. That is a lot of changes needed, IMHO not worth immediate action at the moment when there are clearly questions about the home-grown-edness of the crypto implementation, and if it adequately covers all places where file data is exposed. JanReceived on 2016-05-05 11:21:09