Coda File System

Re: Coda development (crypto)

From: <u-myfx_at_aetey.se>
Date: Fri, 6 May 2016 08:55:02 +0200
On Thu, May 05, 2016 at 11:21:00AM -0400, Jan Harkes wrote:
> On Thu, May 05, 2016 at 01:13:53PM +0200, u-myfx_at_aetey.se wrote:
> > But those 8-byte limitations, they become too bad now.
> 
>     ~/coda$ git grep RPC2_EncryptionKey | wc -l
>     144
> 
> That is just the places where there is a reference to the rpc2
> encryption key in the source typically either as a variable definition
> or as function argument. There are more places because they are also
> part of other structures such as the secret and clear parts of a Coda
> token. (and maybe even more)
> 
>     # filtering out EncryptedSecretToken references
>     ~/coda$ git grep [^d]SecretToken | wc -l
>     32
>     ~/coda$ git grep ClearToken | wc -l
>     58
> 
> Now these are just places where variable or function arguments are
> defined, these then lead to places where they are used and each place
> needs to be checked to make sure it can safely adapt to a different
> size.

Thanks for these hints about where to look.

> That is a lot of changes needed, IMHO not worth immediate action at the
> moment when there are clearly questions about the home-grown-edness of
> the crypto implementation, and if it adequately covers all places where
> file data is exposed.

Do you mean that it might be better to replace the crypto layer in rpc2,
ot the authentication layer in Coda, or both, instead of merely changing
the token size?

Why not - if the corresponding amount of work is in the same order of
magnitude, but is it?

Rune
Received on 2016-05-06 02:55:34