On Saturday, February 16, 2013 7:25:54 PM UTC-6, Ulrik wrote: > On 2013-02-16 18:16, Bram Moolenaar wrote: > > > The whole point of the encryption is to make the text unreadable. It is > > > not a signature of any kind. Signing files, encrypted or not, is a > > > totally different thing and there are plenty of tools for that. > > > > > > > The type of the attack is that if you XOR a value with the ciphertext, > > the same XOR difference shows in the decrypted text. Knowing a small > > part of the plaintext is not a big requirement on an attack as simple as > > this one. > >
I still don't think preventing this kind of attack is within the scope of Vim's encryption. > > I understand that Vim only wants to provide confidentiality, not > > integrity, but taken together with the usability issue of not giving > > notice of a wrong password, I don't understand the choice. I don't enjoy > > the possibility given that I might absent-mindedly type :w when getting > > the garbage output after a mistyped password, destroying my data. > > But I think THIS is an excellent argument for your proposed feature. If we can easily protect the user from accidentally corrupting their important file, then it is a very good idea. There is already checksum code within Vim for the undo file...I think it uses some sort of SHA algorithm. I don't think this should be too hard to implement. I think :w! should force a write even though the checksum is wrong just in case somebody is doing something kooky intentionally, but :w with a mismatched checksum should give an error. As somebody mentioned, the encryption already stores a version flag in the file, so this should be a backwards compatible change. Should a file which was read without the checksum, also be written without one? I normally wouldn't think so, but perhaps it would be best to prevent that older Vims can't read the file after editing it in a newer Vim. A recent patch also added a vimscript function to get the checksum, I wonder if that could be used to do this as a plugin. I think it would be better built-in however. -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
