GNU bug report logs - #20030
plstore caches invalid passphrases

Previous Next

Package: emacs;

Reported by: Jonas Bernoulli <jonas <at> bernoul.li>

Date: Sat, 7 Mar 2015 14:16:02 UTC

Severity: normal

Done: Daiki Ueno <ueno <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 20030 in the body.
You can then email your comments to 20030 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#20030; Package emacs. (Sat, 07 Mar 2015 14:16:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Jonas Bernoulli <jonas <at> bernoul.li>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Sat, 07 Mar 2015 14:16:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jonas Bernoulli <jonas <at> bernoul.li>
To: <bug-gnu-emacs <at> gnu.org>
Subject: plstore caches invalid passphrases
Date: Sat, 07 Mar 2015 15:11:36 +0100

When using symmetric encryption and
`plstore-cache-passphrase-for-symmetric-encryption' is non-nil,
`plstore-passphrase-callback-function' stores the passphrase entered
by the user in `plstore-passphrase-alist'.  This happens *before* the
passphrase is used to decrypt, and if it turns out that it was wrong,
then it is *not* removed from the cache.

So if caching is turned on and the user enters the wrong passphrase,
subsequent attempts to decrypt the same information will always fail,
because the cached but invalid passphrase is used.  The user has to
manually remove the invalid entry from `plstore-passphrase-alist' to
get a second chance at entering the passphrase correctly.
Reply sent to Daiki Ueno <ueno <at> gnu.org>:
You have taken responsibility. (Tue, 31 Mar 2015 01:18:02 GMT) Full text and rfc822 format available.
Notification sent to Jonas Bernoulli <jonas <at> bernoul.li>:
bug acknowledged by developer. (Tue, 31 Mar 2015 01:18:02 GMT) Full text and rfc822 format available.

Message #10 received at 20030-done <at> debbugs.gnu.org (full text, mbox):

From: Daiki Ueno <ueno <at> gnu.org>
To: Jonas Bernoulli <jonas <at> bernoul.li>
Cc: 20030-done <at> debbugs.gnu.org
Subject: Re: bug#20030: plstore caches invalid passphrases
Date: Tue, 31 Mar 2015 10:17:49 +0900

Jonas Bernoulli <jonas <at> bernoul.li> writes:

> When using symmetric encryption and
> `plstore-cache-passphrase-for-symmetric-encryption' is non-nil,
> `plstore-passphrase-callback-function' stores the passphrase entered
> by the user in `plstore-passphrase-alist'.  This happens *before* the
> passphrase is used to decrypt, and if it turns out that it was wrong,
> then it is *not* removed from the cache.

Thanks, good catch.  I've installed a fix:
http://git.savannah.gnu.org/cgit/emacs.git/commit/?id=2e4b0c98
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Tue, 28 Apr 2015 11:24:06 GMT) Full text and rfc822 format available.
This bug report was last modified 10 years and 60 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.