[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#20030: plstore caches invalid passphrases
From: |
Jonas Bernoulli |
Subject: |
bug#20030: plstore caches invalid passphrases |
Date: |
Sat, 07 Mar 2015 15:11:36 +0100 |
When using symmetric encryption and
`plstore-cache-passphrase-for-symmetric-encryption' is non-nil,
`plstore-passphrase-callback-function' stores the passphrase entered
by the user in `plstore-passphrase-alist'. This happens *before* the
passphrase is used to decrypt, and if it turns out that it was wrong,
then it is *not* removed from the cache.
So if caching is turned on and the user enters the wrong passphrase,
subsequent attempts to decrypt the same information will always fail,
because the cached but invalid passphrase is used. The user has to
manually remove the invalid entry from `plstore-passphrase-alist' to
get a second chance at entering the passphrase correctly.
- bug#20030: plstore caches invalid passphrases,
Jonas Bernoulli <=