Keep empty files unencrypted #162
Conversation
|
This is being a real nuisance here for me too. What do we need to get this merged? |
To work around the issue that git considers the working directory dirty when empty files are encrypted, these are kept untouched when cleaning/smudging. Security wise, this is not an issue, as you can check if an encrypted file is empty due to the deterministic encryption properties.
hugopeixoto
force-pushed
the
fix/keep-empty-files-unencrypted
branch
from
62c3725
to
17a9020
Compare
|
I rebased this to the latest |
|
I agree in principle that this is the correct fix. Unfortunately, it's a breaking change to git-crypt's on-disk format. Empty files that were previously committed to the repo encrypted will now appear "modified" to Git. I'm not sure if there are other implications. I think we need to find a way to apply this behavior to new but not existing git-crypt repos. |
|
I think we can do that by setting a flag during Initially I was thinking of making it a Something like: |
git has several problems with using smudge/clean filters on empty files (see issue #53). The easiest fix is to just not encrypt empty files. Since it was already obvious from the encrypted file length that a file was empty, skipping empty files does not decrease security. Since skipping empty files is a breaking change to the git-crypt file format, we only do this on new repositories. Specifically, we add a new critical header field to the key file called skip_empty which is set in new keys. We skip empty files if and only if this field is present. Closes: #53 Closes: #162
|
The place to set this is in the key file, which is fortunately extensible. I've implemented this in #210. I would appreciate your testing! |
To work around the issue that git considers the working directory
dirty when empty files are encrypted, these are kept untouched when
cleaning/smudging.
Security wise, this is not an issue, as you can check if an encrypted
file is empty due to the deterministic encryption properties.
This fixes #53