Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set AES strength to 256 bit #8249

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Set AES strength to 256 bit #8249

wants to merge 1 commit into from

Conversation

pmario
Copy link
Member

@pmario pmario commented Jun 10, 2024
edited
Loading

This PR fixes issue #8248

This PR changes the default AES encryption setting from 128 bit to 256 bit.

I did the following tests Windows 11 - FF latest

  • Download emtpy.html from tiddlywiki.com which uses current defaults 128 bit
  • Create some content
  • Save encrypted as: aes-128.html
  • Create aes-256.html with this PR
  • Create some content
  • Save encrypted as: aes-256.html

Import decryption test

  • Import aes-256.html into aes-128.html -> Decryption and import works
  • Import aes-128.html into eas-256.html -> Decryption and import works

@vercel Vercel
Copy link

vercel bot commented Jun 10, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
tiddlywiki5 ✅ Ready (Inspect) Visit Preview Jun 10, 2024 11:03am

@Jermolene
Copy link
Member

Hi @pmario I'm happy with the idea but think it is important that we lay out the backwards compatibility implications. For example, can older versions of TiddlyWiki still open a 256-bit encrypted wiki?

@pmario
Copy link
Member Author

pmario commented Jun 10, 2024
edited
Loading

I just did some drag & drop import test to archived empty.html wikis

AES-128 (created with TW v5.3.3) and AES-256 (created with this PR) both work

  • TW v5.3.3 -> both work
  • TW v5.3.0 -> both work
  • TW v5.2.7 -> both work
  • TW v5.2.4 -> both work
  • TW v5.2.3 -> both work
  • TW v5.2.2 -> both work

Neither AES-128 created with TW v5.3.3 nor AES-256 with PR works. -> So backwards compatibility was already broken.

  • TW v5.2.1 -> none works
  • TW v5.2.0 -> none works
  • TW v5.1.23 -> none works

It does not even matter if there is a password. So JSON decode may be broken.

image

@pmario
Copy link
Member Author

pmario commented Jun 10, 2024
edited
Loading

  • Created an encrypted wiki with TW v5.1.23 and imported it to v5.3.3 and v5.3.4-pre -> works
  • Created an encrypted wiki with TW v5.2.7 and imported it to v5.3.3 and v5.3.4-pre -> works

@Jermolene
Copy link
Member

TW v5.3.3 -> both work

Thanks @pmario I am afraid I don't understand this part. Could you explain the test you performed in more detail?

@pmario
Copy link
Member Author

pmario commented Jun 10, 2024

  • As I wrote I did create 2 wikis.
  • Both are saved encrypted.
  • One wiki created from TW v5.3.3, default AES-128
  • one created with TW v5.3.4-pre, default AES-256

The I did take both wikis and import them into the empty wikis listed in the TW archive as shown above. Importing the encrypted wikis works as described above.

AES-128 v5.3.3 and AES-256 v5.3.4-pre can not be imported to older wikis starting with TW v5.2.1

This PR does not cause this problem. The problem has been there with v5.3.3 already.

@pmario
Copy link
Member Author

pmario commented Jun 11, 2024

@Jermolene -- I found the changes that caused the problem

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pmario @Jermolene