DAR icon indicating copy to clipboard operation
DAR copied to clipboard
verified publisher icon Edrusb

Still get "A wrong key is not possible to detect..." with --quiet

Open jimav opened this issue 2 years ago • 4 comments

From the docs:

-q, --quiet Suppress the final statistics report. If no verbose output is asked beside this option, nothing is dis‐ played if the operation succeeds. ...

However if the archive is encrypted a big warning is always displayed:

Warning, the archive <xxx> has been encrypted. A wrong key is not possible to detect, it would cause DAR to report the archive as corrupted

These warning look very messy in output from scripts which search many archives; it would be a nice enhancement if dar did not print this warning until just before printing the first error, if an error occurs (and thus never print the warning if no error occurs).

Thanks.

P.S. Are there some "magic" characters in a header or something? If so then dar could distinguish a wrong key from a media error if it separately encrypted those magic characters by themselves and stored the cyphertext somewhere. I guess that would require a version bump.

jimav avatar Mar 01 '23 22:03 jimav

OK, I will modify libdar for the warning does not show when -q option is used, this makes sense.

There is some magic character unciphered in the archive header, but having the same information ciphered would weaken the encryption (clear text attack)... but the idea is interesting... looking forward to see whether there is some way of doing that without weakening the encryption...

Edrusb avatar Mar 04 '23 22:03 Edrusb

well, this enhancement implies a change of the libdar API: the -q option stays at dar level (command-line) and the API has today no option to display less than the default, but several ways to display more, calls that the -v option uses. I will thus add this enhancement in master branch, leading this to be released with next major release (2.8.0).

In the meanwhile I can set a compilation option that disable this warning... or you can just comment it out (file src/libdar/macro_tools.cpp line 930) and recompile dar/libdar.

Edrusb avatar Mar 07 '23 18:03 Edrusb

enhancement is implemented (git/master for release 2.8.0) extending -q option to optionally receive an argument "-qcrypto" or "--quiet=crypto"

For the new feature you mentionned (detection of wrong key my mean of ciphering well know info) this is under investigation about security impact and feasibility

Edrusb avatar Mar 07 '23 20:03 Edrusb

enhancement available with release 2.7.9, keeping open for the feature request part

Edrusb avatar Mar 26 '23 15:03 Edrusb