diff options
author | Christian Brabandt <cb@256bit.org> | 2023-04-23 17:50:22 +0100 |
---|---|---|
committer | Bram Moolenaar <Bram@vim.org> | 2023-04-23 17:50:22 +0100 |
commit | aae583441bcdbb0bfef3b8a1d193e04ae09ca95d (patch) | |
tree | e3cf7c27fc02e1232fe5ab8f8da32581e9782718 /runtime/doc/options.txt | |
parent | dcd40cfca0fe0e65d405ce9711745a8ec846c30c (diff) |
patch 9.0.1481: decrypting with libsodium may fail if the library changesv9.0.1481
Problem: Decrypting with libsodium may fail if the library changes.
Solution: Add parameters used to the encrypted file header. (Christian
Brabandt, closes #12279)
Diffstat (limited to 'runtime/doc/options.txt')
-rw-r--r-- | runtime/doc/options.txt | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/runtime/doc/options.txt b/runtime/doc/options.txt index 91f50e7e62..2a2c7ed5c7 100644 --- a/runtime/doc/options.txt +++ b/runtime/doc/options.txt @@ -2511,12 +2511,14 @@ A jump table for the options with a short description can be found at |Q_op|. *pkzip* zip PkZip compatible method. A weak kind of encryption. Backwards compatible with Vim 7.2 and older. + Only use if you need to be backwards compatible. *blowfish* blowfish Blowfish method. Medium strong encryption but it has an implementation flaw. Requires Vim 7.3 or later, files can NOT be read by Vim 7.2 and older. This adds a "seed" to the file, every time you write the file the encrypted bytes will be different. + Obsolete, please do no longer use. *blowfish2* blowfish2 Blowfish method. Medium strong encryption. Requires Vim 7.4.401 or later, files can NOT be read by Vim 7.3 @@ -2538,11 +2540,21 @@ A jump table for the options with a short description can be found at |Q_op|. enabled. Encryption of undo files is not yet supported, therefore no undo file will currently be written. - CURRENTLY EXPERIMENTAL: Files written with this method + CAREFUL: Files written with this method might have to + be read back with the same version of Vim if the + binary format changes later. + Obsolete, please do no longer use. + xchacha20v2 Same algorithm as with "xchacha20" that correctly + stores the key derivation parameters together with the + encrypted file. Should work better in case the + parameters in the libsodium library ever change. + STILL EXPERIMENTAL: Files written with this method might have to be read back with the same version of Vim if the binary format changes later. - You should use "blowfish2", also to re-encrypt older files. + You should use "blowfish2", also to re-encrypt older files. The + "xchacha20" method provides better encryption, but it does not work + with all versions of Vim. When reading an encrypted file 'cryptmethod' will be set automatically to the detected method of the file being read. Thus if you write it |