Comments (3)
One related question: Does the same apply to recipients, as well?
It generally shouldn't, because there's an asymmetry here. Decryption stops at the first identity that succeeds, so order is relevant. Encryption necessarily uses all provided recipients and identities, so the order doesn't change which plugins get called.
from rage.
tl;dr This is a UX consideration specifically for the CLI; if you want to leverage merging, you will need to use the age
crate directly.
When I wrote the original draft of the age-plugin spec, my intention was for each identity plugin to only be called once (the fewest possible subcommand invocations). Hence the v1 identity plugin supports multiple identities being provided in phase 1. The age
crate also implements this: age::plugin::IdentityPluginV1::new
takes &[age::plugin::Identity]
.
Initially, this is also what I implemented in rage
: the -i
flags would be grouped by plugin, and then IIRC the native identities would be tried first, followed by the plugin identities in a non-deterministic order. It was this that @FiloSottile raised as a UX problem: CLI users had no way of guessing or influencing what order identities were tried. This was a problem because plugins can have unbounded complexity, and users can reasonably want to have rage
try more complex identities later.
As documented in #236, after a long UX discussion we decided to make -i
flags deterministic:
- Identity files are tried against a ciphertext in left-to-right order from the CLI flags.
- Identities within an identity file are tried in top-to-bottom order.
- Encrypted age files (#235) have their identities tried in-place (as if the unencrypted identity file had been passed instead).
- No identities will be coalesced for plugins.
- This means that plugin binaries will be invoked by
rage
once per identity, and will only ever see oneadd-identity
command. The plugin protocol still supports more complex use cases.
from rage.
@str4d Thanks for these clarifications! I think it'd be good to describe or reference this cli-specific behaviour in the spec, so that plugin developers don't invest too much time into optimizing the order of trying identities if their target users are cli-only.
One related question: Does the same apply to recipients, as well? I think the cli behaviour of rage
and age
are diverging when multiple plugin recipients are passed (that's why I also created FiloSottile/age#526). I think rage
passes all recipients at once to the plugin when specifying multiply via -r age...rec1 -r age...rec2
, while age
makes individual plugin calls per recipient.
from rage.
Related Issues (20)
- UX: Pronounciation HOT 3
- UX: failed to fill whole buffer with ArmoredWriter HOT 1
- Grease data included in file header
- RUSTSEC-2023-0071: Marvin Attack: potential key recovery through timing sidechannels
- Release v0.9.3? HOT 1
- Invalid scrypt work factor calculation on system with bad SystemTime precision
- v0.9 Breaking Change? HOT 5
- DX: Place i18n behind a feature flag. HOT 3
- `rage-keygen` overwrites existing key files since 0.6.0
- Expose fatal errors from `rage-keygen`
- Migrate away from `gumdrop` for argument parsing HOT 3
- UX: allow to use the shell process substitution to provide the identity file when decrypting HOT 1
- Name conflict with Rage the video player HOT 5
- Securerage HOT 1
- Publish new version HOT 3
- UX: How to derive the public key given a private key HOT 2
- Hard to understand error message when the identity file does not end with a \n
- Feature-parity with age: version flag HOT 2
- chezmoi add --encrypt missing recipient HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rage.