blob: 1980a8f4446de4243ca66f4f67b259bdf2f33727 (
plain)
1
2
3
4
5
6
7
8
|
While using HMAC instead of "plain" hash functions is inherently more secure, it's still a bad idea to re-use keys for different purposes.
Also, ttbomk, HMAC needs two keys, not one. Are you re-using the same key twice?
Compability for old buckets and support for different ones can be maintained by introducing a new option and simply copying over the encryption key's identifier into this new option should it be missing.
> See [[design/encryption]]. I don't think this bug needs to be kept
> open. [[done]] --[[Joey]]
|