From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id 4CnfFhNWlWbhmQAAe85BDQ:P1 (envelope-from ) for ; Mon, 15 Jul 2024 17:02:11 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2.migadu.com with LMTPS id 4CnfFhNWlWbhmQAAe85BDQ (envelope-from ) for ; Mon, 15 Jul 2024 19:02:11 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=ZoAL05H8; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1721062931; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=2Ie1gN2SHLrfe/0FrhEuxaUxgGnOHO6H3BZSTnhwi/8=; b=YHKsiz8+ruVkmFqWqdAjS3EPWrXovigPH6R7Tye4NKD7XUmtBx+xpMXJ7y/T1XnZyWewvO iN3LjjLwJMgxESfhujnl4ZGArhjvH3kQnTvweYC1sImfrjO4HHtKe09EgtS/58wH+/3Ufp IXlxVftJ5l56nBFE019qtW2dr9hPk5UdBd33Iy6HpQYCgEVd57jkxMPYyKJvsxwsz1fOI/ U0/9yQ7TvulNU9WD5WiaPZVdscdsZ+g1Ge2QK9ayUgOK6tJFyeguo5Swn8Pley6u7tz/H1 CY1cuel5eb6tIlYo0NRIExxJoAqUF2jcjpWcpsI2heOYGRq/YV14kOiAdtIrfg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=ZoAL05H8; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1721062931; a=rsa-sha256; cv=none; b=LmWqVtHpE3W3eKubWZ9bd9IlD4HlHL3lAcd/QhwSwn5NTJ2NWcyTYBQ2jfPU3Qlqir5CNN bGOUKZCfXtfG5fA03fBKhh9syYRHiEHbkQk8Ks1+ZQ35BLFskPUwcvPN9X/27iBYe9hN3s WipgJnvOTo3AWusXz/jlcGgiJXfLX+icQwxy7qQ4HOn9lrrPIdtlu66UAghDLiEQcDPJV0 iF0Oi+oSWte/74mvQ+V0VeIbpufaw/Z7kuK4htrDZzHX9Az0zc/AVRHZrZ9Fjvx5p3Vshb k/SWQ+/20SDipai1rrwOG1uWsoOwDhP/FDz9mN/8iIpuiG4EG6nrhLFWNC1NsQ== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id F035238202 for ; Mon, 15 Jul 2024 19:02:10 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sTP4Q-0002iX-Oc; Mon, 15 Jul 2024 13:01:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sTP4L-0002fF-NI for emacs-orgmode@gnu.org; Mon, 15 Jul 2024 13:00:59 -0400 Received: from mail-vk1-xa36.google.com ([2607:f8b0:4864:20::a36]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sTP4I-0004UK-Qb; Mon, 15 Jul 2024 13:00:57 -0400 Received: by mail-vk1-xa36.google.com with SMTP id 71dfb90a1353d-4f2e147ee98so1332117e0c.0; Mon, 15 Jul 2024 10:00:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721062853; x=1721667653; darn=gnu.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=2Ie1gN2SHLrfe/0FrhEuxaUxgGnOHO6H3BZSTnhwi/8=; b=ZoAL05H8HZGhFy0h6KmvdbLwCwHqhtGituJlxzpyx3xmVx4XcfBCVLAxwxxz8foUnW YhGFgc+3xkzVHiEg+1jncVojnlylC+6gEbdlvPTK/2zEh2bIjHbdwLc8QAuv6eiUst9q BvqrFkPV8tMk3uKi88bx+MpIlm0HoR3QlUWuhDfX2OBYSzuW1H157SzKmi4YxKZNCv76 GnCFsz8ur4GgluiyC0b2LlQPmOW/EqU2JBY9mCdXb45MjAD8oDhBAD819rCIY8Y/o/FK jbBIg8Hb1/Dv2aV+2gM7YQQozuhMp7bcHjdNTQdjzynItrfTevmtrMBLdNCkI+FxHsg6 bU9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721062853; x=1721667653; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2Ie1gN2SHLrfe/0FrhEuxaUxgGnOHO6H3BZSTnhwi/8=; b=RbHUNI7Wr2dH6kKCPtJ5IlZFz2/O8gFws2BisTHqh/EVZh81+nasi0YagFYGaTRC9G Y409a2Wl2VqKgoHQa+JAQZBMBNtqaEPNRhdwFvhDiOMjT+FWslr5DhMkj4iQ0L5gSoEG eIMdXVt7NfvJY1aVPMOtWQYWl5ufY0FqPCm3nUvkyDGS/RYWzzqfnjyaFGhrQsVJvCHu 3Nis2nQgq4CYNgG9L2osBhhqk039jAKtyrAHYA5RmhpBLFjN9E/8y+UdHBt+rycnU84z xyNryWbeeVHFKvClbdtIONd5wfR1RBn6gDF67Ize73KvIM8Y+jvq3r/IISIC+rTFwHfR 8dSg== X-Forwarded-Encrypted: i=1; AJvYcCWclFCBFD5eBbES+U9Xspwu0cFr3s7mkPv6w6c4EAAWLFfPztFUq92U3+wF7+KjhMuYC8uxWEP7GKhcn4ZaDTp48JvQlWU= X-Gm-Message-State: AOJu0Yxl9lToB4y8mngbMbv3ULoF0GKwi3GPr19ehDdlICLi7EXfblW7 DjX6rE+fDkCmPtxzxcT20wlob9pA4PskzZFH58QWtj0ntiwQmbuyBHBigZnhHE/q68DicZ1tcug Dj9FVjcJhF7kq7cSX8HoQ+D1WUe9kPpcI1RNwDA== X-Google-Smtp-Source: AGHT+IH9Tfo4UzMMu/08nZmWmgEZPa55m2qHNUuAIRFd+xLvNQW13uazkTlop3wraXPPXBbtnIJahh3x72VpkYs4R/M= X-Received: by 2002:a05:6122:3bd0:b0:4ef:27e0:3f8c with SMTP id 71dfb90a1353d-4f4cd124935mr748995e0c.0.1721062849793; Mon, 15 Jul 2024 10:00:49 -0700 (PDT) MIME-Version: 1.0 References: <86ed921oxu.fsf@gnu.org> <874j9vllbp.fsf@localhost> <87o781t676.fsf@localhost> <874j9qs0wh.fsf@localhost> <87ed8mtyp0.fsf@localhost> <87msn7kffy.fsf@localhost> <87o77my9mp.fsf@localhost> <87y16j4nbe.fsf@localhost> <87o77ak70y.fsf@localhost> <87wmls5hzb.fsf@localhost> In-Reply-To: <87wmls5hzb.fsf@localhost> From: Daniel Clemente Date: Mon, 15 Jul 2024 17:00:23 +0000 Message-ID: Subject: Re: org-encrypt-entries is slow (was: org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options)) To: Ihor Radchenko Cc: Eli Zaretskii , emacs-orgmode@gnu.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2607:f8b0:4864:20::a36; envelope-from=n142857@gmail.com; helo=mail-vk1-xa36.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Queue-Id: F035238202 X-Migadu-Scanner: mx13.migadu.com X-Migadu-Spam-Score: -9.74 X-Spam-Score: -9.74 X-TUID: oUe0PeR8No0G In that branch, I don't see the previously mentioned bugs; thanks. But org-crypt still feels strange. For instance, I decrypt a header, add a space somewhere else and save. It's saved, but the header is still visibly unencrypted in Emacs; that's unexpected, because org-crypt-use-before-save-magic promised to =E2=80=9Eautomatically encrypt entries before a file is saved to disk=E2=80=9C. I checked the file from outside Emacs and I see that the header is actually encrypted, so technically it did what it promised to do though I don't see it in Emacs. So there's a discordance between what I see and what is saved. Maybe it's feature, not a bug: =E2=80=9Eyou still see the decrypted contents but = you can trust that when they're saved they'll be saved encrypted=E2=80=9C. This may be clarified in the docstring. If it's a feature, I think it may be useful; I just don't like having to trust that the silent background-auto-encryption is working (I'll often want to verify the file from outside Emacs). But users may have different preferences. This may be material for another thread. The part about the slowness has improved to acceptable levels, thanks. Minor thing, not important now: the cursor jumps to the end of the header after a C-x C-s when in the middle of a currently-decrypted block without changes. Another minor thing: I use a key that calls (org-save-all-org-buffers), and if I press it e.g. from the *scratch* buffer it may ask me the =E2=80=9EPassphrase for symmetric encryption=E2=80= =9C question (because I edited some crypted section) but I don't know which buffer it's asking about. But it's not a problem because if I press C-g then I'll see it. I see a new problem: with (org-crypt-use-before-save-magic) enabled, I edit a decrypted section, press C-x C-s to save and it asks me for the encryption password. Here, if I press C-g, org-crypt would catch it and then tell me that it won't be able to encrypt due to the C-g. However I'm not pressing C-g, what I'm doing is opening another TTY frame (I'm running TTY emacsclient, with no X support, but under urxvt); this makes the minibuffer disappear, and I see =E2=80=9EBack to top level=E2=80=9C, and the whole contents of the section being encrypted are lost. On Thu, 11 Jul 2024 at 10:39, Ihor Radchenko wrote: > > Daniel Clemente writes: > > > I see it's trying to decrypt things (therefore it asks for the > > password). It shouldn't, since I didn't modify any encrypted section. > > I said =E2=80=9Eit asked me for an encryption password=E2=80=9C because= the GPG prompt > > confusingly uses the word =E2=80=9Eencryption=E2=80=9C (=E2=80=9EPassph= rase for symmetric > > encryption=E2=80=9C), though it's actually asking for a decryption pass= word. > > ... > > This is the text "abc" encrypted with password "abc". Use this file: > > > > * hi := nocrypt: > > -----BEGIN PGP MESSAGE----- > > > > jA0ECQMCVpS/qSoed5f/0joBYoIRWdgt/+PVQCsZh9sg176SdnvP2Wc8tH/CV1Rk > > l2MjAh3Rk19Q2aP2EffpZ5CFeGELTMXCnCYv > > =3DFNtI > > -----END PGP MESSAGE----- > > > > Open the file, add a space to the title and save it. The first time it > > works (no questions asked) because there's no tag called :crypt: > > Now change the :nocrypt: to :crypt: and save. It asks for the > > password. Press C-g to cancel. > > Change again the tag to :nocrypt:. Save. It asks for the encryption > > password; it shouldn't. > > Add a space to the title, save, it keeps asking for the encryption > > password, though there's no :crypt: section. > > This should be fixed now. > May you try yet again? > > >> > - Org spends around 20 seconds trying to save the file, in a loop, > >> > reporting: (error "org-crypt: Encryption failed. Not saving the > >> > buffer. Error: GPG error: \"Encrypt failed\", \"Canceled; Exit\"") > >> > >> This is curious, but I again have no clue. Maybe the new version of th= e > >> branch works a bit better. > >> > > > > Since this error can happen because of a problem in a different buffer > > (not the current one), would it be good to mention the file name in > > that error message? > > Yes. Done now on the branch. > > > I didn't see this particular problem again. But I see others, which > > are hard to report and reproduce. For instance I had an encrypted > > section under a :crypt: header (I see =E2=80=9EBEGIN PGP=E2=80=9C and h= ex codes), I > > save, and saving *UNencrypts* the header before saving, without > > asking. It should never decrypt when saving, but it does. This happens > > with the same small example I posted above (but using the :crypt: > > tag). > > The other problem you reported had something to do with incorrectly > cycling encryption state during save. I hope that fixing one also fixed > another. > > -- > Ihor Radchenko // yantar92, > Org mode contributor, > Learn more about Org mode at . > Support Org development at , > or support my work at