Skip to content

Symmetric encryption in dup handler is broken

Sanity check in handlers/dup.in is incorrect:

[ -n "$signpassword" -a -n "$signkey" -a -n "$encryptkey" -a "$signkey" != "$encryptkey" ] || fatal "The signpassword option must be set because signkey is different from encryptkey."

It means "if sign password is set and sign key is set and encrypt key is set and sign key is not equals to encrypt key, then everything is ok, otherwise its an error". So, if sign key is not set (i.e. symmetric encryption are requested), this check would fail.

I think, more correct check should be like this:

if [ -z "$signpassword" -a -n "$signkey" -a -n "$encryptkey" -a "$signkey" != "$encryptkey" ] ; then
  fatal "The signpassword option must be set because signkey is different from encryptkey."
fi

"If sign password is not set and sign key is set and encrypt key is set and sign key not equals to encrypt key, its an error", as stated in error description.

This issue could be related to #2603 (closed).

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information