Andrew Ayer 01f152b746 Check HMAC in smudge and diff commands ...

Git-crypt's position has always been that authentication is best left
to Git, since 1) Git provides immutable history based on SHA-1 hashes
as well as GPG-signed commits and tags, and 2) git-crypt can't be used
safely anyways unless the overall integrity of your repository is assured.

But, since git-crypt already has easy access to a (truncated) HMAC of the
file when decrypting, there's really no reason why git-crypt shouldn't
just verify it and provide an additional layer of protection.

2014-08-02 21:17:17 -07:00

3.4 KiB

Raw Blame History

View Raw