From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms13.migadu.com with LMTPS id 2JFEATQGoWZlagEA62LTzQ:P1 (envelope-from ) for ; Wed, 24 Jul 2024 13:48:36 +0000 Received: from aspmx1.migadu.com ([2001:41d0:303:e16b::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id 2JFEATQGoWZlagEA62LTzQ (envelope-from ) for ; Wed, 24 Jul 2024 15:48:36 +0200 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=cg4opUHu; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1721828915; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=cXurRQu4cyGbAzlMeND9GwrjswlQNOLpiNzg4vE/UHI=; b=jCoVJ3diupUH0Q+xHWBkBUTdLawxScN3LlGr3EgG+vauonYv2coWvKCPr/CR3LegKOSV2d lMZ4bKQiWwwga0dRgOeJTkHbDWg386gQpOfRjw8mBX7rtsszgyIGxTgS1esSF3Y59+Akur Jr3FMRE9vunppSTLitIQXK9XQzOqOQ5BWEcijN2VX2xvc9dStdiXeBhDfE+U/mu9r5yV4b cLXqjYaE+xn5jRVm2NfPwOUat+7wo4ASq2Ig9ORt6MhZ8RbHQX+/2ojpCI1WLCufMRiVzZ +MewpAwqUSiXohxaSRqvElhVPLXMumEdHy4nrA7chqOReKJPV7XXVjjfXgZW5A== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=cg4opUHu; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org"; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=key1; d=yhetil.org; t=1721828915; a=rsa-sha256; cv=none; b=c5hl8/SROSW9BJSxMhetdtdc4fE7+kXUHtqirySXAlwWlAIOAbFiooCdXqhwvZg/3lCyXz S+ynp83zmEkJMSvf9/O4V8YK/L0pVxIlKO5ouPhVpf6vVNZ2zKVrSGNK4MTJ3jyiaD9yxp mzFvAbIsrKYF+F2/ePnKU89v3PRndgR0+gl6n3O+ONkJQW8bAhCG3DSdnkrcnVaHSl3K2s uUzev2VWF8NHDHwljQo3bzHJ3bKhksNO93k1+/NQjV8ipvg2QR5kF3/vdhFbcZD/wQWUtr WR4QWuo5zFUIRW5uFlDZQF11Xkh6Xgl2SdYXBhu3LQur3oitSQbi9R57WwjebA== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id C4A6211781 for ; Wed, 24 Jul 2024 15:48:35 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1sWcLr-0003Hk-21; Wed, 24 Jul 2024 09:48:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1sWcLq-0003D1-1a for emacs-orgmode@gnu.org; Wed, 24 Jul 2024 09:48:18 -0400 Received: from mail-vs1-xe31.google.com ([2607:f8b0:4864:20::e31]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1sWcLo-0002J8-3z; Wed, 24 Jul 2024 09:48:17 -0400 Received: by mail-vs1-xe31.google.com with SMTP id ada2fe7eead31-4928e347ac5so1057037137.3; Wed, 24 Jul 2024 06:48:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721828894; x=1722433694; darn=gnu.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=cXurRQu4cyGbAzlMeND9GwrjswlQNOLpiNzg4vE/UHI=; b=cg4opUHuinmq6bU712ns42bzHTrXrhBt/fEcUakbslVB6gvxubtpXKkWvR2BuVjKVP PUy9Du/MARmUUkZpNj7KLSNkYjeJD5xjhlvRer38JhCXf+4CWsIpciWrzO5iXsEb8d4/ EZVcdKIne5FUyH8+8PQtdTb+XpXjyNhYP4KlWCmH0NDbDOLb22gd0vHXx02ydriKzEoh mV31ayR78hCrtkM39z+8/Yj5Or2VlsbXwjf977XggNZvf8cEB1vyoQbXIYl0D5LlqAUl MZJEvjHy+jF/ouXJGjEayCiwGAEDLHhK9I77YdmBmeYBYxiaubN7iRlLyg+0IqvTCDMp HziQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721828894; x=1722433694; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cXurRQu4cyGbAzlMeND9GwrjswlQNOLpiNzg4vE/UHI=; b=Jc98p6Snq6rwbxyV5I1XmSk4kEpuVLyQoNywWI7Ev3CXRt45VeQOZKcBRIjIUbjkt+ D+unx0iCQmoVOKg+ODXoAPy0Va5GS6tuO+CBwhe9N/xjcN7gjdQmPwDyPHqyeprc031h BbKUCmrXAagrOw/0q5XhkeI/4W54cNIfc8/4wlFjO/kCsxHvEEjUyHh350ibJd6Nlk+Q 81PJyQa6b/2poWy7i2l0+iKBvU/ukei8ROWHsNv72Wt8tRtp1IE9zPxL98qTuy7zx4Ie sfyToxCvhnxkyYhHQoDjkk8qRzozLi2enRKEsVKxo/2Nmz/jH7PUexSaPujUzE+Ed8El dMlQ== X-Forwarded-Encrypted: i=1; AJvYcCUeZm/g46uUb1TGQzNTt3rtisQwLIFL0qqDWQf3U2DNo/6oExCJl3mGxR/CHYEpbVElg5gC1ndD9Xh0AvxvkSgM2ICE9r8= X-Gm-Message-State: AOJu0YwZPrNx5nKkpCdfJg9bXhq00m0SPfYczMMuBfVNaFIaHPAGOKvW 1XplevUKizmggjbmcAi9pta+jmKjpjJcTu4Q+3b5I301TiG1Af6T97Eu1K+2NPFimRcjE3//Wg7 NRYb3Oj4TZn45pzcJ5dnnvIVncpE= X-Google-Smtp-Source: AGHT+IH8MDOUihnhitArGC6nEzU0q9hYDjyTmhE1qveP7XbnmZgFrR5Y2HbjXa6qhy2Q0RwginuTH0TRMOilbzvdpX0= X-Received: by 2002:a05:6102:4bc2:b0:493:c767:3fe2 with SMTP id ada2fe7eead31-493c7675560mr1453452137.1.1721828894310; Wed, 24 Jul 2024 06:48:14 -0700 (PDT) MIME-Version: 1.0 References: <86ed921oxu.fsf@gnu.org> <874j9vllbp.fsf@localhost> <87o781t676.fsf@localhost> <874j9qs0wh.fsf@localhost> <87ed8mtyp0.fsf@localhost> <87msn7kffy.fsf@localhost> <87o77my9mp.fsf@localhost> <87y16j4nbe.fsf@localhost> <87o77ak70y.fsf@localhost> <87wmls5hzb.fsf@localhost> <87msmc40cw.fsf@localhost> In-Reply-To: <87msmc40cw.fsf@localhost> From: Daniel Clemente Date: Wed, 24 Jul 2024 13:47:47 +0000 Message-ID: Subject: Re: org-encrypt-entries is slow (was: org-crypt leaking data when encryption password is not entered twice (was: Please document the caching and its user options)) To: Ihor Radchenko Cc: Eli Zaretskii , emacs-orgmode@gnu.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=2607:f8b0:4864:20::e31; envelope-from=n142857@gmail.com; helo=mail-vs1-xe31.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Queue-Id: C4A6211781 X-Migadu-Scanner: mx13.migadu.com X-Migadu-Spam-Score: -9.75 X-Spam-Score: -9.75 X-TUID: Jypo7+6CQeOg The 3 small problems mentioned above are fixed, thanks. Encryption is faster, and safer now. The part about communicating the encryption status (communicating =E2=80=9Ethis is actually encrypted on dis= k even when you're seeing it unencrypted=E2=80=9C) can be improved later if others find the current behaviour confusing. In the =E2=80=9EBack to top level=E2=80=9C situation I mentioned, the encry= ption prompt is canceled, and I'm happy that now I don't lose the section I was encrypting. Maybe you wanted to have org-crypt also catch this case (encryption prompt canceled) to be able to show a =E2=80=9Ecould not encrypt=E2=80=9C m= essage. But I think it's good enough as it is: it stays unencrypted, and on the next attempt to save it, there will be another encryption password prompt. I found minor but unrelated issues, e.g. if you have an empty section like = this: ************* abc2 :cryp= t: ************* def =E2=80=A6 if you rename the abc2 header, e.g. to abc, it will ask the encryption password again, even when the contents (an empty header) didn't change. Another minor and weird bug: inline blocks. The part about showing the unencrypted contents while keeping the disk contents encrypted doesn't seem to work with encrypted inline blocks: they're saved encrypted, but they're displayed encrypted. In fact they can't be displayed unencrypted even if you call org-decrypt-contents. Maybe inline encrypted blocks aren't supported. To test this: ***** section ********************** this is an inline block :crypt: Content. If you want you can split this to other threads or just ignore these edge cases for now. On Sat, 20 Jul 2024 at 14:12, Ihor Radchenko wrote: > > Daniel Clemente writes: > > > But org-crypt still feels strange. For instance, I decrypt a header, > > add a space somewhere else and save. It's saved, but the header is > > still visibly unencrypted in Emacs; that's unexpected, because > > org-crypt-use-before-save-magic promised to =E2=80=9Eautomatically encr= ypt > > entries before a file is saved to disk=E2=80=9C. > > I checked the file from outside Emacs and I see that the header is > > actually encrypted, so technically it did what it promised to do > > though I don't see it in Emacs. > > So there's a discordance between what I see and what is saved. Maybe > > it's feature, not a bug: =E2=80=9Eyou still see the decrypted contents = but you > > can trust that when they're saved they'll be saved encrypted=E2=80=9C. = This > > may be clarified in the docstring. If it's a feature, I think it may > > be useful; I just don't like having to trust that the silent > > background-auto-encryption is working (I'll often want to verify the > > file from outside Emacs). But users may have different preferences. > > This may be material for another thread. > > Yup, I consider this as a feature. Especially for people using > auto-save-visited-mode and similar. If saving is triggered on timer, > while editing encrypted heading, encrypting everything in the middle of > typing is not fun. > > > Minor thing, not important now: the cursor jumps to the end of the > > header after a C-x C-s when in the middle of a currently-decrypted > > block without changes. > > Should be better now on the latest version of the branch. > > > Another minor thing: I use a key that calls > > (org-save-all-org-buffers), and if I press it e.g. from the *scratch* > > buffer it may ask me the =E2=80=9EPassphrase for symmetric encryption= =E2=80=9C > > question (because I edited some crypted section) but I don't know > > which buffer it's asking about. But it's not a problem because if I > > press C-g then I'll see it. > > Should also be better now. > > > I see a new problem: with (org-crypt-use-before-save-magic) enabled, I > > edit a decrypted section, press C-x C-s to save and it asks me for the > > encryption password. Here, if I press C-g, org-crypt would catch it > > and then tell me that it won't be able to encrypt due to the C-g. > > However I'm not pressing C-g, what I'm doing is opening another TTY > > frame (I'm running TTY emacsclient, with no X support, but under > > urxvt); this makes the minibuffer disappear, and I see =E2=80=9EBack to= top > > level=E2=80=9C, and the whole contents of the section being encrypted a= re > > lost. > > I tried to reproduce with the latest version of the branch. Seems to > work fine. May you test? > > -- > Ihor Radchenko // yantar92, > Org mode contributor, > Learn more about Org mode at . > Support Org development at , > or support my work at