Fix the docstring of the vault native v0.2 exporter class
Marco Ricci commited on 2024-09-01 14:28:13
Zeige 1 geänderte Dateien mit 9 Einfügungen und 3 Löschungen.
The previous docstring was accidentally copy-pasted from the v0.3 class.
- src/derivepassphrase/exporter/vault_v03_and_below.py 46c3801..8466f56
| ... | ... |
@@ -267,9 +267,15 @@ class VaultNativeV03ConfigParser(VaultNativeConfigParser): |
| 267 | 267 |
|
| 268 | 268 |
|
| 269 | 269 |
class VaultNativeV02ConfigParser(VaultNativeConfigParser): |
| 270 |
- """A parser for vault's native configuration format (v0.3). |
|
| 271 |
- |
|
| 272 |
- This is the modern, pre-storeroom configuration format. |
|
| 270 |
+ """A parser for vault's native configuration format (v0.2). |
|
| 271 |
+ |
|
| 272 |
+ This is the classic configuration format. Compared to v0.3, it |
|
| 273 |
+ contains an (accidental) API misuse for the generation of the master |
|
| 274 |
+ keys, a low-entropy method of generating initialization vectors for |
|
| 275 |
+ the AES-CBC encryption step, and extra layers of base64 encoding. |
|
| 276 |
+ Because of these significantly weakened confidentiality guarantees, |
|
| 277 |
+ v0.2 configurations should be upgraded to at least v0.3 as soon as |
|
| 278 |
+ possible. |
|
| 273 | 279 |
|
| 274 | 280 |
""" |
| 275 | 281 |
|
| 276 | 282 |