Differences

This shows you the differences between two versions of the page.

--- plugin:crypto [2011-01-19 17:39] – 87.25.240.26
+++ plugin:crypto [2018-05-30 21:40] (current) – [Download and Installation] Klap-in
@@ Line 1: / Line 1: @@
-====== crypto plugin ======
+====== crypto Plugin ======
 ---- plugin ----
@@ Line 7: / Line 7: @@
 type       : syntax, action
 lastupdate : 2010-05-04
-compatible : 2009-12-02
+compatible : 2010-11-07, 2011-05-25
 depends    :
 conflicts  :
@@ Line 20: / Line 20: @@
 ===== Download and Installation =====
-Download and install the plugin using the [[plugin:plugin|Plugin Manager]] using the URL given above. Refer to [[:Plugins]] on how to install plugins manually.
+Search and install the plugin using the [[plugin:extension|Extension Manager]]. Refer to [[:Plugins]] on how to install plugins manually.
 ===== Syntax and Usage =====
@@ Line 27: / Line 27: @@
 ====== Comments ======
+**Just to emphasize what Martin says below, I have recently upgrade my Ubuntu server running DokuWiki from 12.04 to 13.10 and I now cannot decrypt ANY of my encrypted data!!!** OMG! 8-O
+We noted that the **Blowfish** implementation used by this Plugin is **__platform dependent__**((https://bugs.dokuwiki.org/index.php?do=details&task_id=2685)) and does not comply with the standard Blowfish algorithm. Transfer of the encrypted passwords may be impossible when moving a wiki
+to some other machine.
+Martin
+Good work. But does, unfortunately, not work with Release 2013-05-10a "Weatherwax". Does anybody know how to fix this?
+Martin
 Nice done... but there is a security hole. You send a "secret" pass-phrase in clear text over network. It's very easy to sniff a password by capturing your POST request to a server. IMHO encryption/decryption process should be done only on the client side, otherwise "man in the middle" attack are guarantee.