search

taoensso / nippy

The fastest serialization library for Clojure
https://www.taoensso.com/nippy
Eclipse Public License 1.0
1.04k stars 60 forks source link

Q: datums encrypted with nippy/2.13.0 are not readable by older version nippy/2.7.0 #100

Closed BrunoBonacci closed 7 years ago

BrunoBonacci commented 7 years ago

Hi,

if I encrypt a message using the latest nippy version (2.13.0), these messages are not readable by older versions of nippy (2.7.0) despite using the same compressor and encryptor.

example (with nippy-2.13.0)

(nippy/freeze
  ;; sample data
 {:a :b} 
 ;; options
 {:compressor taoensso.nippy.compression/lz4-compressor
  :encryptor  taoensso.nippy.encryption/aes128-encryptor
  :password   [:cached "password"]})

;; produces the following bytes (different on every execution)
;;=>
[78, 80, 89, 9, -54, 67, -20, -20, -12, -78, -42, 82, -44, -80, 4,
 69, 74, -17, 127, -35, 20, 67, -33, 0, 69, -67, 29, 112, 120, 35,
 106, -35, 13, 61, -94, -123]

However if I try to read this payload using nippy/2.7.0

(-> [78, 80, 89, 9, -54, 67, -20, -20, -12, -78, -42, 82, -44, -80, 4,
     69, 74, -17, 127, -35, 20, 67, -33, 0, 69, -67, 29, 112, 120, 35,
     106, -35, 13, 61, -94, -123]
    (byte-array)
    (nippy/thaw {:compressor taoensso.nippy.compression/lz4-compressor
                 :encryptor  taoensso.nippy.encryption/aes128-encryptor
                 :password   [:cached "password"]}))

;;=> ExceptionInfo Thaw failed: Decryption/decompression failure, or data unfrozen/damaged.  clojure.core/ex-info (core.clj:4617)

Is this something we should expect or it is an unwanted behaviour? Is there a set of options which we can pass to freeze in order to produce encrypted messages which are readable by older nippy versions?

BrunoBonacci commented 7 years ago

It seems that this incompatibility was introduced with this commit (tested via git bisect)

commit 327a800d8010931558c624aaaaf7a7cc5751ca7d
Author: Peter Taoussanis <ptaoussanis@gmail.com>
Date:   Mon Sep 28 16:38:48 2015 +0700

    Experimental: optimize common case of small maps, sets, vectors
ptaoussanis commented 7 years ago

Hi Bruno,

I'm afraid the behaviour you're seeing is expected; Nippy is a versioned format and generally only promises to be forward-compatible.

Data frozen with Nippy version x is expected to be readable with Nippy version >= x. It appears that you're trying to go the other way round.

BrunoBonacci commented 7 years ago

thanks for your clarification.

ptaoussanis commented 7 years ago

No problem, apologies if this wasn't clear from the documentation.