response

doc/bugs/sharedpubkey_is_using_a_different_filename_encryption_method_than_shared/comment_1_72dbc03edbd8559527968c504c4fe7af._comment

@@ -0,0 +1,28 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2018-07-19T20:38:12Z"
+ content="""
+Shared only uses the first 256 bytes of the cipher to
+encrypt filenames, while sharedpubkey uses the entire cipher.
+
+That difference makes sense, since shared uses the second half of the cipher to
+encrypt file contents, while sharedpubkey encrypts that to the gpg key(s).
+
+You are truncating the sharedpubkey cipher to 256 bytes; I suspect if you
+don't, it will work. If it still doesn't work, refer to the working code
+that I posted in the forum thread earlier.
+
+I don't think that doc/encryption.mdwn needs to go into detailed specifics.
+If someone would like to write a fully detailed explanation of how the
+encryption works it could go in doc/internals.mdwn or someplace like that.
+
+(Crypto.hs is also not hard to follow if you look at the types:
+cipherMac of a MacOnlyCipher uses the whole cipher, while
+cipherMac of a Cipher uses only the beginning of the cipher.
+And decryptCipher of a SharedPubKeyCipher creates a MacOnlyCipher.)
+
+This bug certianly does not warrent changing the behavior of git-annex,
+which would in any case only complicate the situation since it would still
+need to support the current data.
+"""]]

doc/forum/Shared_pubkeys__58___decrypting_files_in_special_remotes_without_git-annex/comment_9_a27a661e8b589cffb4acad3591586433._comment

@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 9"""
+ date="2018-07-19T20:30:18Z"
+ content="""
+I tested the script fragement that I posted.
+
+The obvious difference between shared and sharedpubkey, if you look
+at that script fragement, is that shared only uses the first 256 bytes
+of the cipher to encrypt filenames, while sharedpubkey uses the entire
+cipher. 
+"""]]