diff --git a/agent/ChangeLog b/agent/ChangeLog index 9a4a07fb7..84ee1a7c8 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,12 @@ +2006-10-23 Werner Koch + + * minip12.c (parse_bag_encrypted_data, parse_bag_data): Allow for + a salt of 20 bytes. + +2006-10-20 Werner Koch + + * Makefile.am (t_common_ldadd): Use GPG_ERROR_LIBS instead -o just -l + 2006-10-19 Werner Koch * findkey.c (unprotect): Use it to avoid unnecessary calls to diff --git a/agent/Makefile.am b/agent/Makefile.am index b92543910..d8c56175f 100644 --- a/agent/Makefile.am +++ b/agent/Makefile.am @@ -83,7 +83,7 @@ $(PROGRAMS): $(common_libs) $(commonpth_libs) $(pwquery_libs) TESTS = t-protect t_common_ldadd = $(common_libs) \ - $(LIBGCRYPT_LIBS) -lgpg-error $(LIBINTL) + $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL) t_protect_SOURCES = t-protect.c protect.c t_protect_LDADD = $(t_common_ldadd) diff --git a/agent/minip12.c b/agent/minip12.c index 536170856..2da118022 100644 --- a/agent/minip12.c +++ b/agent/minip12.c @@ -497,7 +497,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length, const unsigned char *p_start = buffer; size_t n = length; const char *where; - char salt[16]; + char salt[20]; size_t saltlen; unsigned int iter; unsigned char *plain = NULL; @@ -575,7 +575,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length, if (parse_tag (&p, &n, &ti)) goto bailout; if (ti.class || ti.tag != TAG_OCTET_STRING - || ti.length < 8 || ti.length > 16 ) + || ti.length < 8 || ti.length > 20 ) goto bailout; saltlen = ti.length; memcpy (salt, p, saltlen); @@ -909,7 +909,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset, const unsigned char *p_start = buffer; size_t n = length; const char *where; - char salt[16]; + char salt[20]; size_t saltlen; unsigned int iter; int len; @@ -997,7 +997,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset, if (parse_tag (&p, &n, &ti)) goto bailout; if (ti.class || ti.tag != TAG_OCTET_STRING - || ti.length < 8 || ti.length > 16) + || ti.length < 8 || ti.length > 20) goto bailout; saltlen = ti.length; memcpy (salt, p, saltlen);