g10: Fix symmetric cipher algo constant for ECDH.

* g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for ECC strength 384, according to RFC-6637. -- Reported-by: Trevor Bentley Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-12-22 10:19:57 +01:00 · 2019-03-13 09:12:14 +09:00 · 2019-03-13 09:12:14 +09:00 · af3efd149f
commit af3efd149f
parent 9f37e93dd7
2 changed files with 3 additions and 3 deletions
--- a/g10/ecdh.c
+++ b/g10/ecdh.c
@ -39,7 +39,7 @@ static const struct
  /* Note: Must be sorted by ascending values for QBITS.  */
  {
    { 256, DIGEST_ALGO_SHA256, CIPHER_ALGO_AES    },
-    { 384, DIGEST_ALGO_SHA384, CIPHER_ALGO_AES256 },
+    { 384, DIGEST_ALGO_SHA384, CIPHER_ALGO_AES192 },

    /* Note: 528 is 521 rounded to the 8 bit boundary */
    { 528, DIGEST_ALGO_SHA512, CIPHER_ALGO_AES256 }
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@ -1448,8 +1448,8 @@ ecdh_params (const char *curve)
  /* See RFC-6637 for those constants.
         0x03: Number of bytes
         0x01: Version for this parameter format
-         KDF algo
-        KEK algo
+         KDF hash algo
+         KEK symmetric cipher algo
  */
  if (nbits <= 256)
    return (const unsigned char*)"\x03\x01\x08\x07";