From d06cba69849c3d2fb6ecdc9733885fc44b3efdb7 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 16 Dec 2003 11:30:38 +0000 Subject: [PATCH] * protect.c (do_encryption): Use gcry_create_nonce instad of the obsolete WEAK_RANDOM. --- agent/ChangeLog | 5 +++++ agent/protect.c | 8 ++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/agent/ChangeLog b/agent/ChangeLog index 24b22b7b1..c4a37f5e8 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,8 @@ +2003-12-15 Werner Koch + + * protect.c (do_encryption): Use gcry_create_nonce instad of the + obsolete WEAK_RANDOM. + 2003-11-20 Werner Koch * sexp-parse.h (snext): Don't use atoi_1 and digitp macros, so diff --git a/agent/protect.c b/agent/protect.c index e438d53b4..df8a9bfe7 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -168,12 +168,12 @@ do_encryption (const char *protbegin, size_t protlen, rc = out_of_core (); if (!rc) { - /* allocate random bytes to be used as IV, padding and s2k salt*/ - iv = gcry_random_bytes (blklen*2+8, GCRY_WEAK_RANDOM); + /* Allocate random bytes to be used as IV, padding and s2k salt. */ + iv = xtrymalloc (blklen*2+8); if (!iv) rc = gpg_error (GPG_ERR_ENOMEM); - else - rc = gcry_cipher_setiv (hd, iv, blklen); + gcry_create_nonce (iv, blklen*2+8); + rc = gcry_cipher_setiv (hd, iv, blklen); } if (!rc) {