security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

* encrypt.c (init_dek): Use gry_create_nonce for the IV; there is 

not need for real strong random here and it even better protect
the random bits used for the key.
This commit is contained in:
Werner Koch 2003-12-16 11:31:46 +00:00
parent f18d0e557c
commit d0fbe288b2
5 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sm/ChangeLog
View File

@ -1,3 +1,9 @@
2003-12-15 Werner Koch <wk@gnupg.org>
* encrypt.c (init_dek): Use gry_create_nonce for the IV; there is
not need for real strong random here and it even better protect
the random bits used for the key.
2003-12-01 Werner Koch <wk@gnupg.org>
* gpgsm.c, gpgsm.h: New options --{enable,disable}-ocsp.

2
sm/decrypt.c
View File

@ -51,7 +51,7 @@ struct decrypt_filter_parm_s {
/* decrypt the session key and fill in the parm structure. The
/* Decrypt the session key and fill in the parm structure. The
algo and the IV is expected to be already in PARM. */
static int
prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,

4
sm/encrypt.c
View File

@ -61,7 +61,7 @@ struct encrypt_cb_parm_s {
/* initialize the data encryptionkey (session key) */
/* Initialize the data encryption key (session key). */
static int
init_dek (DEK dek)
{
@ -112,7 +112,7 @@ init_dek (DEK dek)
return rc;
}
gcry_randomize (dek->iv, dek->ivlen, GCRY_STRONG_RANDOM);
gcry_create_nonce (dek->iv, dek->ivlen);
rc = gcry_cipher_setiv (dek->chd, dek->iv, dek->ivlen);
if (rc)
{

4
sm/gpgsm.c
View File

@ -211,8 +211,8 @@ static ARGPARSE_OPTS opts[] = {
{ 300, NULL, 0, N_("@Commands:\n ") },
{ aSign, "sign", 256, N_("|[file]|make a signature")},
{ aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") },
{ aSign, "sign", 256, N_("|[FILE]|make a signature")},
{ aClearsign, "clearsign", 256, N_("|[FILE]|make a clear text signature") },
{ aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
{ aEncr, "encrypt", 256, N_("encrypt data")},
{ aSym, "symmetric", 256, N_("encryption only with symmetric cipher")},

2
sm/server.c
View File

@ -49,7 +49,7 @@ struct server_local_s {
/* note, that it is sufficient to allocate the target string D as
/* Note that it is sufficient to allocate the target string D as
long as the source string S, i.e.: strlen(s)+1; */
static void
strcpy_escaped_plus (char *d, const unsigned char *s)