From d0fbe288b2c50d4b5a5bdf2271e964a5328a56a4 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 16 Dec 2003 11:31:46 +0000
Subject: [PATCH] * encrypt.c (init_dek): Use gry_create_nonce for the IV;
 there is not need for real strong random here and it even better protect the
 random bits used for the key.

---
 sm/ChangeLog | 6 ++++++
 sm/decrypt.c | 2 +-
 sm/encrypt.c | 4 ++--
 sm/gpgsm.c   | 4 ++--
 sm/server.c  | 2 +-
 5 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/sm/ChangeLog b/sm/ChangeLog
index fc4fcd07a..2363eb91b 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,9 @@
+2003-12-15  Werner Koch  <wk@gnupg.org>
+
+	* encrypt.c (init_dek): Use gry_create_nonce for the IV; there is
+	not need for real strong random here and it even better protect
+	the random bits used for the key.
+
 2003-12-01  Werner Koch  <wk@gnupg.org>
 
 	* gpgsm.c, gpgsm.h: New options --{enable,disable}-ocsp.
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 23858efa8..671b4aa5e 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -51,7 +51,7 @@ struct decrypt_filter_parm_s {
 
 
 
-/* decrypt the session key and fill in the parm structure.  The
+/* Decrypt the session key and fill in the parm structure.  The
    algo and the IV is expected to be already in PARM. */
 static int 
 prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,
diff --git a/sm/encrypt.c b/sm/encrypt.c
index 616949bf4..60752fa07 100644
--- a/sm/encrypt.c
+++ b/sm/encrypt.c
@@ -61,7 +61,7 @@ struct encrypt_cb_parm_s {
 
 
 
-/* initialize the data encryptionkey (session key) */
+/* Initialize the data encryption key (session key). */
 static int
 init_dek (DEK dek)
 {
@@ -112,7 +112,7 @@ init_dek (DEK dek)
       return rc;
     }
 
-  gcry_randomize (dek->iv, dek->ivlen, GCRY_STRONG_RANDOM);
+  gcry_create_nonce (dek->iv, dek->ivlen);
   rc = gcry_cipher_setiv (dek->chd, dek->iv, dek->ivlen);
   if (rc)
     {
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index 161d185b1..d3180adee 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -211,8 +211,8 @@ static ARGPARSE_OPTS opts[] = {
 
     { 300, NULL, 0, N_("@Commands:\n ") },
 
-    { aSign, "sign",      256, N_("|[file]|make a signature")},
-    { aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") },
+    { aSign, "sign",      256, N_("|[FILE]|make a signature")},
+    { aClearsign, "clearsign", 256, N_("|[FILE]|make a clear text signature") },
     { aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
     { aEncr, "encrypt",   256, N_("encrypt data")},
     { aSym, "symmetric", 256, N_("encryption only with symmetric cipher")},
diff --git a/sm/server.c b/sm/server.c
index dda150964..20ba51301 100644
--- a/sm/server.c
+++ b/sm/server.c
@@ -49,7 +49,7 @@ struct server_local_s {
 
 
 
-/* note, that it is sufficient to allocate the target string D as
+/* Note that it is sufficient to allocate the target string D as
    long as the source string S, i.e.: strlen(s)+1; */
 static void
 strcpy_escaped_plus (char *d, const unsigned char *s)