1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

* encrypt.c (init_dek): Use gry_create_nonce for the IV; there is

not need for real strong random here and it even better protect
the random bits used for the key.
This commit is contained in:
Werner Koch 2003-12-16 11:31:46 +00:00
parent f18d0e557c
commit d0fbe288b2
5 changed files with 12 additions and 6 deletions

View File

@ -1,3 +1,9 @@
2003-12-15 Werner Koch <wk@gnupg.org>
* encrypt.c (init_dek): Use gry_create_nonce for the IV; there is
not need for real strong random here and it even better protect
the random bits used for the key.
2003-12-01 Werner Koch <wk@gnupg.org> 2003-12-01 Werner Koch <wk@gnupg.org>
* gpgsm.c, gpgsm.h: New options --{enable,disable}-ocsp. * gpgsm.c, gpgsm.h: New options --{enable,disable}-ocsp.

View File

@ -51,7 +51,7 @@ struct decrypt_filter_parm_s {
/* decrypt the session key and fill in the parm structure. The /* Decrypt the session key and fill in the parm structure. The
algo and the IV is expected to be already in PARM. */ algo and the IV is expected to be already in PARM. */
static int static int
prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val, prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val,

View File

@ -61,7 +61,7 @@ struct encrypt_cb_parm_s {
/* initialize the data encryptionkey (session key) */ /* Initialize the data encryption key (session key). */
static int static int
init_dek (DEK dek) init_dek (DEK dek)
{ {
@ -112,7 +112,7 @@ init_dek (DEK dek)
return rc; return rc;
} }
gcry_randomize (dek->iv, dek->ivlen, GCRY_STRONG_RANDOM); gcry_create_nonce (dek->iv, dek->ivlen);
rc = gcry_cipher_setiv (dek->chd, dek->iv, dek->ivlen); rc = gcry_cipher_setiv (dek->chd, dek->iv, dek->ivlen);
if (rc) if (rc)
{ {

View File

@ -211,8 +211,8 @@ static ARGPARSE_OPTS opts[] = {
{ 300, NULL, 0, N_("@Commands:\n ") }, { 300, NULL, 0, N_("@Commands:\n ") },
{ aSign, "sign", 256, N_("|[file]|make a signature")}, { aSign, "sign", 256, N_("|[FILE]|make a signature")},
{ aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") }, { aClearsign, "clearsign", 256, N_("|[FILE]|make a clear text signature") },
{ aDetachedSign, "detach-sign", 256, N_("make a detached signature")}, { aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
{ aEncr, "encrypt", 256, N_("encrypt data")}, { aEncr, "encrypt", 256, N_("encrypt data")},
{ aSym, "symmetric", 256, N_("encryption only with symmetric cipher")}, { aSym, "symmetric", 256, N_("encryption only with symmetric cipher")},

View File

@ -49,7 +49,7 @@ struct server_local_s {
/* note, that it is sufficient to allocate the target string D as /* Note that it is sufficient to allocate the target string D as
long as the source string S, i.e.: strlen(s)+1; */ long as the source string S, i.e.: strlen(s)+1; */
static void static void
strcpy_escaped_plus (char *d, const unsigned char *s) strcpy_escaped_plus (char *d, const unsigned char *s)