security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

agent: Use OCB for key protection with --enable-extended-key-format.

Browse source 
* agent/protect.c (PROT_DEFAULT_TO_OCB): Remove macro.
(agent_protect): Make the default protection mode depend on the extend
key format option.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-04-02 20:02:55 +02:00
parent 0039d7107b
commit d24375271b
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 3 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

7
agent/protect.c
View file

@ -42,11 +42,6 @@
#include "../common/sexp-parse.h"
/* To use the openpgp-s2k3-ocb-aes scheme by default set the value of
* this macro to 1. Note that the caller of agent_protect may
* override this default. */
#define PROT_DEFAULT_TO_OCB 0
/* The protection mode for encryption. The supported modes for
decryption are listed in agent_unprotect(). */
#define PROT_CIPHER GCRY_CIPHER_AES128
@ -580,7 +575,7 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
int have_curve = 0;
if (use_ocb == -1)
use_ocb = PROT_DEFAULT_TO_OCB;
use_ocb = opt.enable_extended_key_format;
/* Create an S-expression with the protected-at timestamp. */
memcpy (timestamp_exp, "(12:protected-at15:", 19);