security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-08 12:44:23 +01:00
Code Activity

* seckey-cert.c (protect_secret_key): Use gry_create_nonce for the

Browse Source 
IV; there is not need for real strong random here and it even
better protect the random bits used for the key.
This commit is contained in:
Werner Koch 2003-12-16 11:30:57 +00:00
parent d06cba6984
commit f18d0e557c
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
g10/ChangeLog
View File

@ -1,3 +1,9 @@
2003-12-15 Werner Koch <wk@gnupg.org>
* seckey-cert.c (protect_secret_key): Use gry_create_nonce for the
IV; there is not need for real strong random here and it even
better protect the random bits used for the key.
2003-11-16 Moritz Schulte <mo@g10code.com> 2003-11-16 Moritz Schulte <mo@g10code.com>
* signal.c: Removed unused file. * signal.c: Removed unused file.

3
g10/seckey-cert.c
View File

@ -346,8 +346,7 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
assert( sk->protect.ivlen <= DIM(sk->protect.iv) ); assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 ) if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 )
BUG(); /* yes, we are very careful */ BUG(); /* yes, we are very careful */
gcry_randomize (sk->protect.iv, sk->protect.ivlen, gcry_create_nonce (sk->protect.iv, sk->protect.ivlen);
GCRY_STRONG_RANDOM);
gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen ); gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
if( sk->version >= 4 ) { if( sk->version >= 4 ) {
unsigned char *bufarr[PUBKEY_MAX_NSKEY]; unsigned char *bufarr[PUBKEY_MAX_NSKEY];