Fix length of KEK, no additional data.

Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2022-02-21 07:20:19 +0000
committer: NIIBE Yutaka <[email protected]> 2022-02-21 07:20:19 +0000
commit: 19ed4458454b835bddc418c91264ed934b4668a2 (patch)
tree: 7ea91e21c9ee75af4a7bfcd09dec3f095ff8301c
parent: experiment with Argon2id. (diff)
download: gnupg-19ed4458454b835bddc418c91264ed934b4668a2.tar.gz
gnupg-19ed4458454b835bddc418c91264ed934b4668a2.zip
1 files changed, 3 insertions, 7 deletions
diff --git a/g10/passphrase.c b/g10/passphrase.c
index c7d31324c..1792c00d3 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -558,19 +558,15 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k,
       if (s2k->mode == 4)
         {
           unsigned long param[4];
-          unsigned char ad[4];
 
-          param[0] = dek->keylen + 1;
+          param[0] = dek->keylen;
           param[1] = s2k->u.a.t;
           param[2] = (1UL << ((s2k->u.a.m & 0x1f) - 10));
           param[3] = s2k->u.a.p;
-          ad[0] = 0xc3;
-          ad[1] = 0x04;
-          ad[2] = dek->algo;
           err = gnupg_kdf_derive (GCRY_KDF_ARGON2, GCRY_KDF_ARGON2ID,
                                   param, 4, pw, strlen (pw),
-                                  s2k->u.a.salt, 16, NULL, 0, ad, 3,
-                                  dek->keylen + 1, dek->key);
+                                  s2k->u.a.salt, 16, NULL, 0, NULL, 0,
+                                  dek->keylen, dek->key);
         }
       else
         err = gcry_kdf_derive (pw, strlen (pw),
author	NIIBE Yutaka <[email protected]>	2022-02-21 07:20:19 +0000
committer	NIIBE Yutaka <[email protected]>	2022-02-21 07:20:19 +0000
commit	19ed4458454b835bddc418c91264ed934b4668a2 (patch)
tree	7ea91e21c9ee75af4a7bfcd09dec3f095ff8301c
parent	experiment with Argon2id. (diff)
download	gnupg-19ed4458454b835bddc418c91264ed934b4668a2.tar.gz gnupg-19ed4458454b835bddc418c91264ed934b4668a2.zip