Fix the previous commit.

* g10/ecdh.c (kek_params_table): Revert the change.
* scd/app-openpgp.c (ecdh_params): Use CIPHER_ALGO_AES256
for 384-bit key.

--

Avoiding CIPHER_ALGO_AES192 is intentional here.

Signed-off-by: NIIBE Yutaka <[email protected]>

2 files changed, 4 insertions, 4 deletions

diff --git a/g10/ecdh.c b/g10/ecdh.c
index 5bbea96c0..6587cc4b4 100644
--- a/g10/ecdh.c
+++ b/g10/ecdh.c
@@ -39,7 +39,7 @@ static const struct
   /* Note: Must be sorted by ascending values for QBITS.  */
   {
     { 256, DIGEST_ALGO_SHA256, CIPHER_ALGO_AES    },
-    { 384, DIGEST_ALGO_SHA384, CIPHER_ALGO_AES192 },
+    { 384, DIGEST_ALGO_SHA384, CIPHER_ALGO_AES256 },
 
     /* Note: 528 is 521 rounded to the 8 bit boundary */
     { 528, DIGEST_ALGO_SHA512, CIPHER_ALGO_AES256 }
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 62b3cbc2f..1e904b578 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -1448,13 +1448,13 @@ ecdh_params (const char *curve)
   /* See RFC-6637 for those constants.
          0x03: Number of bytes
          0x01: Version for this parameter format
-         KDF hash algo
-         KEK symmetric cipher algo
+         KEK digest algorithm
+         KEK cipher algorithm
   */
   if (nbits <= 256)
     return (const unsigned char*)"\x03\x01\x08\x07";
   else if (nbits <= 384)
-    return (const unsigned char*)"\x03\x01\x09\x08";
+    return (const unsigned char*)"\x03\x01\x09\x09";
   else
     return (const unsigned char*)"\x03\x01\x0a\x09";
 }