aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2003-12-16 11:30:57 +0000
committerWerner Koch <[email protected]>2003-12-16 11:30:57 +0000
commitf18d0e557ce7644af8ccf3feae789afc4915daa5 (patch)
treee87021395a253da542ba421873bc57b8a5d0605a
parent* protect.c (do_encryption): Use gcry_create_nonce instad of the (diff)
downloadgnupg-f18d0e557ce7644af8ccf3feae789afc4915daa5.tar.gz
gnupg-f18d0e557ce7644af8ccf3feae789afc4915daa5.zip
* seckey-cert.c (protect_secret_key): Use gry_create_nonce for the
IV; there is not need for real strong random here and it even better protect the random bits used for the key.
Diffstat
-rw-r--r--g10/ChangeLog6
-rw-r--r--g10/seckey-cert.c3
2 files changed, 7 insertions, 2 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 897836191..849e6931a 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,9 @@
+2003-12-15 Werner Koch <[email protected]>
+
+ * seckey-cert.c (protect_secret_key): Use gry_create_nonce for the
+ IV; there is not need for real strong random here and it even
+ better protect the random bits used for the key.
+
2003-11-16 Moritz Schulte <[email protected]>
* signal.c: Removed unused file.
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index 5b0238240..7356cb224 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -346,8 +346,7 @@ protect_secret_key( PKT_secret_key *sk, DEK *dek )
assert( sk->protect.ivlen <= DIM(sk->protect.iv) );
if( sk->protect.ivlen != 8 && sk->protect.ivlen != 16 )
BUG(); /* yes, we are very careful */
- gcry_randomize (sk->protect.iv, sk->protect.ivlen,
- GCRY_STRONG_RANDOM);
+ gcry_create_nonce (sk->protect.iv, sk->protect.ivlen);
gcry_cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
if( sk->version >= 4 ) {
unsigned char *bufarr[PUBKEY_MAX_NSKEY];
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 18:49:44 +0000