Added gpg-agent OPTION "s2k-count".

When unset or 0, the calibrated count will be used.
author: Ben Kibbey <[email protected]> 2011-06-29 00:35:13 +0000
committer: Werner Koch <[email protected]> 2011-06-29 11:17:25 +0000
commit: 137e3a0fbcdc579b56860651a9b5554f9449ed1e (patch)
tree: 26b354dda466de882f4c0bd50d576c67393f2f6a /agent/protect.c
parent: Fixed an URL typo in the FAQ. (diff)
download: gnupg-137e3a0fbcdc579b56860651a9b5554f9449ed1e.tar.gz
gnupg-137e3a0fbcdc579b56860651a9b5554f9449ed1e.zip
1 files changed, 9 insertions, 5 deletions
diff --git a/agent/protect.c b/agent/protect.c
index 7df82de03..64af4ed8e 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -309,7 +309,8 @@ calculate_mic (const unsigned char *plainkey, unsigned char *sha1hash)
 static int
 do_encryption (const unsigned char *protbegin, size_t protlen,
                const char *passphrase,  const unsigned char *sha1hash,
-               unsigned char **result, size_t *resultlen)
+               unsigned char **result, size_t *resultlen,
+	       unsigned long s2k_count)
 {
   gcry_cipher_hd_t hd;
   const char *modestr = "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc";
@@ -368,7 +369,8 @@ do_encryption (const unsigned char *protbegin, size_t protlen,
         {
           rc = hash_passphrase (passphrase, GCRY_MD_SHA1,
                                 3, iv+2*blklen,
-                                get_standard_s2k_count (), key, keylen);
+				s2k_count ? s2k_count : get_standard_s2k_count(),
+				key, keylen);
           if (!rc)
             rc = gcry_cipher_setkey (hd, key, keylen);
           xfree (key);
@@ -411,7 +413,8 @@ do_encryption (const unsigned char *protbegin, size_t protlen,
   {
     char countbuf[35];
 
-    snprintf (countbuf, sizeof countbuf, "%lu", get_standard_s2k_count ());
+    snprintf (countbuf, sizeof countbuf, "%lu",
+	    s2k_count ? s2k_count : get_standard_s2k_count ());
     p = xtryasprintf
       ("(9:protected%d:%s((4:sha18:%n_8bytes_%u:%s)%d:%n%*s)%d:%n%*s)",
        (int)strlen (modestr), modestr,
@@ -443,7 +446,8 @@ do_encryption (const unsigned char *protbegin, size_t protlen,
    a valid S-Exp here. */
 int
 agent_protect (const unsigned char *plainkey, const char *passphrase,
-               unsigned char **result, size_t *resultlen)
+               unsigned char **result, size_t *resultlen,
+	       unsigned long s2k_count)
 {
   int rc;
   const unsigned char *s;
@@ -544,7 +548,7 @@ agent_protect (const unsigned char *plainkey, const char *passphrase,
 
   rc = do_encryption (prot_begin, prot_end - prot_begin + 1,
                       passphrase,  hashvalue,
-                      &protected, &protectedlen);
+                      &protected, &protectedlen, s2k_count);
   if (rc)
     return rc;
author	Ben Kibbey <[email protected]>	2011-06-29 00:35:13 +0000
committer	Werner Koch <[email protected]>	2011-06-29 11:17:25 +0000
commit	137e3a0fbcdc579b56860651a9b5554f9449ed1e (patch)
tree	26b354dda466de882f4c0bd50d576c67393f2f6a /agent/protect.c
parent	Fixed an URL typo in the FAQ. (diff)
download	gnupg-137e3a0fbcdc579b56860651a9b5554f9449ed1e.tar.gz gnupg-137e3a0fbcdc579b56860651a9b5554f9449ed1e.zip