diff options
Diffstat (limited to '')
| -rw-r--r-- | sm/ChangeLog | 6 | ||||
| -rw-r--r-- | sm/decrypt.c | 2 | ||||
| -rw-r--r-- | sm/encrypt.c | 4 | ||||
| -rw-r--r-- | sm/gpgsm.c | 4 | ||||
| -rw-r--r-- | sm/server.c | 2 |
5 files changed, 12 insertions, 6 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog index fc4fcd07a..2363eb91b 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,9 @@ +2003-12-15 Werner Koch <[email protected]> + + * encrypt.c (init_dek): Use gry_create_nonce for the IV; there is + not need for real strong random here and it even better protect + the random bits used for the key. + 2003-12-01 Werner Koch <[email protected]> * gpgsm.c, gpgsm.h: New options --{enable,disable}-ocsp. diff --git a/sm/decrypt.c b/sm/decrypt.c index 23858efa8..671b4aa5e 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -51,7 +51,7 @@ struct decrypt_filter_parm_s { -/* decrypt the session key and fill in the parm structure. The +/* Decrypt the session key and fill in the parm structure. The algo and the IV is expected to be already in PARM. */ static int prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val, diff --git a/sm/encrypt.c b/sm/encrypt.c index 616949bf4..60752fa07 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -61,7 +61,7 @@ struct encrypt_cb_parm_s { -/* initialize the data encryptionkey (session key) */ +/* Initialize the data encryption key (session key). */ static int init_dek (DEK dek) { @@ -112,7 +112,7 @@ init_dek (DEK dek) return rc; } - gcry_randomize (dek->iv, dek->ivlen, GCRY_STRONG_RANDOM); + gcry_create_nonce (dek->iv, dek->ivlen); rc = gcry_cipher_setiv (dek->chd, dek->iv, dek->ivlen); if (rc) { diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 161d185b1..d3180adee 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -211,8 +211,8 @@ static ARGPARSE_OPTS opts[] = { { 300, NULL, 0, N_("@Commands:\n ") }, - { aSign, "sign", 256, N_("|[file]|make a signature")}, - { aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") }, + { aSign, "sign", 256, N_("|[FILE]|make a signature")}, + { aClearsign, "clearsign", 256, N_("|[FILE]|make a clear text signature") }, { aDetachedSign, "detach-sign", 256, N_("make a detached signature")}, { aEncr, "encrypt", 256, N_("encrypt data")}, { aSym, "symmetric", 256, N_("encryption only with symmetric cipher")}, diff --git a/sm/server.c b/sm/server.c index dda150964..20ba51301 100644 --- a/sm/server.c +++ b/sm/server.c @@ -49,7 +49,7 @@ struct server_local_s { -/* note, that it is sufficient to allocate the target string D as +/* Note that it is sufficient to allocate the target string D as long as the source string S, i.e.: strlen(s)+1; */ static void strcpy_escaped_plus (char *d, const unsigned char *s) |