[gnome-keyring] Use gcrypt to generate encryption iv/salt.



commit ba8ed988b599c53d5c82e8a2df592b70da7c3a5f
Author: Stef Walter <stef memberwebs com>
Date:   Fri Jun 19 16:33:09 2009 +0000

    Use gcrypt to generate encryption iv/salt.
    
    Remove needlessly duplicated code init_salt(), and use libcrypt
    to generate salt.

 daemon/keyrings/gkr-keyring-binary.c |   31 +------------------------------
 1 files changed, 1 insertions(+), 30 deletions(-)
---
diff --git a/daemon/keyrings/gkr-keyring-binary.c b/daemon/keyrings/gkr-keyring-binary.c
index b270422..31076b7 100644
--- a/daemon/keyrings/gkr-keyring-binary.c
+++ b/daemon/keyrings/gkr-keyring-binary.c
@@ -75,35 +75,6 @@ typedef struct {
  * BINARY ENCRYPTED FILE FORMAT
  */
 
-static void
-init_salt (guchar salt[8])
-{
-	gboolean got_random;
-	int i, fd;
-
-	got_random = FALSE;
-#ifdef HAVE_DEVRANDOM
-	fd = open ("/dev/random", O_RDONLY);
-	if (fd != -1) {
-		struct stat st;
-		/* Make sure it's a character device */
-		if ((fstat (fd, &st) == 0) && S_ISCHR (st.st_mode)) {
-			if (read (fd, salt, 8) == 8) {
-				got_random = TRUE;
-			}
-		}
-		close (fd);
-	}
-#endif
-
-	if (!got_random) {
-		for (i=0; i < 8; i++) {
-			salt[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
-		}
-	}
-	
-}
-
 static gboolean
 encrypt_buffer (EggBuffer *buffer,
 		const char *password,
@@ -302,7 +273,7 @@ gkr_keyring_binary_generate (GkrKeyring *keyring, EggBuffer *buffer)
 	/* Prepare the keyring for encryption */
 	if (!keyring->salt_valid) {
 		keyring->hash_iterations = 1000 + (int) (1000.0 * rand() / (RAND_MAX + 1.0));
-		init_salt (keyring->salt);
+		gcry_create_nonce (keyring->salt, sizeof (keyring->salt));
 		keyring->salt_valid = TRUE;
 	}	
 		



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]