From 34e2099b23ce75d359ccfe88e970a9d4ad7d8392 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Tue, 9 Feb 2016 14:01:07 +0900 Subject: [PATCH] change of S2K --- ChangeLog | 5 +++++ NEWS | 12 ++++++++++++ src/openpgp.c | 5 ++++- 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 0c43760..b63f087 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2016-02-09 Niibe Yutaka + + * src/openpgp.c (s2k): Include the unique ID of MCU into the + computation of S2K function. + 2016-02-08 Niibe Yutaka * src/modp256r1.c (modp256r1_add, modp256r1_sub): Keep the result diff --git a/NEWS b/NEWS index eaec56c..4ef176b 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,17 @@ Gnuk NEWS - User visible changes +* Major changes in Gnuk 1.2.0 + + Released 2016-02-xx, by NIIBE Yutaka + +** S2K algorithm change to defeat "copycat" service of MCU. +Even if the existence of some services copying MCU, your private key +will not be controled by others. + +** Bug fix for secp256k1 and NIST P-256. +Bugs in basic computation were fixed. + + * Major changes in Gnuk 1.1.9 Released 2015-09-18, by NIIBE Yutaka diff --git a/src/openpgp.c b/src/openpgp.c index efeff44..83d269b 100644 --- a/src/openpgp.c +++ b/src/openpgp.c @@ -1,7 +1,7 @@ /* * openpgp.c -- OpenPGP card protocol support * - * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015 + * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016 * Free Software Initiative of Japan * Author: NIIBE Yutaka * @@ -437,9 +437,12 @@ s2k (const unsigned char *salt, size_t slen, { sha256_context ctx; size_t count = S2KCOUNT; + const uint8_t *unique = unique_device_id (); sha256_start (&ctx); + sha256_update (&ctx, unique, 12); + while (count > slen + ilen) { if (slen)