change of S2K

ChangeLog

@@ -1,3 +1,8 @@
+2016-02-09  Niibe Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp.c (s2k): Include the unique ID of MCU into the
+	computation of S2K function.
+
 2016-02-08  Niibe Yutaka  <gniibe@fsij.org>
 
 	* src/modp256r1.c (modp256r1_add, modp256r1_sub): Keep the result

NEWS

@@ -1,5 +1,17 @@
 Gnuk NEWS - User visible changes
 
+* Major changes in Gnuk 1.2.0
+
+  Released 2016-02-xx, by NIIBE Yutaka
+
+** S2K algorithm change to defeat "copycat" service of MCU.
+Even if the existence of some services copying MCU, your private key
+will not be controled by others.
+
+** Bug fix for secp256k1 and NIST P-256.
+Bugs in basic computation were fixed.
+
+
 * Major changes in Gnuk 1.1.9
 
   Released 2015-09-18, by NIIBE Yutaka

src/openpgp.c

@@ -1,7 +1,7 @@
 /*
  * openpgp.c -- OpenPGP card protocol support
  *
- * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015
+ * Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016
  *               Free Software Initiative of Japan
  * Author: NIIBE Yutaka <gniibe@fsij.org>
  *
@@ -437,9 +437,12 @@ s2k (const unsigned char *salt, size_t slen,
 {
   sha256_context ctx;
   size_t count = S2KCOUNT;
+  const uint8_t *unique = unique_device_id ();
 
   sha256_start (&ctx);
 
+  sha256_update (&ctx, unique, 12);
+
   while (count > slen + ilen)
     {
       if (slen)