diff options
Diffstat (limited to 'pkcs11/gkm/gkm-data-der.c')
-rw-r--r-- | pkcs11/gkm/gkm-data-der.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/pkcs11/gkm/gkm-data-der.c b/pkcs11/gkm/gkm-data-der.c index 6130d098..8df1b5df 100644 --- a/pkcs11/gkm/gkm-data-der.c +++ b/pkcs11/gkm/gkm-data-der.c @@ -967,7 +967,8 @@ prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password, { GNode *asn1_params = NULL; gcry_cipher_hd_t cih; - guchar salt[8]; + guchar *salt; + gsize n_salt; gcry_error_t gcry; guchar *key, *iv; gsize n_key; @@ -986,7 +987,9 @@ prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password, /* Randomize some input for the password based secret */ iterations = g_random_int_range (1000, 4096); - gcry_create_nonce (salt, sizeof (salt)); + n_salt = 8; + salt = g_malloc (n_salt); + gcry_create_nonce (salt, n_salt); /* Allocate space for the key and iv */ n_key = gcry_cipher_get_algo_keylen (GCRY_CIPHER_3DES); @@ -1001,7 +1004,7 @@ prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password, /* Now write out the parameters */ asn1_params = egg_asn1x_create (pkix_asn1_tab, "pkcs-12-PbeParams"); g_return_val_if_fail (asn1_params, NULL); - egg_asn1x_set_string_as_raw (egg_asn1x_node (asn1_params, "salt", NULL), salt, sizeof (salt), NULL); + egg_asn1x_set_string_as_raw (egg_asn1x_node (asn1_params, "salt", NULL), salt, n_salt, g_free); egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn1_params, "iterations", NULL), iterations); egg_asn1x_set_any_from (egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL), asn1_params); |