Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
gnome-keyring.1838
gnome-keyring-bsc932232-use-non-fips-md5.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gnome-keyring-bsc932232-use-non-fips-md5.patch of Package gnome-keyring.1838
diff --git a/egg/egg-openssl.c b/egg/egg-openssl.c index 5515be1..e68c2b7 100644 --- a/egg/egg-openssl.c +++ b/egg/egg-openssl.c @@ -226,7 +226,7 @@ egg_openssl_decrypt_block (const gchar *dekinfo, g_return_val_if_fail (ivlen >= 8, FALSE); /* IV is already set from the DEK info */ - if (!egg_symkey_generate_simple (algo, GCRY_MD_MD5, password, + if (!egg_symkey_generate_simple (algo, GCRY_MD_SHA1, password, n_password, iv, 8, 1, &key, NULL)) { g_free (iv); return NULL; @@ -289,7 +289,7 @@ egg_openssl_encrypt_block (const gchar *dekinfo, g_return_val_if_fail (ivlen >= 8, NULL); /* IV is already set from the DEK info */ - if (!egg_symkey_generate_simple (algo, GCRY_MD_MD5, password, + if (!egg_symkey_generate_simple (algo, GCRY_MD_SHA1, password, n_password, iv, 8, 1, &key, NULL)) g_return_val_if_reached (NULL); diff --git a/pkcs11/secret-store/gkm-secret-binary.c b/pkcs11/secret-store/gkm-secret-binary.c index a4ee19c..4eda4cc 100644 --- a/pkcs11/secret-store/gkm-secret-binary.c +++ b/pkcs11/secret-store/gkm-secret-binary.c @@ -437,12 +437,16 @@ static gboolean verify_decrypted_buffer (EggBuffer *buffer) { guchar digest[16]; + GChecksum *cs; + gsize cs_len = sizeof (digest); /* In case the world changes on us... */ - g_return_val_if_fail (gcry_md_get_algo_dlen (GCRY_MD_MD5) == sizeof (digest), 0); + g_return_val_if_fail (g_checksum_type_get_length (G_CHECKSUM_MD5) == sizeof (digest), 0); - gcry_md_hash_buffer (GCRY_MD_MD5, (void*)digest, - (guchar*)buffer->buf + 16, buffer->len - 16); + cs = g_checksum_new (G_CHECKSUM_MD5); + g_checksum_update (cs, (const guchar *) buffer->buf + 16, buffer->len - 16); + g_checksum_get_digest (cs, digest, &cs_len); + g_checksum_free (cs); return memcmp (buffer->buf, digest, 16) == 0; } @@ -574,12 +578,14 @@ gkm_secret_binary_write (GkmSecretCollection *collection, GkmSecretData *sdata, gint lock_timeout; guchar salt[8]; guint flags = 0; + GChecksum *cs; + gsize cs_len; int i; g_return_val_if_fail (GKM_IS_SECRET_COLLECTION (collection), GKM_DATA_FAILURE); g_return_val_if_fail (GKM_IS_SECRET_DATA (sdata), GKM_DATA_LOCKED); g_return_val_if_fail (data && n_data, GKM_DATA_FAILURE); - g_return_val_if_fail (gcry_md_get_algo_dlen (GCRY_MD_MD5) == sizeof (digest), GKM_DATA_FAILURE); + g_return_val_if_fail (g_checksum_type_get_length (G_CHECKSUM_MD5) == sizeof (digest), GKM_DATA_FAILURE); obj = GKM_SECRET_OBJECT (collection); @@ -636,8 +642,11 @@ gkm_secret_binary_write (GkmSecretCollection *collection, GkmSecretData *sdata, while (to_encrypt.len % 16 != 0) egg_buffer_add_byte (&to_encrypt, 0); - gcry_md_hash_buffer (GCRY_MD_MD5, (void*)digest, - (guchar*)to_encrypt.buf + 16, to_encrypt.len - 16); + cs = g_checksum_new (G_CHECKSUM_MD5); + g_checksum_update (cs, (const guchar *) to_encrypt.buf + 16, to_encrypt.len - 16); + g_checksum_get_digest (cs, digest, &cs_len); + g_checksum_free (cs); + memcpy (to_encrypt.buf, digest, 16); /* If no master password is set, we shouldn't be writing binary... */ diff --git a/pkcs11/secret-store/gkm-secret-fields.c b/pkcs11/secret-store/gkm-secret-fields.c index 578d618..66ede8d 100644 --- a/pkcs11/secret-store/gkm-secret-fields.c +++ b/pkcs11/secret-store/gkm-secret-fields.c @@ -111,12 +111,18 @@ static gchar* compat_hash_value_as_string (const gchar *value) { guchar digest[16]; + GChecksum *cs; + gsize cs_len = sizeof (digest); if (!value) return NULL; - g_assert (gcry_md_get_algo_dlen (GCRY_MD_MD5) == sizeof (digest)); - gcry_md_hash_buffer (GCRY_MD_MD5, (void*)digest, value, strlen (value)); + g_assert (g_checksum_type_get_length (G_CHECKSUM_MD5) == sizeof (digest)); + + cs = g_checksum_new (G_CHECKSUM_MD5); + g_checksum_update (cs, (const guchar *) value, strlen (value)); + g_checksum_get_digest (cs, digest, &cs_len); + g_checksum_free (cs); /* The old keyring code used lower case hex */ return egg_hex_encode_full (digest, sizeof (digest), FALSE, '\0', 0); diff --git a/pkcs11/secret-store/tests/dump-keyring0-format.c b/pkcs11/secret-store/tests/dump-keyring0-format.c index a459cd3..2ff1064 100644 --- a/pkcs11/secret-store/tests/dump-keyring0-format.c +++ b/pkcs11/secret-store/tests/dump-keyring0-format.c @@ -556,13 +556,17 @@ decrypt_buffer (Buffer *buffer, static gboolean verify_decrypted_buffer (Buffer *buffer) { - guchar digest[16]; + guchar digest[16]; + GChecksum *cs; + gsize cs_len = sizeof (digest); /* In case the world changes on us... */ - g_return_val_if_fail (gcry_md_get_algo_dlen (GCRY_MD_MD5) == sizeof (digest), 0); + g_return_val_if_fail (g_checksum_type_get_length (G_CHECKSUM_MD5) == sizeof (digest), 0); - gcry_md_hash_buffer (GCRY_MD_MD5, (void*)digest, - (guchar*)buffer->buf + 16, buffer->len - 16); + cs = g_checksum_new (G_CHECKSUM_MD5); + g_checksum_update (cs, (const guchar *) buffer->buf + 16, buffer->len - 16); + g_checksum_get_digest (cs, digest, &cs_len); + g_checksum_free (cs); return memcmp (buffer->buf, digest, 16) == 0; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor