Index: openpgpsdk/trunk/src/lib/adv_create.c =================================================================== --- openpgpsdk/trunk/src/lib/adv_create.c (revision 560) +++ openpgpsdk/trunk/src/lib/adv_create.c (revision 563) @@ -382,5 +382,5 @@ return ops_false; - assert(key->s2k_specifier==OPS_S2KS_SIMPLE); // = 1 \todo should be salted or iterated-and-salted + assert(key->s2k_specifier==OPS_S2KS_SIMPLE || key->s2k_specifier==OPS_S2KS_SALTED); // = 1 \todo could also be iterated-and-salted if (!ops_write_scalar(key->s2k_specifier,1,info)) return ops_false; @@ -396,9 +396,12 @@ break; + case OPS_S2KS_SALTED: + // 8-octet salt value + ops_random((void *)&key->salt[0],OPS_SALT_SIZE); + if (!ops_write(key->salt, OPS_SALT_SIZE, info)) + return ops_false; + break; + /* \todo - case OPS_S2KS_SALTED: - // 8-octet salt value - break; - case OPS_S2KS_ITERATED_AND_SALTED: // 8-octet salt value @@ -420,5 +423,6 @@ { case OPS_S2KS_SIMPLE: - // RFC4880: section 3.7.1.1 + case OPS_S2KS_SALTED: + // RFC4880: section 3.7.1.1 and 3.7.1.2 done=0; @@ -439,4 +443,7 @@ } + if (key->s2k_specifier==OPS_S2KS_SALTED) + { hash.add(&hash, key->salt, OPS_SALT_SIZE); } + hash.add(&hash, passphrase, pplen); hash.finish(&hash, hashed); @@ -451,8 +458,4 @@ /* \todo - case OPS_S2KS_SALTED: - // 8-octet salt value - break; - case OPS_S2KS_ITERATED_AND_SALTED: // 8-octet salt value Index: openpgpsdk/trunk/src/lib/adv_openssl_crypto.c =================================================================== --- openpgpsdk/trunk/src/lib/adv_openssl_crypto.c (revision 558) +++ openpgpsdk/trunk/src/lib/adv_openssl_crypto.c (revision 563) @@ -305,6 +305,6 @@ skey->s2k_usage=OPS_S2KU_ENCRYPTED_AND_HASHED; - // \todo skey->s2k_specifier_t=OPS_S2KS_SALTED; - skey->s2k_specifier=OPS_S2KS_SIMPLE; + skey->s2k_specifier=OPS_S2KS_SALTED; + //skey->s2k_specifier=OPS_S2KS_SIMPLE; skey->algorithm=OPS_SA_CAST5; // \todo make param skey->hash_algorithm=OPS_HASH_SHA1; // \todo make param