-yubikey-personalization (1.3.2-1+squeeze1) testing-proposed; urgency=high
+yubikey-personalization (1.3.2-1squeeze1) testing-proposed-updates; urgency=high
* Cherry-pick 8dfdff1 from upstream:
Reject -a values with upper case hex as yubikey_hex_decode only
handles lowercase values. This makes invalid input not end up with a
null key.
+ * Cherry-pick 76769856..0fa7260 from upstream:
+ Fix bug that prevented salting during AES key generation from
+ passwords from working. Closes: #608443
-- Tollef Fog Heen <tfheen@debian.org> Wed, 26 Jan 2011 08:15:34 +0100
/* -*- mode:C; c-file-style: "bsd" -*- */
/*
- * Copyright (c) 2008, 2009, Yubico AB
+ * Copyright (c) 2008, 2009, 2010, Yubico AB
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
size_t read_bytes = 0;
while (read_bytes < sizeof(_salt)) {
- size_t n = fread(&cfg->ykcore_config.key[read_bytes],
- 1, KEY_SIZE - read_bytes,
+ size_t n = fread(&_salt[read_bytes],
+ 1, sizeof (_salt) - read_bytes,
random_file);
read_bytes += n;
}
"-cXXX.. A 12 char hex value to use as access code for programming\n"
" (this does NOT SET the access code, that's done with -oaccess=)\n"
"-oOPTION change configuration option. Possible OPTION arguments are:\n"
-" salt=ssssssss Salt to be used for key generation. If\n"
-" none is given, a unique random one will be\n"
-" generated.\n"
+" salt=ssssssss Salt to be used when deriving key from a\n"
+" password. If none is given, a unique random\n"
+" one will be generated.\n"
" fixed=xxxxxxxxxxx The public identity of key, in MODHEX.\n"
" This is 0-16 characters long.\n"
" uid=xxxxxx The uid part of the generated ticket, in HEX.\n"
projects / yubikey-personalization.old / commitdiff