From 71cda91dc86ec5e1b72128a61e183de3ba38508a Mon Sep 17 00:00:00 2001 From: Tollef Fog Heen Date: Wed, 26 Jan 2011 09:18:17 +0100 Subject: [PATCH] Close bug; fix version number --- debian/changelog | 5 ++++- ykpers.c | 6 +++--- ykpersonalize.c | 6 +++--- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/debian/changelog b/debian/changelog index df1b92f..9712db8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,9 +1,12 @@ -yubikey-personalization (1.3.2-1+squeeze1) testing-proposed; urgency=high +yubikey-personalization (1.3.2-1squeeze1) testing-proposed-updates; urgency=high * Cherry-pick 8dfdff1 from upstream: Reject -a values with upper case hex as yubikey_hex_decode only handles lowercase values. This makes invalid input not end up with a null key. + * Cherry-pick 76769856..0fa7260 from upstream: + Fix bug that prevented salting during AES key generation from + passwords from working. Closes: #608443 -- Tollef Fog Heen Wed, 26 Jan 2011 08:15:34 +0100 diff --git a/ykpers.c b/ykpers.c index 89868b4..24758d9 100644 --- a/ykpers.c +++ b/ykpers.c @@ -1,6 +1,6 @@ /* -*- mode:C; c-file-style: "bsd" -*- */ /* - * Copyright (c) 2008, 2009, Yubico AB + * Copyright (c) 2008, 2009, 2010, Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -172,8 +172,8 @@ int ykp_AES_key_from_passphrase(YKP_CONFIG *cfg, const char *passphrase, size_t read_bytes = 0; while (read_bytes < sizeof(_salt)) { - size_t n = fread(&cfg->ykcore_config.key[read_bytes], - 1, KEY_SIZE - read_bytes, + size_t n = fread(&_salt[read_bytes], + 1, sizeof (_salt) - read_bytes, random_file); read_bytes += n; } diff --git a/ykpersonalize.c b/ykpersonalize.c index 2537703..6b60df7 100644 --- a/ykpersonalize.c +++ b/ykpersonalize.c @@ -57,9 +57,9 @@ const char *usage = "-cXXX.. A 12 char hex value to use as access code for programming\n" " (this does NOT SET the access code, that's done with -oaccess=)\n" "-oOPTION change configuration option. Possible OPTION arguments are:\n" -" salt=ssssssss Salt to be used for key generation. If\n" -" none is given, a unique random one will be\n" -" generated.\n" +" salt=ssssssss Salt to be used when deriving key from a\n" +" password. If none is given, a unique random\n" +" one will be generated.\n" " fixed=xxxxxxxxxxx The public identity of key, in MODHEX.\n" " This is 0-16 characters long.\n" " uid=xxxxxx The uid part of the generated ticket, in HEX.\n" -- 2.39.5