author | Florian Forster <octo@leeloo.lan.home.verplant.org> | |
Sat, 11 Apr 2009 12:08:30 +0000 (14:08 +0200) | ||
committer | Florian Forster <octo@leeloo.lan.home.verplant.org> | |
Sat, 11 Apr 2009 12:08:30 +0000 (14:08 +0200) | ||
commit | ab9e7357b760f9418beeadfc97488df08462af87 | |
tree | f18e191e5f41405306f3039722102f23fba28ddc | tree | snapshot |
parent | b423bd090e6a1af51446ad6967d5016045bd6ea5 | commit | diff |
network plugin: Use SHA-1 instead of SHA-224 to check integrity.
SHA-224 is not supported by older versions of libgcrypt (i. e. the
version included in Debian Etch), so lets take this more conservative
alternative instead.
Also, the padding bytes have been moved to the beginning of the packet
and will be filled with randomness, so they serve as some kind of IV.
It is, however, not guaranteed that any padding bytes exist at all, so
in theory two identical packets could be encrypted in the same way.
SHA-224 is not supported by older versions of libgcrypt (i. e. the
version included in Debian Etch), so lets take this more conservative
alternative instead.
Also, the padding bytes have been moved to the beginning of the packet
and will be filled with randomness, so they serve as some kind of IV.
It is, however, not guaranteed that any padding bytes exist at all, so
in theory two identical packets could be encrypted in the same way.
src/network.c | diff | blob | history |