Use randomized salt for default cipher.

author: joe <joe@jerkface.net> 2016-09-02 01:40:10 -0400
committer: joe <joe@jerkface.net> 2016-09-02 01:40:10 -0400
commit: bbd209a3b83b11d1c46b13bea35b534598827c12 (patch)
tree: a28a158cc54be800b8636957175d243d2c3d8ad3
parent: 9c5f1d6577e35d3d134a7ad32d4d4611f05342cd (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/Kiki.hs b/lib/Kiki.hs
index 87b6ea5..45e67f8 100644
--- a/lib/Kiki.hs
+++ b/lib/Kiki.hs
@@ -195,8 +195,11 @@ importAndRefresh root cmn cipher = do
        do rs <- writeKeyToFile (streaminfo { typ = PEMFile, access = Sec, spill = KF_Match "tor", fill = KF_All }) (FileDesc write_tor) tor_un
           -- outputReport $ map (first show) rs
           return ()
-        let cipher's2k = (cipher {- AES128 -}, IteratedSaltedS2K SHA1 4073382889203176146 7864320)
+        cipher's2k <- do
-            ctx = InputFileContext secring pubring
+            IteratedSaltedS2K _ salt _ <- randomS2K SHA1
+            -- (cipher {- AES128 -}, IteratedSaltedS2K SHA1 4073382889203176146 7864320)
+            return $ (cipher {- AES128 -}, IteratedSaltedS2K SHA1 salt (15 * 2^19))
+        let ctx = InputFileContext secring pubring
            main_passwds = withAgent $ do pfd <- maybeToList passfd
                                          return $ PassphraseSpec Nothing Nothing pfd
            passwordop = KeyRingOperation
author	joe <joe@jerkface.net>	2016-09-02 01:40:10 -0400
committer	joe <joe@jerkface.net>	2016-09-02 01:40:10 -0400
commit	bbd209a3b83b11d1c46b13bea35b534598827c12 (patch)
tree	a28a158cc54be800b8636957175d243d2c3d8ad3
parent	9c5f1d6577e35d3d134a7ad32d4d4611f05342cd (diff)