openpgp: Use unique keys for memory encryption.

  - Previously, we used the same session key for every encrypted
    memory region, relying on the nonces being derived from a random
    initialization vector.

  - However, in cf2a472a34588c453f10efa0263ec51e0c860988 we changed
    the nonce to be a simple counter.  This leads reuse of (key,
    nonce) pairs.

  - Instead of relying on the nonces having some entropy, a more
    robust way to deal with this is to have distinct keys.  To that
    end, add a random salt to each memory region that we hash before
    hashing the prekey.

0 files changed, 0 insertions, 0 deletions