From 68c4e5ec42e1151591aee19ba36a4dbe22715a91 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Wed, 25 Aug 2010 17:45:44 +0200
Subject: The RFC5649 wrapping algorithm now includes a DER encoding of the
 data to distinguish between keys of different types. This prevents keys being
 unwrapped in a wrong type.

---
 examples/pk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'examples')

diff --git a/examples/pk.c b/examples/pk.c
index 032ae98..ea5720c 100644
--- a/examples/pk.c
+++ b/examples/pk.c
@@ -646,7 +646,7 @@ test_ncr_wrap_key3(int cfd)
 			/* try unwrapping */
 			memset(&kwrap, 0, sizeof(kwrap));
 			kwrap.algorithm = NCR_WALG_AES_RFC5649;
-			kwrap.wrapped_key_algorithm = NCR_ALG_RSA;
+			kwrap.wrapped_key_flags = 0;
 			kwrap.keytowrap = privkey;
 			kwrap.key = key;
 			kwrap.io = data;
-- 
cgit