Speed up message decryption by not iterating in the s2k algorithm

The passphrase has as much entropy as the session key, so, there is no point in making the computation slow by iterating.
2026-04-21 15:36:30 +03:00 · 2025-08-04 20:59:40 +02:00
parent d431f2ebd3
commit fca8948e4c
1 changed files with 8 additions and 3 deletions
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -18,7 +18,7 @@ use pgp::crypto::hash::HashAlgorithm;
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
 use pgp::packet::{SignatureConfig, SignatureType, Subpacket, SubpacketData};
 use pgp::types::{CompressionAlgorithm, KeyDetails, Password, PublicKeyTrait, StringToKey};
-use rand::thread_rng;
+use rand::{Rng as _, thread_rng};
 use tokio::runtime::Handle;

 use crate::key::{DcKey, Fingerprint};
@@ -342,9 +342,14 @@ pub async fn encrypt_for_broadcast(
    let passphrase = Password::from(passphrase.to_string());

    tokio::task::spawn_blocking(move || {
-        let mut rng = thread_rng();
-        let s2k = StringToKey::new_default(&mut rng);
        let msg = MessageBuilder::from_bytes("", plain);
+        let mut rng = thread_rng();
+        let mut salt = [0u8; 8];
+        rng.fill(&mut salt[..]);
+        let s2k = StringToKey::Salted {
+            hash_alg: HashAlgorithm::default(),
+            salt,
+        };
        let mut msg = msg.seipd_v2(
            &mut rng,
            SymmetricKeyAlgorithm::AES128,