HMAC-SHA384/HMAC-SHA512 testng?

Werner Koch wk at
Wed Apr 20 11:44:59 CEST 2005

On Tue, 19 Apr 2005 12:48:37 +1000, Brad Hards said:

> OK, I'm pretty confident that gcrypt is doing it wrong.

Very likley.  At the time I implemented the HMAC thing the SHA-2
algorithms were not known.

> I'm considering two options - an intrusive patch that adds a blocksize 
> function pointer to gcry_md_spec_t, and then working in terms of the 

We can't do this because it breaks the ABI.

ctx-> blocksize(), or alternatively a less intrusive, but much uglier special 
> casing (if algo == GCRY_MD_SHA384 || algo == GCRY_MD_SHA512). I'd prefer to 
> do the first, but the concern I have is that there might be external modules, 
Yes, we need to do this hack.  Which also means that external modules
requiring a blocksize other that 64 can't be used.



More information about the Gcrypt-devel mailing list