sha1 hash using libgcrypt different from what returns sha1sum

Yuriy Kaminskiy yumkam at
Fri Dec 13 20:12:23 CET 2013

Werner Koch wrote:
> On Tue, 12 Nov 2013 22:17, yumkam at said:
>> And I'm not sure, but cipher-ccm.c also feels suspicious in this respect (won't
>> it fail after SIZE_T_MAX bytes?).
> We need to look at it.

GCRYCTL_SET_CCM_LENGTHS (and everything below - _gcry_cipher_ccm_set_lengths,
gcry_cipher_handle.u_mode.ccm.encryptlen, etc) pass encryptlen (expected size of
payload) as size_t, thus on 32-bit platform it's not possible to encrypt more
than (2**32) bytes with CCM.
According to SP800-38C, maximum payload size for CCM is 2**64 octets (and there
are no problem with encrypting more than 4G on 64-bit platforms with libgcrypt).
In this case, fixing this problem would also require changing API/ABI (which
should be possible, since CCM is not in any released version, so ABI is not set
in stone yet?)

More information about the Gcrypt-devel mailing list