sha1 hash using libgcrypt different from what returns sha1sum

Jussi Kivilinna jussi.kivilinna at iki.fi
Fri Dec 13 21:51:09 CET 2013


On 13.12.2013 21:12, Yuriy Kaminskiy wrote:
> Werner Koch wrote:
>> On Tue, 12 Nov 2013 22:17, yumkam at gmail.com said:
>>
>>> And I'm not sure, but cipher-ccm.c also feels suspicious in this respect (won't
>>> it fail after SIZE_T_MAX bytes?).
>>
>> We need to look at it.
> 
> GCRYCTL_SET_CCM_LENGTHS (and everything below - _gcry_cipher_ccm_set_lengths,
> gcry_cipher_handle.u_mode.ccm.encryptlen, etc) pass encryptlen (expected size of
> payload) as size_t, thus on 32-bit platform it's not possible to encrypt more
> than (2**32) bytes with CCM.
> According to SP800-38C, maximum payload size for CCM is 2**64 octets (and there
> are no problem with encrypting more than 4G on 64-bit platforms with libgcrypt).
> In this case, fixing this problem would also require changing API/ABI (which
> should be possible, since CCM is not in any released version, so ABI is not set
> in stone yet?)

That's right, size_t for lengths is not enough on 32-bit. Could we use uint64_t
instead of size_t?

-Jussi 

> 
> 
> _______________________________________________
> Gcrypt-devel mailing list
> Gcrypt-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
> 




More information about the Gcrypt-devel mailing list