Whirlpool in gcrypt <= 1.5.3 broken (if writes in chunks)?

Milan Broz gmazyland at gmail.com
Sun Jan 19 20:49:41 CET 2014

On 01/19/2014 03:13 PM, Werner Koch wrote:
> On Fri, 17 Jan 2014 21:58, gmazyland at gmail.com said:
>> So if there is a "bug emulation flag" it could help to implement it.
> Done in master.  The code is not very sophisticated: I added the flag and
> then re-added most of the old code.  If this works out for you I
> will backport it to 1.6 and release a 1.6.1 soon.

It works, thanks! Please could you also add pbkdf2 speed fix to 1.6.1?

Because cryptsetup supports several backends (where this flawed whirlpool
was never present), I won't do any automatic repairs but instead I added
internal "whirlpool_gcryptbug" hash name to gcrypt cryptsetup backend
(which uses this flag with gcrypt > 1.6.0)

This will allow people to use it if really needed.


More information about the Gcrypt-devel mailing list