Whirlpool in gcrypt <= 1.5.3 broken (if writes in chunks)?
Milan Broz
gmazyland at gmail.com
Sun Jan 19 20:49:41 CET 2014
On 01/19/2014 03:13 PM, Werner Koch wrote:
> On Fri, 17 Jan 2014 21:58, gmazyland at gmail.com said:
>
>> So if there is a "bug emulation flag" it could help to implement it.
>
> Done in master. The code is not very sophisticated: I added the flag and
> then re-added most of the old code. If this works out for you I
> will backport it to 1.6 and release a 1.6.1 soon.
It works, thanks! Please could you also add pbkdf2 speed fix to 1.6.1?
Because cryptsetup supports several backends (where this flawed whirlpool
was never present), I won't do any automatic repairs but instead I added
internal "whirlpool_gcryptbug" hash name to gcrypt cryptsetup backend
(which uses this flag with gcrypt > 1.6.0)
This will allow people to use it if really needed.
Thanks,
Milan
More information about the Gcrypt-devel
mailing list