From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FZ_LKDZmVZak for ; Sun, 19 Jan 2014 15:21:18 +0100 (CET) Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Sun, 19 Jan 2014 15:21:18 +0100 (CET) Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1W4tFV-0001bD-JD for ; Sun, 19 Jan 2014 15:21:17 +0100 From: Werner Koch References: <52D975A3.6080609@gmail.com> <87sismz76l.fsf@vigenere.g10code.de> <52D9995F.1070808@gmail.com> Date: Sun, 19 Jan 2014 15:13:43 +0100 In-Reply-To: <52D9995F.1070808@gmail.com> (Milan Broz's message of "Fri, 17 Jan 2014 21:58:07 +0100") Message-ID: <87fvokys88.fsf@vigenere.g10code.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: [dm-crypt] Whirlpool in gcrypt <= 1.5.3 broken (if writes in chunks)? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz Cc: dm-crypt , gcrypt-devel@gnupg.org On Fri, 17 Jan 2014 21:58, gmazyland@gmail.com said: > So if there is a "bug emulation flag" it could help to implement it. Done in master. The code is not very sophisticated: I added the flag and then re-added most of the old code. If this works out for you I will backport it to 1.6 and release a 1.6.1 soon. The suggested way of using the flag is: if (whirlpool_bug_assumed) { #if GCRYPT_VERSION_NUMBER >= 0x010601 err = gcry_md_open (&hd, GCRY_MD_WHIRLPOOL, GCRY_MD_FLAG_BUGEMU1) if (gpg_err_code (err) == GPG_ERR_INV_ARG) error ("Need at least Libggcrypt 1.6.1 for the fix"); else { do_hash (hd); gcry_md_close (hd); } #endif } Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.