On Fri, 17 Jan 2014 19:25, gmazyland@xxxxxxxxx said: > Is my assumption that all whirlpool implementations before > libgcrypt 1.6.0 are broken if used this way? Right. Now why are you using a non-standard algorithm and then also hit the 62 byte problem :-( Anyway, I see that we need to do something about it. Changing the correct implementation is not a good idea but I would be possible to add a bug emulation flag. We do something similar in GnuPG to workaround a pgp-2 incompatibility. I can see two ways to implement it: If you only hash small amounts of data, retrying with the hash operation with the bug emulation flag set would be the easiest way. The other option would be to implement a variant of Whirlpool with this bug not fixed. Then you could add this as a second hash algorithm to the same context and hash only one. That is practical for streamed data but it does not save time because it always hashes twice (could be optimized but we would end up with quite some complexity). I would really prefer to add a bug emulation flag so that you could go and re-encrypt the data on the fly (using the fixed Whirlpool or SHA-x for better performance). Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
