diff options
author | Werner Koch <wk@gnupg.org> | 2013-09-07 10:06:46 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-09-10 21:20:17 +0200 |
commit | 0a28b2d2c9181a536fc894e24626714832619923 (patch) | |
tree | 6a533bbafd2afc76f40ad707f67eb40d84749f54 /cipher/whirlpool.c | |
parent | 0fb7c2cd345f3d3e9715c7fbc7a3e91d3c5c150d (diff) | |
download | libgcrypt-0a28b2d2c9181a536fc894e24626714832619923.tar.gz |
md: Fix Whirlpool flaw.
* cipher/whirlpool.c (whirlpool_add): Remove shortcut return so that
byte counter is always properly updated.
--
Using the forthcoming gcry_md_hash_buffers() and its test suite, I
found that a message of size 62 won't yield the correct hash if it is
fed into Whirlpool into in chunks. The fix is obvious. The wrong
code was likely due to using similar structure as SHA-1 but neglecting
that bytes and not blocks are counted.
Diffstat (limited to 'cipher/whirlpool.c')
-rw-r--r-- | cipher/whirlpool.c | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/cipher/whirlpool.c b/cipher/whirlpool.c index f99aa890..2c3beb7e 100644 --- a/cipher/whirlpool.c +++ b/cipher/whirlpool.c @@ -1315,9 +1315,6 @@ whirlpool_add (whirlpool_context_t *context, buffer_n--; } whirlpool_add (context, NULL, 0); - if (!buffer_n) - /* Done. */ - return; } /*_gcry_burn_stack (80+6*sizeof(void*));*/ /* FIXME */ |