From 0a28b2d2c9181a536fc894e24626714832619923 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Sat, 7 Sep 2013 10:06:46 +0200
Subject: md: Fix Whirlpool flaw.

* cipher/whirlpool.c (whirlpool_add): Remove shortcut return so that
byte counter is always properly updated.
--

Using the forthcoming gcry_md_hash_buffers() and its test suite, I
found that a message of size 62 won't yield the correct hash if it is
fed into Whirlpool into in chunks.  The fix is obvious.  The wrong
code was likely due to using similar structure as SHA-1 but neglecting
that bytes and not blocks are counted.
---
 cipher/whirlpool.c | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'cipher')

diff --git a/cipher/whirlpool.c b/cipher/whirlpool.c
index f99aa890..2c3beb7e 100644
--- a/cipher/whirlpool.c
+++ b/cipher/whirlpool.c
@@ -1315,9 +1315,6 @@ whirlpool_add (whirlpool_context_t *context,
 	  buffer_n--;
 	}
       whirlpool_add (context, NULL, 0);
-      if (!buffer_n)
-	/* Done.  */
-        return;
     }
   /*_gcry_burn_stack (80+6*sizeof(void*));*/ /* FIXME */
 
-- 
cgit v1.2.1