On Mon, 22 Mar 2010 23:39, d...@fifthhorseman.net said: > Package: libgcrypt11 > Version: 1.4.5-2 > Severity: normal > > libgcrypt's tiger192 message digest implementation doesn't appear to > match the output / test vectors used by other implementations.
Well, it matches the original specs and the published test vectors. If you look at the tiger home page, you will find the test vectors we use. Back in 1998, when I wrote the code, there was no note on how the hashes are to be printed (i.e. how to convert the 64 bit words into a bit string). Thus I came up with the way it is now. Tiger has been used by gpg versions up to 1.3.2 and I heard that some people are still patching gpg to use it. Obviously the version in Libgcrypt is the one used by gpg. We can't change it without risking to break existing code. What we can do is to implement the now correct version of tiger192 as a different algorithm. I think it might also be okay to drop the OID from the current implementation because that one is definitely false. Moritz obvioulsy didn't compared the test vectors with those on the tiger home page after we assigned an OID for Tiger from the GNU pool to Ross. There is still the question, who wants to use Tiger192, given that there are proven algos out and that SHA-3 is not that far away. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
