From ef045f9f65d4cb11a120b637f7f97aece2d815ba Mon Sep 17 00:00:00 2001
From: Bernhard Kirchen <schlimmchen@posteo.net>
Date: Fri, 6 Apr 2018 16:07:23 +0200
Subject: [PATCH] adjust KDF preference to VeraCrypt order

RIPEMD160 is not even allowed any more as an option when creating an
encrypted file container using VeraCrypt. when encryption the system
partition/drive, it is below SHA256 in the list of options.

the order is like that since VeraCrypt version 1.0f (2014-12-30,
see https://www.veracrypt.fr/en/Release%20Notes.html).
---
 lib/tcrypt/tcrypt.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/tcrypt/tcrypt.c b/lib/tcrypt/tcrypt.c
index 968b03ac..9d337ac0 100644
--- a/lib/tcrypt/tcrypt.c
+++ b/lib/tcrypt/tcrypt.c
@@ -44,11 +44,11 @@ static const struct {
 	{ 0, 0, "pbkdf2", "whirlpool", 1000 },
 	{ 1, 0, "pbkdf2", "sha1",      2000 },
 	{ 0, 1, "pbkdf2", "sha512",    500000 },
-	{ 0, 1, "pbkdf2", "ripemd160", 655331 },
-	{ 0, 1, "pbkdf2", "ripemd160", 327661 }, // boot only
 	{ 0, 1, "pbkdf2", "whirlpool", 500000 },
 	{ 0, 1, "pbkdf2", "sha256",    500000 }, // VeraCrypt 1.0f
 	{ 0, 1, "pbkdf2", "sha256",    200000 }, // boot only
+	{ 0, 1, "pbkdf2", "ripemd160", 655331 },
+	{ 0, 1, "pbkdf2", "ripemd160", 327661 }, // boot only
 	{ 0, 0, NULL,     NULL,        0 }
 };