diff options
author | Werner Koch <wk@gnupg.org> | 2016-03-23 12:47:30 +0100 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2016-03-23 12:47:30 +0100 |
commit | 7c9c82feecf94a455c66d9c38576f36c9c4b484c (patch) | |
tree | 86063050e2feb83846ea822b91c60cac32b8c406 | |
parent | 6821e1bd94969106a70e3de17b86f6e6181f4e59 (diff) | |
download | libgcrypt-7c9c82feecf94a455c66d9c38576f36c9c4b484c.tar.gz |
cipher: Check length of supplied tag in _gcry_cipher_poly1305_check_tag.
* cipher/cipher-poly1305.c (_gcry_cipher_poly1305_tag): Check that the
provided tag length matches the actual tag length.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
-rw-r--r-- | cipher/cipher-poly1305.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c index fb817742..a2a74e8f 100644 --- a/cipher/cipher-poly1305.c +++ b/cipher/cipher-poly1305.c @@ -243,12 +243,20 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c, c->marks.tag = 1; } - if (check) - return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ? - GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM; + if (!check) + { + memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN); + } + else + { + /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF + * and thus we need to compare its length first. */ + if (outbuflen != POLY1305_TAGLEN + || !buf_eq_const (outbuf, c->u_iv.iv, POLY1305_TAGLEN)) + return GPG_ERR_CHECKSUM; + } - memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN); - return GPG_ERR_NO_ERROR; + return 0; } |