[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-360-g7c9c82f
by Werner Koch
cvs at cvs.gnupg.org
Wed Mar 23 12:51:59 CET 2016
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 7c9c82feecf94a455c66d9c38576f36c9c4b484c (commit)
via 6821e1bd94969106a70e3de17b86f6e6181f4e59 (commit)
via 15785bc9fb1787554bf371945ecb191830c15bfd (commit)
via d3d7bdf8215275b3b20690dfde3f43dbe25b6f85 (commit)
from d328095dd4de83b839d9d8c4bdbeec0956971016 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7c9c82feecf94a455c66d9c38576f36c9c4b484c
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 23 12:47:30 2016 +0100
cipher: Check length of supplied tag in _gcry_cipher_poly1305_check_tag.
* cipher/cipher-poly1305.c (_gcry_cipher_poly1305_tag): Check that the
provided tag length matches the actual tag length.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c
index fb81774..a2a74e8 100644
--- a/cipher/cipher-poly1305.c
+++ b/cipher/cipher-poly1305.c
@@ -243,12 +243,20 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
c->marks.tag = 1;
}
- if (check)
- return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ?
- GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+ if (!check)
+ {
+ memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
+ }
+ else
+ {
+ /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+ * and thus we need to compare its length first. */
+ if (outbuflen != POLY1305_TAGLEN
+ || !buf_eq_const (outbuf, c->u_iv.iv, POLY1305_TAGLEN))
+ return GPG_ERR_CHECKSUM;
+ }
- memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
- return GPG_ERR_NO_ERROR;
+ return 0;
}
commit 6821e1bd94969106a70e3de17b86f6e6181f4e59
Author: Peter Wu <peter at lekensteyn.nl>
Date: Wed Mar 23 03:45:21 2016 +0100
Fix buffer overrun in gettag for Poly1305
* cipher/cipher-poly1305.c: copy a fixed length instead of the
user-supplied number.
--
The outbuflen is used to check the minimum size, the real tag is always
of fixed length.
Signed-off-by: Peter Wu <peter at lekensteyn.nl>
diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c
index 965a7b6..fb81774 100644
--- a/cipher/cipher-poly1305.c
+++ b/cipher/cipher-poly1305.c
@@ -215,7 +215,7 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
{
gcry_err_code_t err;
- if (outbuflen < GCRY_GCM_BLOCK_LEN)
+ if (outbuflen < POLY1305_TAGLEN)
return GPG_ERR_BUFFER_TOO_SHORT;
if (c->u_mode.poly1305.bytecount_over_limits)
return GPG_ERR_INV_LENGTH;
@@ -244,10 +244,10 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
}
if (check)
- return buf_eq_const(outbuf, c->u_iv.iv, outbuflen) ?
+ return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ?
GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
- memcpy (outbuf, c->u_iv.iv, outbuflen);
+ memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
return GPG_ERR_NO_ERROR;
}
commit 15785bc9fb1787554bf371945ecb191830c15bfd
Author: Werner Koch <wk at gnupg.org>
Date: Wed Mar 23 11:07:52 2016 +0100
cipher: Check length of supplied tag in _gcry_cipher_gcm_check_tag.
* cipher/cipher-gcm.c (_gcry_cipher_gcm_tag): Check that the provided
tag length matches the actual tag length. Avoid gratuitous return
statements.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index cb81ea9..5e9dec4 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -803,13 +803,18 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
if (!check)
{
+ /* NB: We already checked that OUTBUF is large enough to hold
+ the result. */
memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
- return GPG_ERR_NO_ERROR;
}
else
{
- return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
- GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+ /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+ * and thus we need to compare its length first. */
+ if (outbuflen != GCRY_GCM_BLOCK_LEN
+ || !buf_eq_const (outbuf, c->u_mode.gcm.u_tag.tag,
+ GCRY_GCM_BLOCK_LEN))
+ return GPG_ERR_CHECKSUM;
}
return 0;
commit d3d7bdf8215275b3b20690dfde3f43dbe25b6f85
Author: Peter Wu <peter at lekensteyn.nl>
Date: Wed Mar 23 03:45:20 2016 +0100
Fix buffer overrun in gettag for GCM
* cipher/cipher-gcm.c: copy a fixed length instead of the user-supplied
number.
--
The outbuflen is used to check the minimum size, the real tag is always
of fixed length.
Signed-off-by: Peter Wu <peter at lekensteyn.nl>
Actually this is not a buffer overrun because we copy not more than
has been allocated for OUTBUF. However a too long OUTBUFLEN accesses
data outside of the source buffer. -wk
diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index d390ef8..cb81ea9 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -803,12 +803,12 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
if (!check)
{
- memcpy (outbuf, c->u_mode.gcm.u_tag.tag, outbuflen);
+ memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
return GPG_ERR_NO_ERROR;
}
else
{
- return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, outbuflen) ?
+ return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
}
-----------------------------------------------------------------------
Summary of changes:
cipher/cipher-gcm.c | 13 +++++++++----
cipher/cipher-poly1305.c | 20 ++++++++++++++------
2 files changed, 23 insertions(+), 10 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list