[taler-anastasis] 02/02: added check of aes

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-anastasis] 02/02: added check of aes_tag to erd decryption

From:	gnunet
Subject:	[taler-anastasis] 02/02: added check of aes_tag to erd decryption
Date:	Thu, 26 Mar 2020 12:06:13 +0100

This is an automated email from the git hooks/post-receive script.

dennis-neufeld pushed a commit to branch master
in repository anastasis.

commit 8c670eac3933438e2fa518c8b6ede007649922ed
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Mar 26 11:05:58 2020 +0000

    added check of aes_tag to erd decryption
---
 src/util/anastasis_crypto.c | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index d11a328..b16c73d 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -219,21 +219,13 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
   gcry_cipher_hd_t cipher;
   char sym_key[AES_KEY_SIZE];
   char iv[AES_IV_SIZE];
-  char gcm_tag[GCM_TAG_SIZE];
-  char ciphertext[data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce)
-                  - GCM_TAG_SIZE];
   int rc;
-  *res_size = sizeof (ciphertext);
+
+  *res_size = data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce)
+              - GCM_TAG_SIZE;
   *res = GNUNET_malloc (*res_size);
 
   memcpy (&nonce, data, sizeof (struct ANASTASIS_CRYPTO_Nonce));
-  memcpy (&gcm_tag,
-          data + sizeof (struct ANASTASIS_CRYPTO_Nonce),
-          GCM_TAG_SIZE);
-  memcpy (&ciphertext,
-          data + sizeof (struct ANASTASIS_CRYPTO_Nonce) + GCM_TAG_SIZE,
-          data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce) - GCM_TAG_SIZE);
-
   get_iv_key (id, &nonce, "erd", sym_key, iv);
 
   GNUNET_assert (0 == gcry_cipher_open (&cipher,
@@ -252,8 +244,16 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
 
   GNUNET_assert (0 == gcry_cipher_decrypt (cipher,
                                            *res, *res_size,
-                                           ciphertext,
-                                           sizeof (ciphertext)));
+                                           data
+                                           + sizeof (struct
+                                                     ANASTASIS_CRYPTO_Nonce)
+                                           + GCM_TAG_SIZE,
+                                           *res_size));
+  GNUNET_assert (0 == gcry_cipher_checktag (cipher,
+                                            data
+                                            + sizeof (struct
+                                                      ANASTASIS_CRYPTO_Nonce),
+                                            GCM_TAG_SIZE));
   gcry_cipher_close (cipher);
 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,

-- 
To stop receiving notification emails like this one, please contact
address@hidden.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-anastasis] branch master updated (c173acc -> 8c670ea), gnunet, 2020/03/26
- [taler-anastasis] 02/02: added check of aes_tag to erd decryption, gnunet <=
- [taler-anastasis] 01/02: code optimization in recovery document encryption, gnunet, 2020/03/26

Prev by Date: [libeufin] branch master updated: Give endpoint to query C53 entries in DB.
Next by Date: [taler-anastasis] branch master updated (c173acc -> 8c670ea)
Previous by thread: [taler-anastasis] branch master updated (c173acc -> 8c670ea)
Next by thread: [taler-anastasis] 01/02: code optimization in recovery document encryption
Index(es):
- Date
- Thread