[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] 02/02: added check of aes_tag to erd decryption
From: |
gnunet |
Subject: |
[taler-anastasis] 02/02: added check of aes_tag to erd decryption |
Date: |
Thu, 26 Mar 2020 12:06:13 +0100 |
This is an automated email from the git hooks/post-receive script.
dennis-neufeld pushed a commit to branch master
in repository anastasis.
commit 8c670eac3933438e2fa518c8b6ede007649922ed
Author: Dennis Neufeld <address@hidden>
AuthorDate: Thu Mar 26 11:05:58 2020 +0000
added check of aes_tag to erd decryption
---
src/util/anastasis_crypto.c | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index d11a328..b16c73d 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -219,21 +219,13 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
gcry_cipher_hd_t cipher;
char sym_key[AES_KEY_SIZE];
char iv[AES_IV_SIZE];
- char gcm_tag[GCM_TAG_SIZE];
- char ciphertext[data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce)
- - GCM_TAG_SIZE];
int rc;
- *res_size = sizeof (ciphertext);
+
+ *res_size = data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce)
+ - GCM_TAG_SIZE;
*res = GNUNET_malloc (*res_size);
memcpy (&nonce, data, sizeof (struct ANASTASIS_CRYPTO_Nonce));
- memcpy (&gcm_tag,
- data + sizeof (struct ANASTASIS_CRYPTO_Nonce),
- GCM_TAG_SIZE);
- memcpy (&ciphertext,
- data + sizeof (struct ANASTASIS_CRYPTO_Nonce) + GCM_TAG_SIZE,
- data_size - sizeof (struct ANASTASIS_CRYPTO_Nonce) - GCM_TAG_SIZE);
-
get_iv_key (id, &nonce, "erd", sym_key, iv);
GNUNET_assert (0 == gcry_cipher_open (&cipher,
@@ -252,8 +244,16 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
GNUNET_assert (0 == gcry_cipher_decrypt (cipher,
*res, *res_size,
- ciphertext,
- sizeof (ciphertext)));
+ data
+ + sizeof (struct
+ ANASTASIS_CRYPTO_Nonce)
+ + GCM_TAG_SIZE,
+ *res_size));
+ GNUNET_assert (0 == gcry_cipher_checktag (cipher,
+ data
+ + sizeof (struct
+ ANASTASIS_CRYPTO_Nonce),
+ GCM_TAG_SIZE));
gcry_cipher_close (cipher);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
--
To stop receiving notification emails like this one, please contact
address@hidden.