Home Explore Help
Sign In
c
/
libtom.libtomcrypt
mirror of https://github.com/libtom/libtomcrypt.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

add tag validation to gcm_memory in decrypt mode

Karel Miko 7 years ago
parent
27c472654c
commit
fd4d8fbc05
2 changed files with 21 additions and 9 deletions
Split View Show Diff Stats
  1. 18 1
      src/encauth/gcm/gcm_memory.c
  2. 3 8
      src/encauth/gcm/gcm_test.c

+ 18 - 1
src/encauth/gcm/gcm_memory.c
View File 

@@ -93,7 +93,24 @@ int gcm_memory(      int           cipher,
 
     if ((err = gcm_process(gcm, pt, ptlen, ct, direction)) != CRYPT_OK) {
 
        goto LTC_ERR;
 
     }
 
-    err = gcm_done(gcm, tag, taglen);
 
+    if (direction == GCM_ENCRYPT) {
 
+      if ((err = gcm_done(gcm, tag, taglen)) != CRYPT_OK) {
 
+         goto LTC_ERR;
 
+      }
 
+    }
 
+    else if (direction == GCM_DECRYPT) {
 
+       unsigned char buf[MAXBLOCKSIZE];
 
+       unsigned long buflen = sizeof(buf);
 
+       if ((err = gcm_done(gcm, buf, &buflen)) != CRYPT_OK) {
 
+          goto LTC_ERR;
 
+       }
 
+       if (buflen != *taglen || XMEM_NEQ(buf, tag, buflen) != 0) {
 
+          err = CRYPT_ERROR;
 
+       }
 
+    }
 
+    else {
 
+       err = CRYPT_INVALID_ARG;
 
+    }
 
 LTC_ERR:
 
     XFREE(orig);
 
     return err;

+ 3 - 8
src/encauth/gcm/gcm_test.c
View File 

@@ -363,6 +363,7 @@ int gcm_test(void)
 
        }
 
 
        y = sizeof(T[1]);
 
+       XMEMCPY(T[1], tests[x].T, 16);
 
        if ((err = gcm_memory(idx, tests[x].K, tests[x].keylen,
 
                              tests[x].IV, tests[x].IVlen,
 
                              tests[x].A, tests[x].alen,
 
@@ -374,11 +375,6 @@ int gcm_test(void)
 
        if (compare_testvector(out[1], tests[x].ptlen, tests[x].P, tests[x].ptlen, "GCM PT", x)) {
 
           return CRYPT_FAIL_TESTVECTOR;
 
        }
 
-
 
-       if (compare_testvector(T[1], y, tests[x].T, 16, "GCM Decrypt Tag", x)) {
 
-          return CRYPT_FAIL_TESTVECTOR;
 
-       }
 
-
 
    }
 
 
    /* wycheproof failing test - https://github.com/libtom/libtomcrypt/pull/451 */
 
@@ -395,7 +391,7 @@ int gcm_test(void)
 
       /* VALID tag */
 
       taglen = sizeof(valid_tag);
 
       err = gcm_memory(idx, key, sizeof(key), iv, sizeof(iv), NULL, 0,
 
-                       pt, sizeof(ct), ct, invalid_tag, &taglen, GCM_DECRYPT);
 
+                       pt, sizeof(ct), ct, valid_tag, &taglen, GCM_DECRYPT);
 
       if ((err != CRYPT_OK) || (XMEMCMP(msg, pt, sizeof(msg)) != 0)) {
 
          return CRYPT_FAIL_TESTVECTOR;
 
       }
 
@@ -405,8 +401,7 @@ int gcm_test(void)
 
       err = gcm_memory(idx, key, sizeof(key), iv, sizeof(iv), NULL, 0,
 
                        pt, sizeof(ct), ct, invalid_tag, &taglen, GCM_DECRYPT);
 
       if (err == CRYPT_OK) {
 
-         fprintf(stderr, "XXX-FIXME gcm_memory should reject invalid tag\n");
 
-         /* return CRYPT_FAIL_TESTVECTOR; */
 
+         return CRYPT_FAIL_TESTVECTOR; /* should fail */
 
       }
 
    }