[git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-360-g7c9c82f

by Werner Koch cvs at cvs.gnupg.org
Wed Mar 23 12:51:59 CET 2016


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  7c9c82feecf94a455c66d9c38576f36c9c4b484c (commit)
       via  6821e1bd94969106a70e3de17b86f6e6181f4e59 (commit)
       via  15785bc9fb1787554bf371945ecb191830c15bfd (commit)
       via  d3d7bdf8215275b3b20690dfde3f43dbe25b6f85 (commit)
      from  d328095dd4de83b839d9d8c4bdbeec0956971016 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7c9c82feecf94a455c66d9c38576f36c9c4b484c
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Mar 23 12:47:30 2016 +0100

    cipher: Check length of supplied tag in _gcry_cipher_poly1305_check_tag.
    
    * cipher/cipher-poly1305.c (_gcry_cipher_poly1305_tag): Check that the
    provided tag length matches the actual tag length.
    --
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c
index fb81774..a2a74e8 100644
--- a/cipher/cipher-poly1305.c
+++ b/cipher/cipher-poly1305.c
@@ -243,12 +243,20 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
       c->marks.tag = 1;
     }
 
-  if (check)
-    return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ?
-           GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+  if (!check)
+    {
+      memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
+    }
+  else
+    {
+      /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+       * and thus we need to compare its length first.  */
+      if (outbuflen != POLY1305_TAGLEN
+          || !buf_eq_const (outbuf, c->u_iv.iv, POLY1305_TAGLEN))
+        return GPG_ERR_CHECKSUM;
+    }
 
-  memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
-  return GPG_ERR_NO_ERROR;
+  return 0;
 }
 
 

commit 6821e1bd94969106a70e3de17b86f6e6181f4e59
Author: Peter Wu <peter at lekensteyn.nl>
Date:   Wed Mar 23 03:45:21 2016 +0100

    Fix buffer overrun in gettag for Poly1305
    
    * cipher/cipher-poly1305.c: copy a fixed length instead of the
      user-supplied number.
    --
    
    The outbuflen is used to check the minimum size, the real tag is always
    of fixed length.
    
    Signed-off-by: Peter Wu <peter at lekensteyn.nl>

diff --git a/cipher/cipher-poly1305.c b/cipher/cipher-poly1305.c
index 965a7b6..fb81774 100644
--- a/cipher/cipher-poly1305.c
+++ b/cipher/cipher-poly1305.c
@@ -215,7 +215,7 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
 {
   gcry_err_code_t err;
 
-  if (outbuflen < GCRY_GCM_BLOCK_LEN)
+  if (outbuflen < POLY1305_TAGLEN)
     return GPG_ERR_BUFFER_TOO_SHORT;
   if (c->u_mode.poly1305.bytecount_over_limits)
     return GPG_ERR_INV_LENGTH;
@@ -244,10 +244,10 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
     }
 
   if (check)
-    return buf_eq_const(outbuf, c->u_iv.iv, outbuflen) ?
+    return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ?
            GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
 
-  memcpy (outbuf, c->u_iv.iv, outbuflen);
+  memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
   return GPG_ERR_NO_ERROR;
 }
 

commit 15785bc9fb1787554bf371945ecb191830c15bfd
Author: Werner Koch <wk at gnupg.org>
Date:   Wed Mar 23 11:07:52 2016 +0100

    cipher: Check length of supplied tag in _gcry_cipher_gcm_check_tag.
    
    * cipher/cipher-gcm.c (_gcry_cipher_gcm_tag): Check that the provided
    tag length matches the actual tag length.  Avoid gratuitous return
    statements.
    --
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index cb81ea9..5e9dec4 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -803,13 +803,18 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
 
   if (!check)
     {
+      /* NB: We already checked that OUTBUF is large enough to hold
+         the result.  */
       memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
-      return GPG_ERR_NO_ERROR;
     }
   else
     {
-      return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
-               GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+      /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+       * and thus we need to compare its length first.  */
+      if (outbuflen != GCRY_GCM_BLOCK_LEN
+          || !buf_eq_const (outbuf, c->u_mode.gcm.u_tag.tag,
+                            GCRY_GCM_BLOCK_LEN))
+        return GPG_ERR_CHECKSUM;
     }
 
   return 0;

commit d3d7bdf8215275b3b20690dfde3f43dbe25b6f85
Author: Peter Wu <peter at lekensteyn.nl>
Date:   Wed Mar 23 03:45:20 2016 +0100

    Fix buffer overrun in gettag for GCM
    
    * cipher/cipher-gcm.c: copy a fixed length instead of the user-supplied
      number.
    --
    
    The outbuflen is used to check the minimum size, the real tag is always
    of fixed length.
    
    Signed-off-by: Peter Wu <peter at lekensteyn.nl>
    
    Actually this is not a buffer overrun because we copy not more than
    has been allocated for OUTBUF.  However a too long OUTBUFLEN accesses
    data outside of the source buffer.  -wk

diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c
index d390ef8..cb81ea9 100644
--- a/cipher/cipher-gcm.c
+++ b/cipher/cipher-gcm.c
@@ -803,12 +803,12 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
 
   if (!check)
     {
-      memcpy (outbuf, c->u_mode.gcm.u_tag.tag, outbuflen);
+      memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
       return GPG_ERR_NO_ERROR;
     }
   else
     {
-      return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, outbuflen) ?
+      return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
                GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
     }
 

-----------------------------------------------------------------------

Summary of changes:
 cipher/cipher-gcm.c      | 13 +++++++++----
 cipher/cipher-poly1305.c | 20 ++++++++++++++------
 2 files changed, 23 insertions(+), 10 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org




More information about the Gnupg-commits mailing list