cipher: Check length of supplied tag in _gcry_cipher_gcm_check_tag.
authorWerner Koch <wk@gnupg.org>
Wed, 23 Mar 2016 10:07:52 +0000 (11:07 +0100)
committerWerner Koch <wk@gnupg.org>
Wed, 23 Mar 2016 11:29:22 +0000 (12:29 +0100)
* cipher/cipher-gcm.c (_gcry_cipher_gcm_tag): Check that the provided
tag length matches the actual tag length.  Avoid gratuitous return
statements.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
cipher/cipher-gcm.c

index cb81ea9..5e9dec4 100644 (file)
@@ -803,13 +803,18 @@ _gcry_cipher_gcm_tag (gcry_cipher_hd_t c,
 
   if (!check)
     {
+      /* NB: We already checked that OUTBUF is large enough to hold
+         the result.  */
       memcpy (outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN);
-      return GPG_ERR_NO_ERROR;
     }
   else
     {
-      return buf_eq_const(outbuf, c->u_mode.gcm.u_tag.tag, GCRY_GCM_BLOCK_LEN) ?
-               GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+      /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+       * and thus we need to compare its length first.  */
+      if (outbuflen != GCRY_GCM_BLOCK_LEN
+          || !buf_eq_const (outbuf, c->u_mode.gcm.u_tag.tag,
+                            GCRY_GCM_BLOCK_LEN))
+        return GPG_ERR_CHECKSUM;
     }
 
   return 0;