cipher: Check length of supplied tag in _gcry_cipher_poly1305_check_tag.
authorWerner Koch <wk@gnupg.org>
Wed, 23 Mar 2016 11:47:30 +0000 (12:47 +0100)
committerWerner Koch <wk@gnupg.org>
Wed, 23 Mar 2016 11:47:30 +0000 (12:47 +0100)
* cipher/cipher-poly1305.c (_gcry_cipher_poly1305_tag): Check that the
provided tag length matches the actual tag length.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
cipher/cipher-poly1305.c

index fb81774..a2a74e8 100644 (file)
@@ -243,12 +243,20 @@ _gcry_cipher_poly1305_tag (gcry_cipher_hd_t c,
       c->marks.tag = 1;
     }
 
-  if (check)
-    return buf_eq_const(outbuf, c->u_iv.iv, POLY1305_TAGLEN) ?
-           GPG_ERR_NO_ERROR : GPG_ERR_CHECKSUM;
+  if (!check)
+    {
+      memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
+    }
+  else
+    {
+      /* OUTBUFLEN gives the length of the user supplied tag in OUTBUF
+       * and thus we need to compare its length first.  */
+      if (outbuflen != POLY1305_TAGLEN
+          || !buf_eq_const (outbuf, c->u_iv.iv, POLY1305_TAGLEN))
+        return GPG_ERR_CHECKSUM;
+    }
 
-  memcpy (outbuf, c->u_iv.iv, POLY1305_TAGLEN);
-  return GPG_ERR_NO_ERROR;
+  return 0;
 }