diff options
author | Karel Miko <karel.miko@gmail.com> | 2018-10-26 18:57:04 +0200 |
---|---|---|
committer | Karel Miko <karel.miko@gmail.com> | 2018-10-26 18:57:04 +0200 |
commit | 23f75413c0262ad26d2d980f7fb4731bea595e59 (patch) | |
tree | 42ae1a162f62278e53d7d05a8151376d6736df71 /src | |
parent | 4663dbe2768814c2a63a57c502e3adb5a53f8445 (diff) |
libtomcrypt fixes
Diffstat (limited to 'src')
-rw-r--r-- | src/ltc/encauth/ccm/ccm_init.c | 13 | ||||
-rw-r--r-- | src/ltc/encauth/ccm/ccm_memory.c | 10 | ||||
-rw-r--r-- | src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c | 1 | ||||
-rw-r--r-- | src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c | 1 | ||||
-rw-r--r-- | src/ltc/encauth/chachapoly/chacha20poly1305_memory.c | 10 | ||||
-rw-r--r-- | src/ltc/encauth/gcm/gcm_memory.c | 19 | ||||
-rw-r--r-- | src/ltc/misc/copy_or_zeromem.c | 3 |
7 files changed, 33 insertions, 24 deletions
diff --git a/src/ltc/encauth/ccm/ccm_init.c b/src/ltc/encauth/ccm/ccm_init.c index 20c2a17b..b1bd12dc 100644 --- a/src/ltc/encauth/ccm/ccm_init.c +++ b/src/ltc/encauth/ccm/ccm_init.c @@ -29,7 +29,6 @@ int ccm_init(ccm_state *ccm, int cipher, LTC_ARGCHK(ccm != NULL); LTC_ARGCHK(key != NULL); - LTC_ARGCHK(taglen != 0); XMEMSET(ccm, 0, sizeof(ccm_state)); @@ -41,17 +40,11 @@ int ccm_init(ccm_state *ccm, int cipher, return CRYPT_INVALID_CIPHER; } - /* make sure the taglen is even and <= 16 */ - ccm->taglen = taglen; - ccm->taglen &= ~1; - if (ccm->taglen > 16) { - ccm->taglen = 16; - } - - /* can't use < 4 */ - if (ccm->taglen < 4) { + /* make sure the taglen is valid */ + if (taglen < 4 || taglen > 16 || (taglen % 2) == 1) { return CRYPT_INVALID_ARG; } + ccm->taglen = taglen; /* schedule key */ if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &ccm->K)) != CRYPT_OK) { diff --git a/src/ltc/encauth/ccm/ccm_memory.c b/src/ltc/encauth/ccm/ccm_memory.c index 40ecba6e..72801336 100644 --- a/src/ltc/encauth/ccm/ccm_memory.c +++ b/src/ltc/encauth/ccm/ccm_memory.c @@ -80,14 +80,8 @@ int ccm_memory(int cipher, return CRYPT_INVALID_CIPHER; } - /* make sure the taglen is even and <= 16 */ - *taglen &= ~1; - if (*taglen > 16) { - *taglen = 16; - } - - /* can't use < 4 */ - if (*taglen < 4) { + /* make sure the taglen is valid */ + if (*taglen < 4 || *taglen > 16 || (*taglen % 2) == 1) { return CRYPT_INVALID_ARG; } diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c b/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c index f19cf181..493404fa 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_decrypt.c @@ -25,7 +25,6 @@ int chacha20poly1305_decrypt(chacha20poly1305_state *st, const unsigned char *in unsigned long padlen; int err; - if (inlen == 0) return CRYPT_OK; /* nothing to do */ LTC_ARGCHK(st != NULL); if (st->aadflg) { diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c b/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c index aeecc185..04c55153 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_encrypt.c @@ -25,7 +25,6 @@ int chacha20poly1305_encrypt(chacha20poly1305_state *st, const unsigned char *in unsigned long padlen; int err; - if (inlen == 0) return CRYPT_OK; /* nothing to do */ LTC_ARGCHK(st != NULL); if ((err = chacha_crypt(&st->chacha, in, inlen, out)) != CRYPT_OK) return err; diff --git a/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c b/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c index 34da9125..ddd05172 100644 --- a/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c +++ b/src/ltc/encauth/chachapoly/chacha20poly1305_memory.c @@ -43,6 +43,7 @@ int chacha20poly1305_memory(const unsigned char *key, unsigned long keylen, LTC_ARGCHK(in != NULL); LTC_ARGCHK(out != NULL); LTC_ARGCHK(tag != NULL); + LTC_ARGCHK(taglen != NULL); if ((err = chacha20poly1305_init(&st, key, keylen)) != CRYPT_OK) { goto LBL_ERR; } if ((err = chacha20poly1305_setiv(&st, iv, ivlen)) != CRYPT_OK) { goto LBL_ERR; } @@ -51,15 +52,22 @@ int chacha20poly1305_memory(const unsigned char *key, unsigned long keylen, } if (direction == CHACHA20POLY1305_ENCRYPT) { if ((err = chacha20poly1305_encrypt(&st, in, inlen, out)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = chacha20poly1305_done(&st, tag, taglen)) != CRYPT_OK) { goto LBL_ERR; } } else if (direction == CHACHA20POLY1305_DECRYPT) { + unsigned char buf[MAXBLOCKSIZE]; + unsigned long buflen = sizeof(buf); if ((err = chacha20poly1305_decrypt(&st, in, inlen, out)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = chacha20poly1305_done(&st, buf, &buflen)) != CRYPT_OK) { goto LBL_ERR; } + if (buflen != *taglen || XMEM_NEQ(buf, tag, buflen) != 0) { + err = CRYPT_ERROR; + goto LBL_ERR; + } } else { err = CRYPT_INVALID_ARG; goto LBL_ERR; } - err = chacha20poly1305_done(&st, tag, taglen); LBL_ERR: #ifdef LTC_CLEAN_STACK zeromem(&st, sizeof(chacha20poly1305_state)); diff --git a/src/ltc/encauth/gcm/gcm_memory.c b/src/ltc/encauth/gcm/gcm_memory.c index b318f7cf..a9c6ac63 100644 --- a/src/ltc/encauth/gcm/gcm_memory.c +++ b/src/ltc/encauth/gcm/gcm_memory.c @@ -93,7 +93,24 @@ int gcm_memory( int cipher, if ((err = gcm_process(gcm, pt, ptlen, ct, direction)) != CRYPT_OK) { goto LTC_ERR; } - err = gcm_done(gcm, tag, taglen); + if (direction == GCM_ENCRYPT) { + if ((err = gcm_done(gcm, tag, taglen)) != CRYPT_OK) { + goto LTC_ERR; + } + } + else if (direction == GCM_DECRYPT) { + unsigned char buf[MAXBLOCKSIZE]; + unsigned long buflen = sizeof(buf); + if ((err = gcm_done(gcm, buf, &buflen)) != CRYPT_OK) { + goto LTC_ERR; + } + if (buflen != *taglen || XMEM_NEQ(buf, tag, buflen) != 0) { + err = CRYPT_ERROR; + } + } + else { + err = CRYPT_INVALID_ARG; + } LTC_ERR: XFREE(orig); return err; diff --git a/src/ltc/misc/copy_or_zeromem.c b/src/ltc/misc/copy_or_zeromem.c index 1cfd2bdc..447b2684 100644 --- a/src/ltc/misc/copy_or_zeromem.c +++ b/src/ltc/misc/copy_or_zeromem.c @@ -29,8 +29,7 @@ void copy_or_zeromem(const unsigned char* src, unsigned char* dest, unsigned lon #endif unsigned char mask = 0xff; /* initialize mask at all ones */ - LTC_ARGCHK(src != NULL); - LTC_ARGCHK(dest != NULL); + if (src == NULL || dest == NULL) return; if (coz != 0) coz = 1; y = 0; |