crypt_and_hash: check MAC earlier

2025-11-04 13:24:57 +00:00 · 2013-11-25 17:55:17 +01:00 · 2013-11-25 17:55:17 +01:00 · b9f6d507dd
parent 7ab2d5daf5
commit b9f6d507dd
2 changed files with 12 additions and 11 deletions
--- a/1
+++ b/1
@ -7,6 +7,7 @@ Changes
 Bugfix
   * Fixed X.509 hostname comparison (with non-regular characters)
   * SSL now gracefully handles missing RNG
+   * crypt_and_hash app checks MAC before final decryption

 = Version 1.2.10 released 2013-10-07
 Changes
--- a/programs/aes/crypt_and_hash.c
+++ b/programs/aes/crypt_and_hash.c
@ -453,17 +453,6 @@ int main( int argc, char *argv[] )
            }
        }

-        /*
-         * Write the final block of data
-         */
-        cipher_finish( &cipher_ctx, output, &olen );
-
-        if( fwrite( output, 1, olen, fout ) != olen )
-        {
-            fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
-            goto exit;
-        }
-
        /*
         * Verify the message authentication code.
         */
@ -486,6 +475,17 @@ int main( int argc, char *argv[] )
                             "or file corrupted.\n" );
            goto exit;
        }
+
+        /*
+         * Write the final block of data
+         */
+        cipher_finish( &cipher_ctx, output, &olen );
+
+        if( fwrite( output, 1, olen, fout ) != olen )
+        {
+            fprintf( stderr, "fwrite(%ld bytes) failed\n", (long) olen );
+            goto exit;
+        }
    }

    ret = 0;