mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-25 13:05:41 +00:00
mbedtls_cipher_check_tag: zeroize expected tag on tag mismatch
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
1c68ba1afd
commit
dc269bbd08
|
@ -1125,6 +1125,12 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
|
|||
}
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
/* Status to return on a non-authenticated algorithm. It would make sense
|
||||
* to return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT or perhaps
|
||||
* MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, but at the time I write this our
|
||||
* unit tests assume 0. */
|
||||
ret = 0;
|
||||
|
||||
#if defined(MBEDTLS_GCM_C)
|
||||
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
|
||||
{
|
||||
|
@ -1140,9 +1146,7 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
|
|||
|
||||
/* Check the tag in "constant-time" */
|
||||
if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 )
|
||||
return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
|
||||
|
||||
return( 0 );
|
||||
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
|
||||
}
|
||||
#endif /* MBEDTLS_GCM_C */
|
||||
|
||||
|
@ -1162,13 +1166,12 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
|
|||
|
||||
/* Check the tag in "constant-time" */
|
||||
if( mbedtls_ct_memcmp( tag, check_tag, tag_len ) != 0 )
|
||||
return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
|
||||
|
||||
return( 0 );
|
||||
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
|
||||
}
|
||||
#endif /* MBEDTLS_CHACHAPOLY_C */
|
||||
|
||||
return( 0 );
|
||||
mbedtls_platform_zeroize( check_tag, tag_len );
|
||||
return( ret );
|
||||
}
|
||||
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
|
||||
|
||||
|
|
Loading…
Reference in a new issue