security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Avoid wrong decryption_failed for signed+OCB msg w/o pubkey.

Browse Source 
* g10/decrypt-data.c (struct decode_filter_context_s): Add flag
checktag_failed.
(aead_checktag): Set flag.
(decrypt_data): Initially clear that flag and check the flag after the
decryption.
* g10/mainproc.c (proc_encrypted): Revert the log_get_errorcount based
check.
--

This fixes a bug where for an OCB encrypted and signed message with
the signing key missing during decryption the DECRYPTION_FAILED status
line was printed along with "WARNING: encrypted message has been
manipulated". This was because we use log_error to show that the
signature could not be verified due to the missing pubkey; the
original fix looked at the error counter and thus triggered the
decryption failed status.

Fixes-commit: 50e81ad38d2b5a5028fa6815da358c0496aa927e
GnuPG-bug-id: 7042
This commit is contained in:
Werner Koch 2024-09-19 10:00:24 +02:00
parent 6432d17385
commit 2770efa75b
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
g10/decrypt-data.c
View File

@ -72,6 +72,9 @@ struct decode_filter_context_s
* 3 = premature EOF (general) */ * 3 = premature EOF (general) */
unsigned int eof_seen : 2; unsigned int eof_seen : 2;
/* Flag to convey an error from aead_checktag. */
unsigned int checktag_failed : 1;
/* The actually used cipher algo for AEAD. */ /* The actually used cipher algo for AEAD. */
byte cipher_algo; byte cipher_algo;
@ -206,6 +209,7 @@ aead_checktag (decode_filter_ctx_t dfx, int final, const void *tagbuf)
log_error ("gcry_cipher_checktag%s failed: %s\n", log_error ("gcry_cipher_checktag%s failed: %s\n",
final? " (final)":"", gpg_strerror (err)); final? " (final)":"", gpg_strerror (err));
write_status_error ("aead_checktag", err); write_status_error ("aead_checktag", err);
dfx->checktag_failed = 1;
return err; return err;
} }
if (DBG_FILTER) if (DBG_FILTER)
@ -486,6 +490,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
dfx->refcount++; dfx->refcount++;
dfx->partial = !!ed->is_partial; dfx->partial = !!ed->is_partial;
dfx->length = ed->len; dfx->length = ed->len;
dfx->checktag_failed = 0;
if (ed->aead_algo) if (ed->aead_algo)
iobuf_push_filter ( ed->buf, aead_decode_filter, dfx ); iobuf_push_filter ( ed->buf, aead_decode_filter, dfx );
else if (ed->mdc_method) else if (ed->mdc_method)
@ -531,6 +536,10 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek,
ed->buf = NULL; ed->buf = NULL;
if (dfx->eof_seen > 1 ) if (dfx->eof_seen > 1 )
rc = gpg_error (GPG_ERR_INV_PACKET); rc = gpg_error (GPG_ERR_INV_PACKET);
else if (dfx->checktag_failed)
{
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
}
else if ( ed->mdc_method ) else if ( ed->mdc_method )
{ {
/* We used to let parse-packet.c handle the MDC packet but this /* We used to let parse-packet.c handle the MDC packet but this

7
g10/mainproc.c
View File

@ -798,15 +798,12 @@ proc_encrypted (CTX c, PACKET *pkt)
compliance_de_vs |= 2; compliance_de_vs |= 2;
} }
/* Trigger the deferred error. The second condition makes sure that a /* Trigger the deferred error. */
* log_error printed in the cry_cipher_checktag never gets ignored. */
if (!result && early_plaintext) if (!result && early_plaintext)
result = gpg_error (GPG_ERR_BAD_DATA); result = gpg_error (GPG_ERR_BAD_DATA);
else if (!result && opt.show_only_session_key) else if (!result && opt.show_only_session_key)
result = -1; result = -1;
else if (!result && pkt->pkt.encrypted->aead_algo
&& log_get_errorcount (0))
result = gpg_error (GPG_ERR_BAD_SIGNATURE);
if (result == -1) if (result == -1)
; ;