1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00

gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag.

* g10/mainproc.c (proc_encrypted): Force a decryption failure if any
error has been seen.
* g10/decrypt-data.c (aead_checktag): Issue an ERROR line.
--

GnuPG-bug-id: 7042

Note that gpg in any case returns a failure exit code but due to
double forking GPGME would not see it.
This commit is contained in:
Werner Koch 2024-03-14 21:41:15 +01:00
parent f78501c545
commit 50e81ad38d
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 6 additions and 1 deletions

View file

@ -205,6 +205,7 @@ aead_checktag (decode_filter_ctx_t dfx, int final, const void *tagbuf)
{
log_error ("gcry_cipher_checktag%s failed: %s\n",
final? " (final)":"", gpg_strerror (err));
write_status_error ("aead_checktag", err);
return err;
}
if (DBG_FILTER)