projects
/
tinc
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c845bc1
)
Fix block cipher padding when using libgcrypt.
author
Guus Sliepen
<guus@tinc-vpn.org>
Sat, 19 Dec 2009 17:57:54 +0000
(18:57 +0100)
committer
Guus Sliepen
<guus@tinc-vpn.org>
Sat, 19 Dec 2009 17:57:54 +0000
(18:57 +0100)
src/gcrypt/cipher.c
patch
|
blob
|
history
diff --git
a/src/gcrypt/cipher.c
b/src/gcrypt/cipher.c
index
2e8e057
..
390959c
100644
(file)
--- a/
src/gcrypt/cipher.c
+++ b/
src/gcrypt/cipher.c
@@
-196,7
+196,7
@@
bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
if(!oneshot)
return false;
if(!oneshot)
return false;
- size_t reqlen = ((inlen +
1
) / cipher->blklen) * cipher->blklen;
+ size_t reqlen = ((inlen +
8
) / cipher->blklen) * cipher->blklen;
uint8_t padbyte = reqlen - inlen;
inlen = reqlen - cipher->blklen;
uint8_t padbyte = reqlen - inlen;
inlen = reqlen - cipher->blklen;
@@
-239,14
+239,18
@@
bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
uint8_t padbyte = ((uint8_t *)outdata)[inlen - 1];
uint8_t padbyte = ((uint8_t *)outdata)[inlen - 1];
- if(padbyte == 0 || padbyte > cipher->blklen || padbyte > inlen)
+ if(padbyte == 0 || padbyte > cipher->blklen || padbyte > inlen) {
+ logger(LOG_ERR, "Error while decrypting: invalid padding");
return false;
return false;
+ }
size_t origlen = inlen - padbyte;
for(int i = inlen - 1; i >= origlen; i--)
size_t origlen = inlen - padbyte;
for(int i = inlen - 1; i >= origlen; i--)
- if(((uint8_t *)indata)[i] != padbyte)
+ if(((uint8_t *)outdata)[i] != padbyte) {
+ logger(LOG_ERR, "Error while decrypting: invalid padding");
return false;
return false;
+ }
*outlen = origlen;
}
*outlen = origlen;
}