mirror of
https://github.com/profanity-im/profanity.git
synced 2024-12-04 14:46:46 -05:00
Check received gcm tag
This commit is contained in:
parent
b0c52f84ab
commit
da0376a6a9
@ -295,7 +295,7 @@ out:
|
|||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
aes128gcm_decrypt(unsigned char *plaintext, size_t *plaintext_len, const unsigned char *const ciphertext, size_t ciphertext_len, const unsigned char *const iv, const unsigned char *const key)
|
aes128gcm_decrypt(unsigned char *plaintext, size_t *plaintext_len, const unsigned char *const ciphertext, size_t ciphertext_len, const unsigned char *const iv, const unsigned char *const key, const unsigned char *const tag)
|
||||||
{
|
{
|
||||||
gcry_error_t res;
|
gcry_error_t res;
|
||||||
gcry_cipher_hd_t hd;
|
gcry_cipher_hd_t hd;
|
||||||
@ -319,10 +319,11 @@ aes128gcm_decrypt(unsigned char *plaintext, size_t *plaintext_len, const unsigne
|
|||||||
if (res != GPG_ERR_NO_ERROR) {
|
if (res != GPG_ERR_NO_ERROR) {
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
//res = gcry_cipher_checktag(hd, ciphertext + ciphertext_len - AES128_GCM_TAG_LENGTH, AES128_GCM_TAG_LENGTH);
|
|
||||||
//if (res != GPG_ERR_NO_ERROR) {
|
res = gcry_cipher_checktag(hd, tag, AES128_GCM_TAG_LENGTH);
|
||||||
// goto out;
|
if (res != GPG_ERR_NO_ERROR) {
|
||||||
//}
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
out:
|
out:
|
||||||
gcry_cipher_close(hd);
|
gcry_cipher_close(hd);
|
||||||
|
@ -145,4 +145,4 @@ int aes128gcm_encrypt(unsigned char *ciphertext, size_t *ciphertext_len,
|
|||||||
int aes128gcm_decrypt(unsigned char *plaintext,
|
int aes128gcm_decrypt(unsigned char *plaintext,
|
||||||
size_t *plaintext_len, const unsigned char *const ciphertext,
|
size_t *plaintext_len, const unsigned char *const ciphertext,
|
||||||
size_t ciphertext_len, const unsigned char *const iv,
|
size_t ciphertext_len, const unsigned char *const iv,
|
||||||
const unsigned char *const key);
|
const unsigned char *const key, const unsigned char *const tag);
|
||||||
|
@ -577,10 +577,20 @@ omemo_on_message_recv(const char *const from, uint32_t sid,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (signal_buffer_len(plaintext_key) != AES128_GCM_KEY_LENGTH + AES128_GCM_TAG_LENGTH) {
|
||||||
|
log_error("OMEMO: invalid key length");
|
||||||
|
signal_buffer_free(plaintext_key);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
size_t plaintext_len = payload_len;
|
size_t plaintext_len = payload_len;
|
||||||
unsigned char *plaintext = malloc(plaintext_len + 1);
|
unsigned char *plaintext = malloc(plaintext_len + 1);
|
||||||
res = aes128gcm_decrypt(plaintext, &plaintext_len, payload, payload_len, iv, signal_buffer_data(plaintext_key));
|
res = aes128gcm_decrypt(plaintext, &plaintext_len, payload, payload_len, iv,
|
||||||
|
signal_buffer_data(plaintext_key),
|
||||||
|
signal_buffer_data(plaintext_key) + AES128_GCM_KEY_LENGTH);
|
||||||
if (res != 0) {
|
if (res != 0) {
|
||||||
|
log_error("OMEMO: cannot decrypt message: %s", gcry_strerror(res));
|
||||||
|
signal_buffer_free(plaintext_key);
|
||||||
free(plaintext);
|
free(plaintext);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user