From 2df73ae7425b902fef8feffeccc47a8d1fd80c05 Mon Sep 17 00:00:00 2001 From: "Denis V. Lunev" Date: Thu, 1 Nov 2018 12:22:27 +0300 Subject: [PATCH] mbedtls: fix possible false success in ...check_tags() helpers We should report a error when the security check of the security tag was not made. In the other case false success is possible and is not observable by the software. Technically this could lead to a security flaw. Signed-off-by: Denis V. Lunev --- library/cipher.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/library/cipher.c b/library/cipher.c index 752d1fea2..2f2e03ba1 100644 --- a/library/cipher.c +++ b/library/cipher.c @@ -505,7 +505,7 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, } #endif - return( 0 ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ @@ -1134,7 +1134,7 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, } #endif - return( 0 ); + return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE ); } int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, @@ -1161,11 +1161,8 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, } #endif /* MBEDTLS_USE_PSA_CRYPTO */ - /* Status to return on a non-authenticated algorithm. It would make sense - * to return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT or perhaps - * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, but at the time I write this our - * unit tests assume 0. */ - ret = 0; + /* Status to return on a non-authenticated algorithm. */ + ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE; #if defined(MBEDTLS_GCM_C) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )