diff options
author | Jack Lloyd <[email protected]> | 2018-08-17 17:09:26 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-08-17 17:09:26 -0400 |
commit | 18af8859a5c007c6df47181be0fabf2913204979 (patch) | |
tree | cafd241b6ec165eed109acd1086920f0e2f9cf92 /src/lib | |
parent | cc96212bc6168fac918f071730bffbef7c0059c5 (diff) |
Fix an EAX bug in reset()
It failed to reset any data that had been fed into CMAC so far,
so a sequence with
eax->set_key(key);
eax->start(nonce);
eax->process(discarded_bits);
eax->reset();
eax->start(second_nonce);
eax->process(second_msg);
would produce incorrect results
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/modes/aead/eax/eax.cpp | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/lib/modes/aead/eax/eax.cpp b/src/lib/modes/aead/eax/eax.cpp index dbd916db9..a03c5e802 100644 --- a/src/lib/modes/aead/eax/eax.cpp +++ b/src/lib/modes/aead/eax/eax.cpp @@ -57,6 +57,12 @@ void EAX_Mode::reset() { m_ad_mac.clear(); m_nonce_mac.clear(); + + // Clear out any data added to the CMAC calculation + try { + m_cmac->final(); + } + catch(Key_Not_Set&) {} } std::string EAX_Mode::name() const @@ -115,6 +121,7 @@ void EAX_Mode::start_msg(const uint8_t nonce[], size_t nonce_len) size_t EAX_Encryption::process(uint8_t buf[], size_t sz) { + BOTAN_ASSERT_NOMSG(m_nonce_mac.empty() == false); m_ctr->cipher(buf, buf, sz); m_cmac->update(buf, sz); return sz; @@ -122,6 +129,7 @@ size_t EAX_Encryption::process(uint8_t buf[], size_t sz) void EAX_Encryption::finish(secure_vector<uint8_t>& buffer, size_t offset) { + BOTAN_ASSERT_NOMSG(m_nonce_mac.empty() == false); update(buffer, offset); secure_vector<uint8_t> data_mac = m_cmac->final(); |