diff options
author | Philipp Weber <[email protected]> | 2016-05-23 15:03:17 +0200 |
---|---|---|
committer | Philipp Weber <[email protected]> | 2016-05-23 15:03:17 +0200 |
commit | c3603924ab8d758831eefe8709e250b5be4088f5 (patch) | |
tree | bd61bce9dbd085e59dbc14560b64d1a27edd99a0 /src | |
parent | c951ad50c6af7d93c16f53dffb69b0be23f1c647 (diff) |
ecies review change: decrypt only if mac is correct and catch exceptions during decryption
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/pubkey/ecies/ecies.cpp | 36 |
1 files changed, 25 insertions, 11 deletions
diff --git a/src/lib/pubkey/ecies/ecies.cpp b/src/lib/pubkey/ecies/ecies.cpp index 51ba3d172..0efdc64e1 100644 --- a/src/lib/pubkey/ecies/ecies.cpp +++ b/src/lib/pubkey/ecies/ecies.cpp @@ -368,18 +368,32 @@ secure_vector<byte> ECIES_Decryptor::do_decrypt(byte& valid_mask, const byte in[ const secure_vector<byte> calculated_mac = mac->final(); valid_mask = CT::expand_mask<byte>(same_mem(mac_data.data(), calculated_mac.data(), mac_data.size())); - // decrypt data - std::unique_ptr<Keyed_Filter> cipher = m_params.create_cipher(DECRYPTION); - BOTAN_ASSERT(cipher != nullptr, "Cipher is found"); - - cipher->set_key(SymmetricKey(secret_key.begin(), m_params.dem_keylen())); - if(m_iv.size() != 0) + if(valid_mask) { - cipher->set_iv(m_iv); - } - Pipe pipe(cipher.release()); - pipe.process_msg(encrypted_data); - return pipe.read_all(0); + // decrypt data + std::unique_ptr<Keyed_Filter> cipher = m_params.create_cipher(DECRYPTION); + BOTAN_ASSERT(cipher != nullptr, "Cipher is found"); + + cipher->set_key(SymmetricKey(secret_key.begin(), m_params.dem_keylen())); + if(m_iv.size() != 0) + { + cipher->set_iv(m_iv); + } + + try + { + // the decryption can fail: + // e.g. Integrity_Failure is thrown if GCM is used and the message does not have a valid tag + Pipe pipe(cipher.release()); + pipe.process_msg(encrypted_data); + return pipe.read_all(0); + } + catch(...) + { + valid_mask = 0; + } + } + return secure_vector<byte>(); } } |