mbedtls: fix possible false success in ...check_tags() helpers

We should report a error when the security check of the security
tag was not made. In the other case false success is possible and
is not observable by the software.

Technically this could lead to a security flaw.

Signed-off-by: Denis V. Lunev <dlunev@gmail.com>
This commit is contained in:
Denis V. Lunev 2018-11-01 12:22:27 +03:00 committed by Tom Cosgrove
parent 845de0898e
commit 2df73ae742

View file

@ -505,7 +505,7 @@ int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
}
#endif
return( 0 );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
@ -1134,7 +1134,7 @@ int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
}
#endif
return( 0 );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
@ -1161,11 +1161,8 @@ int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
/* Status to return on a non-authenticated algorithm. It would make sense
* to return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT or perhaps
* MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, but at the time I write this our
* unit tests assume 0. */
ret = 0;
/* Status to return on a non-authenticated algorithm. */
ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )