scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-17 12:00:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixed bug in pcp_encrypt_stream_sym(), freed buffer before using it in update_hash()

Browse Source
This commit is contained in:
TLINDEN
2015-04-16 21:23:27 +02:00
parent 8f2b3e2a8d
commit c86d497e09
1 changed files with 6 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
libpcp/crypto.c
View File

@@ -411,8 +411,8 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
havehead = 1: no header, being called from asym... havehead = 1: no header, being called from asym...
*/ */
byte *buf_nonce; byte *buf_nonce = NULL;
byte *buf_cipher; byte *buf_cipher = NULL;
byte *in_buf = NULL; byte *in_buf = NULL;
size_t cur_bufsize = 0; size_t cur_bufsize = 0;
size_t out_size = 0; size_t out_size = 0;
@@ -461,16 +461,15 @@ size_t pcp_encrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream *out, byte *
ps_write(out, buf_nonce, crypto_secretbox_NONCEBYTES); ps_write(out, buf_nonce, crypto_secretbox_NONCEBYTES);
ps_write(out, buf_cipher, es); ps_write(out, buf_cipher, es);
free(buf_nonce);
free(buf_cipher);
out_size += crypto_secretbox_NONCEBYTES + es; out_size += crypto_secretbox_NONCEBYTES + es;
if(recsign != NULL) if(recsign != NULL)
crypto_generichash_update(st, buf_cipher, es); crypto_generichash_update(st, buf_cipher, es);
//crypto_generichash_update(st, in_buf, cur_bufsize);
} }
free(buf_nonce);
free(buf_cipher);
if(ps_err(out) != 0) { if(ps_err(out) != 0) {
fatal(ptx, "Failed to write encrypted output!\n"); fatal(ptx, "Failed to write encrypted output!\n");
goto errsym1; goto errsym1;
@@ -578,7 +577,6 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
if(recverify != NULL) if(recverify != NULL)
crypto_generichash_update(st, buf_cipher, ciphersize); crypto_generichash_update(st, buf_cipher, ciphersize);
//crypto_generichash_update(st, buf_clear, ciphersize - PCP_CRYPTO_ADD);
free(buf_clear); free(buf_clear);
@@ -616,7 +614,7 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
out_size = 0; out_size = 0;
else { else {
if(memcmp(verifiedhash, hash, crypto_generichash_BYTES_MAX) != 0) { if(memcmp(verifiedhash, hash, crypto_generichash_BYTES_MAX) != 0) {
/* sig verified, but the hash doesn't match */ /* sig verified, but the hash doesn't match */
fatal(ptx, "signed hash doesn't match actual hash of signed decrypted file content\n"); fatal(ptx, "signed hash doesn't match actual hash of signed decrypted file content\n");
out_size = 0; out_size = 0;
} }