diff options
| author | lukechampine <luke.champine@gmail.com> | 2019-11-05 16:15:40 -0500 |
|---|---|---|
| committer | lukechampine <luke.champine@gmail.com> | 2019-12-30 13:35:05 -0500 |
| commit | 1953b605998c7b06acffd4aaef50846cacbb64ea (patch) | |
| tree | 61bffe9cb069cdf0e289fbb203246a0ef38dce02 /lib/std | |
| parent | ae7bb4ecc03d063acc75058f74fcf43b61b5a358 (diff) | |
| download | zig-1953b605998c7b06acffd4aaef50846cacbb64ea.tar.gz zig-1953b605998c7b06acffd4aaef50846cacbb64ea.zip | |
chacha20poly1305: Return false on short ciphertext
Diffstat (limited to 'lib/std')
| -rw-r--r-- | lib/std/crypto/chacha20.zig | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/std/crypto/chacha20.zig b/lib/std/crypto/chacha20.zig index 18ea7a2bfe..ea0ae03a06 100644 --- a/lib/std/crypto/chacha20.zig +++ b/lib/std/crypto/chacha20.zig @@ -469,11 +469,15 @@ pub fn chacha20poly1305Seal(dst: []u8, plaintext: []const u8, data: []const u8, mac.final(dst[plaintext.len..]); } +/// Verifies and decrypts an authenticated message produced by chacha20poly1305Open. +/// Returns false if message was invalid or authentication failed. pub fn chacha20poly1305Open(dst: []u8, ciphertext: []const u8, data: []const u8, key: [32]u8, nonce: [12]u8) bool { - assert(ciphertext.len >= chacha20poly1305_tag_size); - assert(dst.len >= ciphertext.len - chacha20poly1305_tag_size); + if (ciphertext.len < chacha20poly1305_tag_size) { + return false; + } // split ciphertext and tag + assert(dst.len >= ciphertext.len - chacha20poly1305_tag_size); var polyTag = ciphertext[ciphertext.len - chacha20poly1305_tag_size ..]; ciphertext = ciphertext[0 .. ciphertext.len - chacha20poly1305_tag_size]; |