gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag.

* g10/mainproc.c (proc_encrypted): Force a decryption failure if any
error has been seen.
* g10/decrypt-data.c (aead_checktag): Issue an ERROR line.
--

GnuPG-bug-id: 7042

Note that gpg in any case returns a failure exit code but due to
double forking GPGME would not see it.

2 files changed, 6 insertions, 1 deletions

diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c
index 86e208d01..ea4d48955 100644
--- a/g10/decrypt-data.c
+++ b/g10/decrypt-data.c
@@ -205,6 +205,7 @@ aead_checktag (decode_filter_ctx_t dfx, int final, const void *tagbuf)
     {
       log_error ("gcry_cipher_checktag%s failed: %s\n",
                  final? " (final)":"", gpg_strerror (err));
+      write_status_error ("aead_checktag", err);
       return err;
     }
   if (DBG_FILTER)
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 043b34f62..d2e00514f 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -781,9 +781,13 @@ proc_encrypted (CTX c, PACKET *pkt)
         compliance_de_vs |= 2;
     }
 
-  /* Trigger the deferred error.  */
+  /* Trigger the deferred error.  The second condition makes sure that a
+   * log_error printed in the cry_cipher_checktag never gets ignored.  */
   if (!result && early_plaintext)
     result = gpg_error (GPG_ERR_BAD_DATA);
+  else if (!result && pkt->pkt.encrypted->aead_algo
+           && log_get_errorcount (0))
+    result = gpg_error (GPG_ERR_BAD_SIGNATURE);
 
   if (result == -1)
     ;