gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag.

* g10/mainproc.c (proc_encrypted): Force a decryption failure if any error has been seen. * g10/decrypt-data.c (aead_checktag): Issue an ERROR line. -- GnuPG-bug-id: 7042 Note that gpg in any case returns a failure exit code but due to double forking GPGME would not see it.
author: Werner Koch <[email protected]> 2024-03-14 20:41:15 +0000
committer: Werner Koch <[email protected]> 2024-03-14 20:41:48 +0000
commit: 50e81ad38d2b5a5028fa6815da358c0496aa927e (patch)
tree: f35e99e305ca96c848cff0e9d33af19642ec5dfd /g10/decrypt-data.c
parent: gpg: new list-option store-x509-notations. (diff)
download: gnupg-50e81ad38d2b5a5028fa6815da358c0496aa927e.tar.gz
gnupg-50e81ad38d2b5a5028fa6815da358c0496aa927e.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c
index 86e208d01..ea4d48955 100644
--- a/g10/decrypt-data.c
+++ b/g10/decrypt-data.c
@@ -205,6 +205,7 @@ aead_checktag (decode_filter_ctx_t dfx, int final, const void *tagbuf)
     {
       log_error ("gcry_cipher_checktag%s failed: %s\n",
                  final? " (final)":"", gpg_strerror (err));
+      write_status_error ("aead_checktag", err);
       return err;
     }
   if (DBG_FILTER)
author	Werner Koch <[email protected]>	2024-03-14 20:41:15 +0000
committer	Werner Koch <[email protected]>	2024-03-14 20:41:48 +0000
commit	50e81ad38d2b5a5028fa6815da358c0496aa927e (patch)
tree	f35e99e305ca96c848cff0e9d33af19642ec5dfd /g10/decrypt-data.c
parent	gpg: new list-option store-x509-notations. (diff)
download	gnupg-50e81ad38d2b5a5028fa6815da358c0496aa927e.tar.gz gnupg-50e81ad38d2b5a5028fa6815da358c0496aa927e.zip