gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag.

* g10/mainproc.c (proc_encrypted): Force a decryption failure if any error has been seen. * g10/decrypt-data.c (aead_checktag): Issue an ERROR line. -- GnuPG-bug-id: 7042 Note that gpg in any case returns a failure exit code but due to double forking GPGME would not see it.
author: Werner Koch <[email protected]> 2024-03-14 20:41:15 +0000
committer: Werner Koch <[email protected]> 2024-03-14 20:51:27 +0000
commit: 122803bf1ac9ee720d9fc214f5ae5c2a0ec22bf5 (patch)
tree: b5a9dbdb8ab602be45b52d311ffeaa03da6eff5e /g10/decrypt-data.c
parent: gpg-check-pattern: Consider an empty pattern file as valid (diff)
download: gnupg-122803bf1ac9ee720d9fc214f5ae5c2a0ec22bf5.tar.gz
gnupg-122803bf1ac9ee720d9fc214f5ae5c2a0ec22bf5.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c
index 86e208d01..ea4d48955 100644
--- a/g10/decrypt-data.c
+++ b/g10/decrypt-data.c
@@ -205,6 +205,7 @@ aead_checktag (decode_filter_ctx_t dfx, int final, const void *tagbuf)
     {
       log_error ("gcry_cipher_checktag%s failed: %s\n",
                  final? " (final)":"", gpg_strerror (err));
+      write_status_error ("aead_checktag", err);
       return err;
     }
   if (DBG_FILTER)
author	Werner Koch <[email protected]>	2024-03-14 20:41:15 +0000
committer	Werner Koch <[email protected]>	2024-03-14 20:51:27 +0000
commit	122803bf1ac9ee720d9fc214f5ae5c2a0ec22bf5 (patch)
tree	b5a9dbdb8ab602be45b52d311ffeaa03da6eff5e /g10/decrypt-data.c
parent	gpg-check-pattern: Consider an empty pattern file as valid (diff)
download	gnupg-122803bf1ac9ee720d9fc214f5ae5c2a0ec22bf5.tar.gz gnupg-122803bf1ac9ee720d9fc214f5ae5c2a0ec22bf5.zip