From: Andrey Rys <rys@lynxlynx.ru>
Date: Wed, 9 Nov 2022 19:01:14 +0000 (+0100)
Subject: tfcrypt: fix "-M mac -u" failing to decrypt data due to missing ctr.
X-Git-Url: https://jxself.org/git/?p=tfcrypt.git;a=commitdiff_plain;h=522bfd567b97caa1496044814e42cfd12fbc22d9

tfcrypt: fix "-M mac -u" failing to decrypt data due to missing ctr.

The symptom is that, even if encrypted stream is signed with MAC, and
on decryption says "signature is good", decrypted content is unavailable
and only encrypted garbage is written back.

This is due to unitialized counter (IV). This affects only STREAM mode.

If anyone ran into trouble, simply don't use -u option with -M mac.
Verifying MAC alone or skipping it with -M drop shall be safe.
---

diff --git a/VERSION b/VERSION
index b5489e5..2bbd69c 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-69
+70
diff --git a/tfcrypt.c b/tfcrypt.c
index 5182a34..9e0e629 100644
--- a/tfcrypt.c
+++ b/tfcrypt.c
@@ -1205,6 +1205,7 @@ _decrypt_again_vrfy2:
 		}
 		total_processed_src = rwd;
 		memcpy(ctr, svctr, TF_BLOCK_SIZE);
+		if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr);
 		memset(svctr, 0, TF_BLOCK_SIZE);
 	}