diff --git a/.github/workflows/benches.yml b/.github/workflows/benches.yml deleted file mode 100644 index f16d3951..00000000 --- a/.github/workflows/benches.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: benches - -on: - pull_request: - paths: - - "benches/**" - - "Cargo.*" - push: - branches: master - -defaults: - run: - working-directory: benches - -env: - CARGO_INCREMENTAL: 0 - RUSTFLAGS: "-Dwarnings" - -jobs: - build: - runs-on: ubuntu-latest - strategy: - matrix: - rust: - - 1.56.0 # MSRV - - stable - steps: - - uses: actions/checkout@v3 - - uses: dtolnay/rust-toolchain@master - with: - toolchain: ${{ matrix.rust }} - - run: cargo build --release diff --git a/Cargo.lock b/Cargo.lock index 50add902..5e6b7908 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -621,9 +621,9 @@ dependencies = [ [[package]] name = "zeroize" -version = "1.5.7" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" +checksum = "2a0956f1ba7c7909bfb66c2e9e4124ab6f6482560f6628b5aaeba39207c9aad9" dependencies = [ "zeroize_derive", ] diff --git a/ascon-aead/CHANGELOG.md b/ascon-aead/CHANGELOG.md index a0acd443..861d9346 100644 --- a/ascon-aead/CHANGELOG.md +++ b/ascon-aead/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## 0.4.3 (2025-03-03) +### Fixed +- Zeroize buffer during decryption on failed tag check ([#659]) + +[#659]: https://github.com/RustCrypto/AEADs/pull/659 + ## 0.4.2 (2023-03-21) ### Changed - Drop MSRV back to 1.56 and keep it in sync with `ascon` ([#514]) diff --git a/ascon-aead/src/asconcore.rs b/ascon-aead/src/asconcore.rs index 1e37e256..aa26df06 100644 --- a/ascon-aead/src/asconcore.rs +++ b/ascon-aead/src/asconcore.rs @@ -1,5 +1,6 @@ // Copyright 2021-2023 Sebastian Ramacher // SPDX-License-Identifier: Apache-2.0 OR MIT +#![allow(unknown_lints, non_local_definitions)] use aead::{ consts::{U16, U20}, @@ -360,6 +361,7 @@ impl<'a, P: Parameters> AsconCore<'a, P> { if bool::from(tag.ct_eq(expected_tag)) { Ok(()) } else { + ciphertext.fill(0); Err(Error) } } diff --git a/ascon-aead/tests/kats_test.rs b/ascon-aead/tests/kats_test.rs index 7d471837..4326e1a1 100644 --- a/ascon-aead/tests/kats_test.rs +++ b/ascon-aead/tests/kats_test.rs @@ -1,6 +1,7 @@ // Copyright 2022 Sebastian Ramacher // SPDX-License-Identifier: Apache-2.0 OR MIT +use aead::Tag; use ascon_aead::{ aead::{Aead, AeadInPlace, KeyInit, Payload}, Ascon128, Ascon128a, Ascon80pq, Key, Nonce, @@ -41,9 +42,10 @@ impl TestVector { fn run_tv(tv: TestVector) { let core = A::new(Key::::from_slice(&tv.key)); + let nonce = Nonce::::from_slice(&tv.nonce); asserting(format!("Test Vector {} encryption", tv.count).as_str()) .that(&core.encrypt( - Nonce::::from_slice(&tv.nonce), + nonce, Payload { msg: &tv.plaintext, aad: &tv.associated_data, @@ -54,7 +56,7 @@ fn run_tv(tv: TestVector) { asserting(format!("Test Vector {} decryption", tv.count).as_str()) .that(&core.decrypt( - Nonce::::from_slice(&tv.nonce), + nonce, Payload { msg: &tv.ciphertext, aad: &tv.associated_data, @@ -62,6 +64,12 @@ fn run_tv(tv: TestVector) { )) .is_ok() .is_equal_to(&tv.plaintext); + + let bad_tag = Tag::::default(); + let mut buf = tv.ciphertext[..tv.ciphertext.len() - bad_tag.len()].to_vec(); + let res = core.decrypt_in_place_detached(nonce, &tv.associated_data, &mut buf, &bad_tag); + assert!(res.is_err()); + assert!(buf.iter().all(|b| *b == 0)); } fn parse_tvs(tvs: &str) -> Vec {