ignore GCM tag mismatch in scan mode

author Philipp Gesang <philipp.gesang@intra2net.com>

Thu, 24 Aug 2017 14:48:32 +0000 (16:48 +0200)

committer Thomas Jarosch <thomas.jarosch@intra2net.com>

Mon, 2 Apr 2018 11:34:09 +0000 (13:34 +0200)
author Philipp Gesang <philipp.gesang@intra2net.com>
Thu, 24 Aug 2017 14:48:32 +0000 (16:48 +0200)
committer Thomas Jarosch <thomas.jarosch@intra2net.com>
Mon, 2 Apr 2018 11:34:09 +0000 (13:34 +0200)
diff --git a/deltatar/crypto.py b/deltatar/crypto.py

index a5d08c4..d4dd770 100755 (executable)
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -600,6 +600,8 @@ def try_decrypt (ifd, off, hdr, secret, ofd=-1):
 
     Always creates a fresh decryptor, so validation steps across objects don’t
     apply.
+
+    Errors during GCM tag validation are ignored.
     """
     ctleft = hdr ["ctsize"]
     pos    = off
@@ -625,7 +627,11 @@ def try_decrypt (ifd, off, hdr, secret, ofd=-1):
             pt     = decr.process (cnk)
             if ofd != -1:
                 os.write (ofd, pt)
-        pt = decr.done ()
+        try:
+            pt = decr.done ()
+        except InvalidGCMTag:
+            noise ("PDT: GCM tag mismatch for object %d–%d"
+                   % (off, off + hdr ["ctsize"]))
         if len (pt) > 0 and ofd != -1:
             os.write (ofd, pt)
author	Philipp Gesang <philipp.gesang@intra2net.com>
	Thu, 24 Aug 2017 14:48:32 +0000 (16:48 +0200)
committer	Thomas Jarosch <thomas.jarosch@intra2net.com>
	Mon, 2 Apr 2018 11:34:09 +0000 (13:34 +0200)