Skip to content
Snippets Groups Projects
Unverified Commit 00b6e46a authored by Koen Zandberg's avatar Koen Zandberg Committed by GitHub
Browse files

Merge pull request #8114 from cladmi/pr/crypto/ccm/auth_data_len_upper_bound 

crypto/ccm: fix auth_data_len check
parents 685efc4f 147390c2
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
sys/crypto/modes/ccm.c
+ 14
4
View file @ 00b6e46a
...@@ -108,13 +108,17 @@ int ccm_compute_adata_mac(cipher_t* cipher, uint8_t* auth_data, ...@@ -108,13 +108,17 @@ int ccm_compute_adata_mac(cipher_t* cipher, uint8_t* auth_data,
/* 16 octet block size + max. 10 len encoding */ /* 16 octet block size + max. 10 len encoding */
uint8_t auth_data_encoded[26], len_encoding = 0; uint8_t auth_data_encoded[26], len_encoding = 0;
if ( auth_data_len < (((uint32_t) 2) << 16)) { /* length (0x0001 ... 0xFEFF) */ /* If 0 < l(a) < (2^16 - 2^8), then the length field is encoded as two
* octets. (RFC3610 page 2)
*/
if (auth_data_len <= 0xFEFF) {
/* length (0x0001 ... 0xFEFF) */
len_encoding = 2; len_encoding = 2;
auth_data_encoded[1] = auth_data_len & 0xFF; auth_data_encoded[1] = auth_data_len & 0xFF;
auth_data_encoded[0] = (auth_data_len >> 8) & 0xFF; auth_data_encoded[0] = (auth_data_len >> 8) & 0xFF;
} else { } else {
DEBUG("UNSUPPORTED Adata length\n"); DEBUG("UNSUPPORTED Adata length: %" PRIu32 "\n", auth_data_len);
return -1; return -1;
} }
...@@ -167,7 +171,10 @@ int cipher_encrypt_ccm(cipher_t* cipher, uint8_t* auth_data, uint32_t auth_data_ ...@@ -167,7 +171,10 @@ int cipher_encrypt_ccm(cipher_t* cipher, uint8_t* auth_data, uint32_t auth_data_
} }
/* MAC calulation (T) with additional data and plaintext */ /* MAC calulation (T) with additional data and plaintext */
ccm_compute_adata_mac(cipher, auth_data, auth_data_len, mac_iv); len = ccm_compute_adata_mac(cipher, auth_data, auth_data_len, mac_iv);
if (len < 0) {
return len;
}
len = ccm_compute_cbc_mac(cipher, mac_iv, input, input_len, mac); len = ccm_compute_cbc_mac(cipher, mac_iv, input, input_len, mac);
if (len < 0) { if (len < 0) {
return len; return len;
...@@ -245,7 +252,10 @@ int cipher_decrypt_ccm(cipher_t* cipher, uint8_t* auth_data, ...@@ -245,7 +252,10 @@ int cipher_decrypt_ccm(cipher_t* cipher, uint8_t* auth_data,
} }
/* MAC calulation (T) with additional data and plaintext */ /* MAC calulation (T) with additional data and plaintext */
ccm_compute_adata_mac(cipher, auth_data, auth_data_len, mac_iv); len = ccm_compute_adata_mac(cipher, auth_data, auth_data_len, mac_iv);
if (len < 0) {
return len;
}
len = ccm_compute_cbc_mac(cipher, mac_iv, plain, plain_len, mac); len = ccm_compute_cbc_mac(cipher, mac_iv, plain, plain_len, mac);
if (len < 0) { if (len < 0) {
return len; return len;
......
tests/unittests/tests-crypto/tests-crypto-modes-ccm.c
+ 4
0
View file @ 00b6e46a
...@@ -246,6 +246,10 @@ static void test_crypto_modes_ccm_check_len(void) ...@@ -246,6 +246,10 @@ static void test_crypto_modes_ccm_check_len(void)
ret = _test_ccm_len(cipher_decrypt_ccm, 8, einput, 16, 0); ret = _test_ccm_len(cipher_decrypt_ccm, 8, einput, 16, 0);
TEST_ASSERT_MESSAGE(ret > 0, "Decryption : failed with valid input_len"); TEST_ASSERT_MESSAGE(ret > 0, "Decryption : failed with valid input_len");
/* ccm library does not support auth_data_len > 0xFEFF */
ret = _test_ccm_len(cipher_encrypt_ccm, 2, NULL, 0, 0xFEFF + 1);
TEST_ASSERT_EQUAL_INT(-1, ret);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment