crypto/ccm: fix auth_data_len upperbound value

RFC3610 states that len_encoding is only valid for "0x0001 ... 0xFEFF" If 0 < l(a) < (2^16 - 2^8), then the length field is encoded as two octets which contain the value l(a) in most-significant-byte first order.

crypto/ccm: fix auth_data_len upperbound value
3fd8276c · Wentao Shang · Gaëtan Harter · f0e785a4 · 3fd8276c
Unverified Commit 3fd8276c authored 8 years ago by Wentao Shang Committed by Gaëtan Harter 6 years ago
--- a/sys/crypto/modes/ccm.c
+++ b/sys/crypto/modes/ccm.c
@@ -108,13 +108,17 @@ int ccm_compute_adata_mac(cipher_t* cipher, uint8_t* auth_data,
        /* 16 octet block size + max. 10 len encoding  */
        uint8_t auth_data_encoded[26], len_encoding = 0;

-        if ( auth_data_len < (((uint32_t) 2) << 16)) {       /* length (0x0001 ... 0xFEFF)  */
+        /* If 0 < l(a) < (2^16 - 2^8), then the length field is encoded as two
+         * octets. (RFC3610 page 2)
+         */
+        if (auth_data_len <= 0xFEFF) {
+            /* length (0x0001 ... 0xFEFF)  */
            len_encoding = 2;

            auth_data_encoded[1] = auth_data_len & 0xFF;
            auth_data_encoded[0] = (auth_data_len >> 8) & 0xFF;
        } else {
-            DEBUG("UNSUPPORTED Adata length\n");
+            DEBUG("UNSUPPORTED Adata length: %" PRIu32 "\n", auth_data_len);
            return -1;
        }