riot-ci/RIOT
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crypto/ccm: fix input_len check

Browse Source 
Maximum input_len depends only on length_encoding and not auth_data_len.
The current length_max value was also wrong.

RFC3610 page 2

   3. The message m, consisting of a string of l(m) octets where 0 <=
      l(m) < 2^(8L).  The length restriction ensures that l(m) can be
      encoded in a field of L octets.
This commit is contained in:
Wentao Shang 2017-03-06 20:35:43 -08:00 committed by Gaëtan Harter
parent 9020767c2d
commit 89023b3499
No known key found for this signature in database
GPG Key ID: 76DF6BCF1B1F883B
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/crypto/modes/ccm.c
View File

@ -144,9 +144,8 @@ int cipher_encrypt_ccm(cipher_t* cipher, uint8_t* auth_data, uint32_t auth_data_
return CCM_ERR_INVALID_MAC_LENGTH;
}
length_max = 2 << (8 * length_encoding);
if (length_encoding < 2 || length_encoding > 8 ||
input_len - auth_data_len > length_max) {
length_max = 1 << (8 * length_encoding);
if (length_encoding < 2 || length_encoding > 8 || input_len >= length_max) {
return CCM_ERR_INVALID_LENGTH_ENCODING;
}
@ -206,9 +205,8 @@ int cipher_decrypt_ccm(cipher_t* cipher, uint8_t* auth_data,
return CCM_ERR_INVALID_MAC_LENGTH;
}
length_max = 2 << (8 * length_encoding);
if (length_encoding < 2 || length_encoding > 8 ||
input_len - auth_data_len > length_max) {
length_max = 1 << (8 * length_encoding);
if (length_encoding < 2 || length_encoding > 8 || input_len >= length_max) {
return CCM_ERR_INVALID_LENGTH_ENCODING;
}