Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion include/crypto_error.h
Original file line number Diff line number Diff line change
Expand Up @@ -158,8 +158,9 @@
#define CRYPTO_LIB_ERR_SHPLF_LEN_LESS_THAN_MIN_PAD_SIZE (-83)
#define CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH (-84)
#define CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH (-85)
#define CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_IV_LEN (-86)

#define CRYPTO_CORE_ERROR_CODES_MAX -85
#define CRYPTO_CORE_ERROR_CODES_MAX -86

// Define codes for returning MDB Strings, and determining error based on strings
#define CAM_ERROR_CODES 600
Expand Down
3 changes: 2 additions & 1 deletion src/core/crypto_error.c
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS",
(char *)"CRYPTO_LIB_ERR_TC_FRAME_LENGTH_MISMATCH",
(char *)"CRYPTO_LIB_ERR_SHPLF_LEN_LESS_THAN_MIN_PAD_SIZE",
(char *)"CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH",
(char *)"CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH"};
(char *)"CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH",
(char *)"CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_IV_LEN"};

char *crypto_enum_errlist_config[] = {
(char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE",
Expand Down
13 changes: 13 additions & 0 deletions src/sa/internal/sa_interface_inmemory.template.c
Original file line number Diff line number Diff line change
Expand Up @@ -781,6 +781,19 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t **security_as
return status;
}

// IV length cannot be less than the transmitted-IV-field (shivf) length.
// Parallel invariant to the shsnf/arsn check above — without this guard,
// a loaded SA with shivf_len > iv_len causes `for (i = iv_len - shivf_len;
// i < iv_len; i++)` in the per-frame IV walks (crypto_aos.c:318/351/697,
// crypto_tc.c:331/631, etc.) to start at a negative index, leaking up to
// shivf_len bytes from before sa_ptr->iv into the transmitted frame.
if (sa[spi].shivf_len > sa[spi].iv_len)
{
status = CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_IV_LEN;
mc_if->mc_log(status);
return status;
}

#ifdef SA_DEBUG
printf(KYEL "DEBUG - Printing local copy of SA Entry for current SPI.\n" RESET);
Crypto_saPrint(*security_association);
Expand Down