You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note: This is just a template, so feel free to use/remove the unnecessary things
Description
Type: Bug | Enhancement\Feature Request
Priority: Blocker | Major | Minor
Bug
OS
Mbed OS|linux|windows|
mbed TLS build:
Version: x.x.x or git commit id
OS version: x.x.x
Configuration: please attach config.h file where possible
Compiler and options (if you used a pre-built binary, please indicate how you obtained it):
Additional environment information:
Peer device TLS stack and version
OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other
Version:
Expected behavior
Actual behavior
Steps to reproduce
Enhancement\Feature Request
Justification - why does the library need this feature?
Suggested enhancement
Question
Please first check for answers in the Mbed TLS knowledge Base. If you can't find the answer you're looking for then please use the Mbed TLS mailing list
I found an issue in ccm implementation. code block as follows:
I think as your intent
Line#178 should be add_len >= 0xFF00
otherwise
line#224 to line#225 is conflicting with standard when aad_len = 0xFF00. because per standard aad_len should encoded as six octets but current is 2.
The text was updated successfully, but these errors were encountered:
The CCM specification (NIST SP 800-38C) mandates that the formatting of
the additional data length l(a) changes when it is greater _or equal_ to
2^16 - 2^8 (>= 0xFF00). Since such lengths are not supported in mbed TLS,
the operation should fail in such cases.
This commit fixes an off-by-one error which allowed encryption/decryption
to be executed when l(a) was equal to 0xFF00, resulting in an
incorrect/non-standard length format being used.
FixesMbed-TLS#3719.
Signed-off-by: Fredrik Strupe <fredrik.strupe@silabs.com>
Note: This is just a template, so feel free to use/remove the unnecessary things
Description
Bug
OS
Mbed OS|linux|windows|
mbed TLS build:
Version: x.x.x or git commit id
OS version: x.x.x
Configuration: please attach config.h file where possible
Compiler and options (if you used a pre-built binary, please indicate how you obtained it):
Additional environment information:
Peer device TLS stack and version
OpenSSL|GnuTls|Chrome|NSS(Firefox)|SecureChannel (IIS/Internet Explorer/Edge)|Other
Version:
Expected behavior
Actual behavior
Steps to reproduce
Enhancement\Feature Request
Justification - why does the library need this feature?
Suggested enhancement
Question
Please first check for answers in the Mbed TLS knowledge Base. If you can't find the answer you're looking for then please use the Mbed TLS mailing list
I found an issue in ccm implementation. code block as follows:
I think as your intent
Line#178 should be add_len >= 0xFF00
otherwise
line#224 to line#225 is conflicting with standard when aad_len = 0xFF00. because per standard aad_len should encoded as six octets but current is 2.
The text was updated successfully, but these errors were encountered: