Fix AES-CCM* to work with a_len up to 0xfeff and m_len up to 0xffff #1170
Conversation
simonduq
added
bug/medium
os/lib/ccm-star.c
Outdated
| @@ -42,64 +42,68 @@ | |||
| #include "lib/aes-128.h" | |||
| #include <string.h> | |||
|
|
|||
| /* see RFC 3610 */ | |||
| #define CCM_STAR_AUTH_FLAGS(Adata, M) ((Adata ? (1u << 6) : 0) | (((M - 2u) >> 1) << 3) | 1u) | |||
| /* As per RFC 3610. M == 2 (m_len is two bytes long) */ | |||
There was a problem hiding this comment.
Here, M == 2 should be L == 2??
[Section 2, RFC 3610]
Name Description Size Encoding
---- ---------------------------------------- ------ --------
M Number of octets in authentication field 3 bits (M-2)/2
L Number of octets in length field 3 bits L-1
There was a problem hiding this comment.
And, M is always 2 in this implementation, which I'd mention here as well.
There was a problem hiding this comment.
Here,
M == 2should beL == 2??
Good point, fixing the comment
And,
Mis always2in this implementation, which I'd mention here as well.
Hmm I don't think so: M is the MIC len, right?
There was a problem hiding this comment.
I guess I was confused. Ignore the second point. Sorry for that (>_<)
| uint8_t i; | ||
|
|
||
| set_iv(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len); | ||
|
|
There was a problem hiding this comment.
Would it be nicer to check if the given mic_len is valid?
[Section 2, RFC 3610]
For the generic CCM mode there are two parameter choices. The first
choice is M, the size of the authentication field. .... (snip) ...
Valid values are 4, 6, 8, 10, 12, 14, and 16 octets. The second
os/lib/hexconv.h
Outdated
| #include <stdint.h> | ||
|
|
||
| int hexconv_hexlify(const uint8_t *data, int data_len, | ||
| char *text, int text_size); |
| @@ -0,0 +1,2 @@ | |||
| To generate test vectors, run: | |||
| ./generate-test-vectors.py > test-vectors.c | |||
There was a problem hiding this comment.
Add
pip install pycryptodome
or something to resolve the dependency.
There was a problem hiding this comment.
Did that. Also, switched to python3
There was a problem hiding this comment.
👍 I confirmed the code actually was able to run with Python 2 and Python 3 :-)
| #include <stdio.h> | ||
| #include <stdbool.h> | ||
|
|
||
| #define MICLEN 8 |
There was a problem hiding this comment.
Can we have tests for MICLEN == 4 and MICLEN == 16, which can be used in IEEE 802.15.4 as well (Table 9-4, IEEE 802.15.4-2015)
| if [ -z $TIMEOUT ]; then | ||
| printf "FAIL (%u seconds)\n" $SECONDS | tee -a $BASENAME.testlog; | ||
| else | ||
| printf "FAIL (%u seconds timeout)\n" $TIMEOUT | tee -a $BASENAME.testlog; |
There was a problem hiding this comment.
This works perfectly... I confirmed with the commit of 84e07a9. This is great!
-- Starting test 07-aes-ccm
* clean ... OK (6 seconds)
* compile ... OK (20 seconds)
* start ./test-aesccm.native ... OK (0/30 seconds)
* run ./test-aesccm.native ... FAIL (120 seconds timeout)
* run ./test-aesccm.native ... SKIP
-- Killing background jobs
kill -9 1827
../utils.sh: line 41: 1827 Killed $TEST &> $RUNLOG
There was a problem hiding this comment.
Oh yes we've been using that one intensively :D
There was a problem hiding this comment.
Though just spotted a buggy log output: the SKIP line should have been for "check" not for "run". Committed a fix for that
| if [ -z $TIMEOUT ]; then | ||
| printf "FAIL (%u seconds)\n" $SECONDS | tee -a $BASENAME.testlog; | ||
| else | ||
| printf "FAIL (%u seconds timeout)\n" $TIMEOUT | tee -a $BASENAME.testlog; |
|
Thanks. Just pushed another minor thing. |
This PR fixes the AES-CCM* library for payloads/headers beyond 240 bytes (current implem is for up to 255 but ends in infinite loop for
m_lengreater than 240).The new limit for
a_lenis 0xfeff and form_len0xffff.This is useful for e.g. use of AES-CCM in upper layers, or for 802.15.4g with larger frames.
Also adds relevant unit tests.
This is contributed by Yanzi Networks AB (www.yanzi.se).