From 62b2cec398e494370f88d1603a3b569cf77474a6 Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Thu, 29 Feb 2024 16:00:09 +0100 Subject: [PATCH] Use associated data as IV for Aes256Cbc --- CHANGELOG.md | 1 + src/mechanisms/aes256cbc.rs | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f46f656e5f..8257494c661 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -43,6 +43,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 by default). - Change store implementations to use littlefs2’s `DynFilesystem` trait instead of being generic over the storage implementation. +- Use associated data as IV if not empty for `Aes256Cbc`. ### Fixed diff --git a/src/mechanisms/aes256cbc.rs b/src/mechanisms/aes256cbc.rs index 6b0ca4c8fcb..ab475caf645 100644 --- a/src/mechanisms/aes256cbc.rs +++ b/src/mechanisms/aes256cbc.rs @@ -31,8 +31,12 @@ impl Encrypt for super::Aes256Cbc { .try_into() .map_err(|_| Error::InternalError)?; - let zero_iv = [0u8; 16]; - let cipher = Aes256CbcEnc::new_from_slices(&symmetric_key, &zero_iv).unwrap(); + let iv = if request.associated_data.is_empty() { + [0u8; 16] + } else { + request.associated_data.as_slice().try_into().map_err(|_| Error::MechanismParamInvalid)? + }; + let cipher = Aes256CbcEnc::new_from_slices(&symmetric_key, &iv).unwrap(); // buffer must have enough space for message+padding let mut buffer = request.message.clone(); @@ -117,8 +121,12 @@ impl Decrypt for super::Aes256Cbc { .try_into() .map_err(|_| Error::InternalError)?; - let zero_iv = [0u8; 16]; - let cipher = Aes256CbcDec::new_from_slices(&symmetric_key, &zero_iv).unwrap(); + let iv = if request.associated_data.is_empty() { + [0u8; 16] + } else { + request.associated_data.as_slice().try_into().map_err(|_| Error::MechanismParamInvalid)? + }; + let cipher = Aes256CbcDec::new_from_slices(&symmetric_key, &iv).unwrap(); // buffer must have enough space for message+padding let mut buffer = request.message.clone();