From df603d82fc937e626b69bd196d5d322142e43ccc Mon Sep 17 00:00:00 2001 From: Robin Krahl Date: Thu, 29 Feb 2024 16:00:09 +0100 Subject: [PATCH] Use associated data as IV for Aes256Cbc --- CHANGELOG.md | 1 + src/mechanisms/aes256cbc.rs | 24 ++++++++++++++++++++---- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f46f656e5f..8257494c661 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -43,6 +43,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 by default). - Change store implementations to use littlefs2’s `DynFilesystem` trait instead of being generic over the storage implementation. +- Use associated data as IV if not empty for `Aes256Cbc`. ### Fixed diff --git a/src/mechanisms/aes256cbc.rs b/src/mechanisms/aes256cbc.rs index 6b0ca4c8fcb..19d2637fdfd 100644 --- a/src/mechanisms/aes256cbc.rs +++ b/src/mechanisms/aes256cbc.rs @@ -31,8 +31,16 @@ impl Encrypt for super::Aes256Cbc { .try_into() .map_err(|_| Error::InternalError)?; - let zero_iv = [0u8; 16]; - let cipher = Aes256CbcEnc::new_from_slices(&symmetric_key, &zero_iv).unwrap(); + let iv = if request.associated_data.is_empty() { + [0u8; 16] + } else { + request + .associated_data + .as_slice() + .try_into() + .map_err(|_| Error::MechanismParamInvalid)? + }; + let cipher = Aes256CbcEnc::new_from_slices(&symmetric_key, &iv).unwrap(); // buffer must have enough space for message+padding let mut buffer = request.message.clone(); @@ -117,8 +125,16 @@ impl Decrypt for super::Aes256Cbc { .try_into() .map_err(|_| Error::InternalError)?; - let zero_iv = [0u8; 16]; - let cipher = Aes256CbcDec::new_from_slices(&symmetric_key, &zero_iv).unwrap(); + let iv = if request.associated_data.is_empty() { + [0u8; 16] + } else { + request + .associated_data + .as_slice() + .try_into() + .map_err(|_| Error::MechanismParamInvalid)? + }; + let cipher = Aes256CbcDec::new_from_slices(&symmetric_key, &iv).unwrap(); // buffer must have enough space for message+padding let mut buffer = request.message.clone();