An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
psa_cipher_decrypt takes an input which is the IV concatenated with the ciphertext proper. It validates that the input is at least as large as the IV. This validation is wrong for PSA_ALG_CCM_STAR_NO_TAG: the length enforcement is for 16 bytes but the IV length is actually 13. As a consequence, psa_cipher_decrypt incorrectly returns PSA_ERROR_INVALID_ARGUMENT when the message is 3 bytes or less.
psa_cipher_decrypttakes an input which is the IV concatenated with the ciphertext proper. It validates that the input is at least as large as the IV. This validation is wrong forPSA_ALG_CCM_STAR_NO_TAG: the length enforcement is for 16 bytes but the IV length is actually 13. As a consequence,psa_cipher_decryptincorrectly returnsPSA_ERROR_INVALID_ARGUMENTwhen the message is 3 bytes or less.Workaround: the multipart interface works fine.
Found by Cryptofuzz.