psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes

Mbed-TLS / mbedtls

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.

https://www.trustedfirmware.org/projects/mbed-tls/

Other

5.24k stars 2.56k forks source link

psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes #9315

Closed gilles-peskine-arm closed 2 months ago

gilles-peskine-arm commented 3 months ago

Found by Cryptofuzz. Fixes #9314.

Specification links:

PSA_ALG_CCM_STAR_NO_TAG — note in particular “default IV length of 13”.
psa_cipher_decrypt

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

[x] changelog provided
[x] 3.6 backport https://github.com/Mbed-TLS/mbedtls/pull/9341
[x] 2.28 backport no (no CCM* in 2.28)
[x] tests provided