pabuhler
commented
3 years ago Thanks for reporting, did you look in to this further ? I will try to follow up now.
Closed Absatt closed 2 years ago
pabuhler
commented
3 years ago Thanks for reporting, did you look in to this further ? I will try to follow up now.
In aes_icm.c line 304, _bytes_toencr counts in bytes and the counter counts in 16 bytes (AES block size). The effect of this bug is that the encryption layer prematurely refuses to encrypt further data and requests re-keying. I have not investigated the issue thoroughly, but there could be other effects since the maximum strp packet size is 2^20 which is greater than the max counter 2^16. A potential fix would be dividing _bytes_to_encr_ by 16 and rounding up.