Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CASE resumption fails with openssl due to null pointers being used #10190

Closed
bluebin14 opened this issue Oct 4, 2021 · 4 comments · Fixed by #10198 or #10231
Closed

CASE resumption fails with openssl due to null pointers being used #10190

bluebin14 opened this issue Oct 4, 2021 · 4 comments · Fixed by #10198 or #10231
Assignees
@pan-apple

Comments

@bluebin14
Copy link
Contributor

Problem

<what's wrong or missing, please include any applicable:

  • CASE resumption fails with openssl due to null pointers being used. The failure is in CASESession::GenerateSigmaResumeMIC at calling AES_CCM_encrypt with null pointers.

Proposed Solution

Use non-zero pointers when calling AES_CCM_encrypt or fix the AES_CCM_encrypt implementation for openssl
@bluebin14
Copy link
Contributor Author

@pan-apple

@pan-apple pan-apple self-assigned this Oct 4, 2021
@pan-apple pan-apple mentioned this issue Oct 4, 2021
Merged
@bluebin14
Copy link
Contributor Author

bluebin14 commented Oct 5, 2021
edited
Loading

#10198 fixes the issue for the null source case but not for the null destination case. CASESession::GenerateSigmaResumeMIC calls AES_CCM_encrypt with both plaintext and ciphertext being nullptr and still fails.

@bluebin14 bluebin14 reopened this Oct 5, 2021
@pan-apple
Copy link
Contributor

@bluebin14 , the unit tests are testing that the destination can be nullptr. Are you still seeing the issue when you use it?

@pan-apple pan-apple mentioned this issue Oct 5, 2021
Merged
@bluebin14
Copy link
Contributor Author

The unit tests were still using non null destinations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pan-apple pan-apple

Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@pan-apple @bluebin14