forked from osmocom/wireshark
oscore: Small bug fixes.
- Rename Key ID Context header field. - Account for ID Context in max info length calculation. Change-Id: I6f61055dba74294ace275eb852e34ea6caa32627 Reviewed-on: https://code.wireshark.org/review/37642 Petri-Dish: Anders Broman <a.broman58@gmail.com> Tested-by: Petri Dish Buildbot Reviewed-by: Anders Broman <a.broman58@gmail.com>
This commit is contained in:
parent
916550de96
commit
ff4296a1fe
|
@ -289,7 +289,7 @@ coap_common_dissect_t name = { \
|
|||
NULL, HFILL } \
|
||||
}, \
|
||||
{ & name .hf.opt_object_security_kid_context, \
|
||||
{ "Partial IV", prefix ".opt.object_security_kid_context", \
|
||||
{ "Key ID Context", prefix ".opt.object_security_kid_context", \
|
||||
FT_BYTES, BASE_NONE, NULL, 0x00, \
|
||||
NULL, HFILL } \
|
||||
}, \
|
||||
|
|
|
@ -93,11 +93,13 @@ UAT_VS_DEF(oscore_context_uat, algorithm, oscore_context_t, cose_aead_alg_t, COS
|
|||
#define OSCORE_PIV_MAX_LEN 5 /* upper bound specified in the draft */
|
||||
#define OSCORE_KID_MAX_LEN_CCM_STAR 7 /* upper bound on KID for AES-CCM-16-64-128 (CCM*) */
|
||||
#define OSCORE_KID_MAX_LEN OSCORE_KID_MAX_LEN_CCM_STAR /* upper bound on KID coming from the default algorithm implemented */
|
||||
#define OSCORE_KID_CONTEXT_MAX_LEN 64
|
||||
|
||||
/* Helper macros to correctly size the statically allocated buffers and verify if an overflow occured */
|
||||
|
||||
#define OSCORE_INFO_MAX_LEN (1 + /* max return of cborencoder_put_array() */ \
|
||||
2 + OSCORE_KID_MAX_LEN + /* max 2 to encode length, KID following */ \
|
||||
2 + OSCORE_KID_CONTEXT_MAX_LEN + /* length + KID CONTEXT */ \
|
||||
2 + /* max return of cborencoder_put_unsigned() */ \
|
||||
2 + 3 + /* max 2 to encode length, "Key" following */ \
|
||||
2 /* max return of cborencoder_put_unsigned() */ )
|
||||
|
@ -217,14 +219,18 @@ static gboolean oscore_context_update_cb(void *r, char **err) {
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
/* No max length check on ID Context. We use GByteArray to allocate memory
|
||||
* and pass it to the context derivation routine */
|
||||
if (hex_str_to_bytes(rec->id_context_prefs, bytes, FALSE) == FALSE) {
|
||||
*err = g_strdup("ID Context is invalid.");
|
||||
g_byte_array_free(bytes, TRUE);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (bytes->len > OSCORE_KID_CONTEXT_MAX_LEN) {
|
||||
*err = g_strdup_printf("Should be %u bytes or less.", OSCORE_KID_CONTEXT_MAX_LEN);
|
||||
g_byte_array_free(bytes, TRUE);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (hex_str_to_bytes(rec->master_secret_prefs, bytes, FALSE) == FALSE) {
|
||||
*err = g_strdup("Master Secret is invalid.");
|
||||
g_byte_array_free(bytes, TRUE);
|
||||
|
|
Loading…
Reference in New Issue