commit 7b6ddfcd25d95a1c6a452158db9205a6372b4426
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Jun 26 13:16:33 2024 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Jun 26 13:16:33 2024 +0200
tree e12e53e49a6c3d82c82b9e0f193a2c228a2d247a
parent dd48f0f23f8b5189031d6f3ac519b2b6113bd9e7

psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes

Credit to Cryptofuzz. Fixes #9314.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 02554d1..8100afc 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4631,11 +4631,7 @@
         goto exit;
     }
 
-    if (alg == PSA_ALG_CCM_STAR_NO_TAG &&
-        input_length < PSA_BLOCK_CIPHER_BLOCK_LENGTH(slot->attr.type)) {
-        status = PSA_ERROR_INVALID_ARGUMENT;
-        goto exit;
-    } else if (input_length < PSA_CIPHER_IV_LENGTH(slot->attr.type, alg)) {
+    if (input_length < PSA_CIPHER_IV_LENGTH(slot->attr.type, alg)) {
         status = PSA_ERROR_INVALID_ARGUMENT;
         goto exit;
     }