CryptoLib icon indicating copy to clipboard operation
CryptoLib copied to clipboard
verified publisher icon nasa

KMC shivf_len vs iv_len

Open Donnie-Ice opened this issue 1 year ago • 1 comments

Investigate how TC_apply handles an shivf_len (12) less than iv_len (16) in KMC. It was reported that a test that used to pass is now failing.

Some KMC tests that are failing now, and were passing before, are for the truncated IV case (particularly, when the iv is 16 bytes and shivf is 12 bytes for AES-GCM). Has something changed in the way CryptoLib handles truncated IVs? Is it possible that CryptoLib was passing the shivf value to the KMC Crypto Service, and is now passing the iv value (which is the correct thing to do).

Note that KMC only accepts iv_len of 12 for AES_GCM.

Donnie-Ice avatar Feb 21 '25 11:02 Donnie-Ice

Comparison of code from v1.2.3 and v1.3.3: https://github.com/nasa/CryptoLib/blob/v1.2.3/src/src_main/crypto_tc.c#L456:L482 https://github.com/nasa/CryptoLib/blob/v1.3.3/src/core/crypto_tc.c#L288:L323

Donnie-Ice avatar Feb 21 '25 13:02 Donnie-Ice

This has not been brought up again, so may have resolved itself on their side.

Donnie-Ice avatar Apr 02 '25 20:04 Donnie-Ice