Loading...

XML

Word

Printable

Product:
TI Device Drivers
Internal ID:
TIDRIVERS-1011
Found In Release:
3.10.00
Fix In Release:
3.20.00
Release Notes:

Hide
There was a vulnerability in the CCM example of the CryptoCC26XX.h header.
The decryption operation incorrectly set the .msgOut field to the same location as the encrypted MAC in the cyphertext. During the course of the driver operation, the MAC that is recalculated over the decrypted message, is written to .msgOut. This recalculated MAC is then compared to the MAC in the cyphertext. If .msgOut is at the same location as the MAC in the cyphertext, the original MAC will be overwritten and the new MAC will be compared against itself.
This was the case in the example in the header file. The verification could not fail and the authentication was thus ineffective.

Show
There was a vulnerability in the CCM example of the CryptoCC26XX.h header. The decryption operation incorrectly set the .msgOut field to the same location as the encrypted MAC in the cyphertext. During the course of the driver operation, the MAC that is recalculated over the decrypted message, is written to .msgOut. This recalculated MAC is then compared to the MAC in the cyphertext. If .msgOut is at the same location as the MAC in the cyphertext, the original MAC will be overwritten and the new MAC will be compared against itself. This was the case in the example in the header file. The verification could not fail and the authentication was thus ineffective.

Fix vulnerability in CryptoCC26XX.h CCM example

Connection: Intermediate to External PROD System

EXTSYNC-819 - Fix vulnerability in CryptoCC26XX.h...
SYNCHRONIZED