Adding Encrypted2 datalen check

Author: Alami-Amine

src/protocols/secure_channel/CASESession.cpp

@@ -1356,6 +1356,9 @@ CHIP_ERROR CASESession::EncodeSigma2(System::PacketBufferHandle & msg_R2, Encode
     // Check if msg_R2_Encrypted is not nullptr
     VerifyOrReturnError(input.msg_R2_Encrypted, CHIP_ERROR_INCORRECT_STATE);
 
+    // Check if length of msg_R2_Encrypted is set and is at least larger than the MIC length
+    VerifyOrReturnError(input.encrypted2Length > CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES, CHIP_ERROR_INCORRECT_STATE);
+
     ReturnErrorOnFailure(tlvWriterMsg2.PutBytes(TLV::ContextTag(kTag_Sigma2_Encrypted2), input.msg_R2_Encrypted.Get(),
                                                 static_cast<uint32_t>(input.encrypted2Length)));
 

src/protocols/secure_channel/CASESession.h

@@ -135,8 +135,8 @@ class DLL_EXPORT CASESession : public Messaging::UnsolicitedMessageHandler,
 
     struct EncodeSigma1Param : Sigma1Param
     {
-        const Crypto::P256PublicKey * pEphPubKey;
-        const ReliableMessageProtocolConfig * initiatorMrpConfig;
+        const Crypto::P256PublicKey * pEphPubKey                 = nullptr;
+        const ReliableMessageProtocolConfig * initiatorMrpConfig = nullptr;
         uint8_t initiatorResume1MIC[Crypto::CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES];
     };
 
@@ -191,9 +191,9 @@ class DLL_EXPORT CASESession : public Messaging::UnsolicitedMessageHandler,
     {
         uint8_t responderRandom[kSigmaParamRandomNumberSize];
         uint16_t responderSessionId;
-        const Crypto::P256PublicKey * pEphPubKey;
+        const Crypto::P256PublicKey * pEphPubKey = nullptr;
         Platform::ScopedMemoryBuffer<uint8_t> msg_R2_Encrypted;
-        size_t encrypted2Length;
+        size_t encrypted2Length = 0;
         const ReliableMessageProtocolConfig * responderMrpConfig;
     };
 

src/protocols/secure_channel/tests/TestCASESession.cpp

@@ -981,6 +981,7 @@ TEST_F(TestCASESession, EncodeSigma2Test)
     System::PacketBufferHandle msg;
     CASESession session;
     CASESession::EncodeSigma2Param encodeParams;
+    constexpr uint8_t kEncrypted2datalen = 100U;
 
     EXPECT_EQ(chip::Crypto::DRBG_get_bytes(&encodeParams.responderRandom[0], sizeof(encodeParams.responderRandom)), CHIP_NO_ERROR);
     encodeParams.responderSessionId = 7315;
@@ -992,7 +993,8 @@ TEST_F(TestCASESession, EncodeSigma2Test)
     encodeParams.pEphPubKey = &EphemeralKey->Pubkey();
 
     // TBEData2Encrypted
-    encodeParams.msg_R2_Encrypted.Alloc(100);
+    encodeParams.encrypted2Length = kEncrypted2datalen + CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES;
+    encodeParams.msg_R2_Encrypted.Alloc(encodeParams.encrypted2Length);
 
     // responder Session Parameters
     ReliableMessageProtocolConfig MRPConfig = GetDefaultMRPConfig();
@@ -1022,10 +1024,18 @@ TEST_F(TestCASESession, EncodeSigma2Test)
     EXPECT_EQ(CHIP_ERROR_INCORRECT_STATE, session.EncodeSigma2(msg, encodeParams));
     msg = nullptr;
 
-    encodeParams.msg_R2_Encrypted.Alloc(100);
+    encodeParams.msg_R2_Encrypted.Alloc(encodeParams.encrypted2Length);
 
     EXPECT_EQ(CHIP_NO_ERROR, session.EncodeSigma2(msg, encodeParams));
 
+    // EncodeSigma1 should fail when the encrypted2Length is not set
+    encodeParams.encrypted2Length = 0;
+    EXPECT_EQ(CHIP_ERROR_INCORRECT_STATE, session.EncodeSigma2(msg, encodeParams));
+    msg = nullptr;
+
+    // Set encrypted2Length again
+    encodeParams.encrypted2Length = kEncrypted2datalen + CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES;
+
     // EncodeSigma1 should fail when MRP config is missing
     encodeParams.responderMrpConfig = nullptr;
     EXPECT_EQ(CHIP_ERROR_INCORRECT_STATE, session.EncodeSigma2(msg, encodeParams));