libmongocrypt is using the wrong encryption key for AEAD encryption with 96 byte keys

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Critical - P2
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Per https://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05, the ENC_KEY is bytes [32..63] of the key. libmongocrypt is using the last 32 bytes of the key. This is incorrect.

      Bug is here:
      https://github.com/mongodb/libmongocrypt/blob/3596d57cfb0a8837b1338af15cfd7e7f9dcc838f/src/mongocrypt-crypto.c#L373

      shreyas.kalyan

            Assignee:
            Kevin Albertson
            Reporter:
            Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: