DDSSEC13 — Force the use of AAD in PSK messages

Currently PSK secured messages can optionally use AAD. However if AAD is not used it would create a weakness that can be exploited to tamper with the RTPS header.

The proposed remediation is to force use of AAD if using PSK or Header Extension.

Proposed changes
In:
Table 80 – Actions undertaken by the operations of the builtin Cryptographic CryptoKeyTransform plugin
encode_rtps_message
1) Transformation when “Additional Authenticated Data (AAD)” is disabled.

Replace:
The SecureRTPSPrefixSubMsg PreSharedKeyFlag shall be set if encode_rtps_message was called with transform_with_psk=TRUE.

With

The encode_rtps_message operation will fail if it is called with transform_with_psk=TRUE and AAD is disabled.

In
Table 80 – Actions undertaken by the operations of the builtin Cryptographic CryptoKeyTransform plugin
decode_rtps_message
2) If SecureRTPSPrefixSubMsg’s PreSharedKeyFlag is set:
[..]
Uses the PSK KeyMaterial to validate the authentication tags contained in the
SecureRTPSPostfixSubMsg.

Add

The SecureRTPSPrefixSubMsg’s AdditionalAuthenticatedDataFlag must be set. The decode_rtps_message operation will fail if it is called for a message that sets the PreSharedKeyFlag flag but not the AdditionalAuthenticatedDataFlag.