forked from wolfSSL/wolfssl
David Garske
GitHub
@ -7616,9 +7616,9 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
|
||||
#ifdef WOLFSSL_NO_REALLOC
|
||||
derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
|
||||
if (derBuf != NULL) {
|
||||
XMEMCPY(derBuf, pkey->pkey.ptr, pkey->pkey_sz);
|
||||
XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_DER);
|
||||
pkey->pkey.ptr = NULL;
|
||||
XMEMCPY(derBuf, pkey->pkey.ptr, pkey->pkey_sz);
|
||||
XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_DER);
|
||||
pkey->pkey.ptr = NULL;
|
||||
}
|
||||
#else
|
||||
derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz,
|
||||
|
||||
@ -8469,7 +8469,6 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
{
|
||||
int length, encryptedKeySz = 0, ret = 0;
|
||||
int keySz, version, sidType = 0;
|
||||
word32 encOID;
|
||||
word32 keyIdx;
|
||||
byte issuerHash[KEYID_SIZE];
|
||||
byte* outKey = NULL;
|
||||
@ -8484,9 +8483,6 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
#ifdef WC_RSA_BLINDING
|
||||
WC_RNG rng;
|
||||
#endif
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
word32 outLen;
|
||||
#endif
|
||||
|
||||
byte* encryptedKey = NULL;
|
||||
|
||||
@ -8648,19 +8644,30 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
(*idx) += KEYID_SIZE;
|
||||
}
|
||||
|
||||
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
|
||||
return ASN_PARSE_E;
|
||||
{
|
||||
word32 encOID = 0;
|
||||
|
||||
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
|
||||
return ASN_PARSE_E;
|
||||
|
||||
if (encOID != pkcs7->publicKeyOID) {
|
||||
WOLFSSL_MSG("public key OID found in KTRI doesn't match "
|
||||
"OID stored earlier.");
|
||||
WOLFSSL_ERROR(ALGO_ID_E);
|
||||
return ALGO_ID_E;
|
||||
}
|
||||
}
|
||||
|
||||
/* key encryption algorithm must be RSA for now */
|
||||
if (encOID != RSAk
|
||||
if (pkcs7->publicKeyOID != RSAk
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
&& encOID != RSAESOAEPk
|
||||
&& pkcs7->publicKeyOID != RSAESOAEPk
|
||||
#endif
|
||||
)
|
||||
return ALGO_ID_E;
|
||||
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
if (encOID == RSAESOAEPk) {
|
||||
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
||||
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
@ -8697,6 +8704,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
FALL_THROUGH;
|
||||
|
||||
case WC_PKCS7_DECRYPT_KTRI_3:
|
||||
|
||||
#ifndef NO_PKCS7_STREAM
|
||||
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
|
||||
pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
|
||||
@ -8770,7 +8778,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
#endif
|
||||
{
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
if (encOID != RSAESOAEPk) {
|
||||
if (pkcs7->publicKeyOID != RSAESOAEPk) {
|
||||
#endif
|
||||
keySz = wc_RsaPrivateDecryptInline(encryptedKey,
|
||||
encryptedKeySz, &outKey,
|
||||
@ -8778,25 +8786,25 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
}
|
||||
else {
|
||||
outLen = wc_RsaEncryptSize(privKey);
|
||||
outKey = (byte*)XMALLOC(outLen, pkcs7->heap,
|
||||
word32 outLen = wc_RsaEncryptSize(privKey);
|
||||
outKey = (byte*)XMALLOC(outLen, pkcs7->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (!outKey) {
|
||||
WOLFSSL_MSG("Failed to allocate out key buffer");
|
||||
wc_FreeRsaKey(privKey);
|
||||
XFREE(encryptedKey, pkcs7->heap,
|
||||
XFREE(encryptedKey, pkcs7->heap,
|
||||
DYNAMIC_TYPE_WOLF_BIGINT);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(privKey, pkcs7->heap,
|
||||
XFREE(privKey, pkcs7->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
WOLFSSL_ERROR_VERBOSE(MEMORY_E);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
keySz = wc_RsaPrivateDecrypt_ex(encryptedKey,
|
||||
encryptedKeySz, outKey, outLen, privKey,
|
||||
WC_RSA_OAEP_PAD,
|
||||
keySz = wc_RsaPrivateDecrypt_ex(encryptedKey,
|
||||
encryptedKeySz, outKey, outLen, privKey,
|
||||
WC_RSA_OAEP_PAD,
|
||||
WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
|
||||
}
|
||||
#endif
|
||||
@ -8819,7 +8827,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
if (encOID == RSAESOAEPk) {
|
||||
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
||||
if (!outKey) {
|
||||
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
@ -8837,7 +8845,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
if (encOID == RSAESOAEPk) {
|
||||
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
||||
if (!outKey) {
|
||||
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
|
||||
@ -781,8 +781,8 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
|
||||
|
||||
#elif defined(FREESCALE_RTC)
|
||||
#include <time.h>
|
||||
#include "fsl_rtc.h"
|
||||
#ifndef XTIME
|
||||
#include "fsl_rtc.h"
|
||||
#ifndef XTIME
|
||||
#define XTIME(t1) fsl_time((t1))
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user