feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

move decrypt content callback function to more generic spot

Browse Source
This commit is contained in:
Jacob Barthelmeh
2019-08-09 17:38:30 -06:00
parent 99ddf65a96
commit 6054a851ce
1 changed files with 34 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
wolfcrypt/src/pkcs7.c
View File

@@ -6330,11 +6330,11 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
} }
/* decrypt content using encryptOID algo */ /* decrypt content using encryptOID algo
static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz, * returns 0 on success */
byte* iv, int ivSz, byte* aad, word32 aadSz, static int wc_PKCS7_DecryptContent(PKCS7* pkcs7, int encryptOID, byte* key,
byte* authTag, word32 authTagSz, byte* in, int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag,
int inSz, byte* out) word32 authTagSz, byte* in, int inSz, byte* out)
{ {
int ret; int ret;
#ifndef NO_AES #ifndef NO_AES
@@ -6345,7 +6345,16 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
Des3 des3; Des3 des3;
#endif #endif
if (key == NULL || iv == NULL || in == NULL || out == NULL) if (iv == NULL || in == NULL || out == NULL)
return BAD_FUNC_ARG;
if (pkcs7->decryptionCb != NULL) {
return pkcs7->decryptionCb(pkcs7, encryptOID, iv, ivSz,
aad, aadSz, authTag, authTagSz, in,
inSz, out, pkcs7->decryptionCtx);
}
if (key == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
switch (encryptOID) { switch (encryptOID) {
@@ -6852,23 +6861,22 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(PKCS7* pkcs7, const byte* kek,
tmpIv = lastBlock - blockSz; tmpIv = lastBlock - blockSz;
/* decrypt last block */ /* decrypt last block */
ret = wc_PKCS7_DecryptContent(algID, (byte*)kek, kekSz, tmpIv, blockSz, ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz, tmpIv,
NULL, 0, NULL, 0, lastBlock, blockSz, blockSz, NULL, 0, NULL, 0, lastBlock, blockSz,
outTmp + inSz - blockSz); outTmp + inSz - blockSz);
if (ret == 0) { if (ret == 0) {
/* using last decrypted block as IV, decrypt [0 ... n-1] blocks */ /* using last decrypted block as IV, decrypt [0 ... n-1] blocks */
lastBlock = outTmp + inSz - blockSz; lastBlock = outTmp + inSz - blockSz;
ret = wc_PKCS7_DecryptContent(algID, (byte*)kek, kekSz, lastBlock, ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz,
blockSz, NULL, 0, NULL, 0, (byte*)in, lastBlock, blockSz, NULL, 0, NULL, 0, (byte*)in, inSz - blockSz,
inSz - blockSz, outTmp); outTmp);
} }
if (ret == 0) { if (ret == 0) {
/* decrypt using original kek and iv */ /* decrypt using original kek and iv */
ret = wc_PKCS7_DecryptContent(algID, (byte*)kek, kekSz, (byte*)iv, ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz,
ivSz, NULL, 0, NULL, 0, outTmp, inSz, (byte*)iv, ivSz, NULL, 0, NULL, 0, outTmp, inSz, outTmp);
outTmp);
} }
if (ret != 0) { if (ret != 0) {
@@ -9955,18 +9963,9 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in,
} }
/* decrypt encryptedContent */ /* decrypt encryptedContent */
if (pkcs7->decryptionCb != NULL) { ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey,
ret = pkcs7->decryptionCb(pkcs7, encOID, tmpIv, expBlockSz, blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0,
NULL, 0, NULL, 0, encryptedContent, encryptedContent, encryptedContentSz, encryptedContent);
encryptedContentSz, encryptedContent,
pkcs7->decryptionCtx);
}
else {
ret = wc_PKCS7_DecryptContent(encOID, decryptedKey, blockKeySz,
tmpIv, expBlockSz, NULL, 0, NULL, 0,
encryptedContent, encryptedContentSz,
encryptedContent);
}
if (ret != 0) { if (ret != 0) {
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
break; break;
@@ -11046,10 +11045,9 @@ authenv_atrbend:
#endif #endif
/* decrypt encryptedContent */ /* decrypt encryptedContent */
ret = wc_PKCS7_DecryptContent(encOID, decryptedKey, blockKeySz, ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey,
nonce, nonceSz, encodedAttribs, blockKeySz, nonce, nonceSz, encodedAttribs, encodedAttribSz,
encodedAttribSz, authTag, authTagSz, authTag, authTagSz, encryptedContent, encryptedContentSz,
encryptedContent, encryptedContentSz,
encryptedContent); encryptedContent);
if (ret != 0) { if (ret != 0) {
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@@ -11707,18 +11705,10 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz,
/* decrypt encryptedContent */ /* decrypt encryptedContent */
if (ret == 0) { if (ret == 0) {
if (pkcs7->decryptionCb != NULL) { ret = wc_PKCS7_DecryptContent(pkcs7, encOID,
ret = pkcs7->decryptionCb(pkcs7, encOID, tmpIv, expBlockSz, pkcs7->encryptionKey, pkcs7->encryptionKeySz, tmpIv,
NULL, 0, NULL, 0, encryptedContent, expBlockSz, NULL, 0, NULL, 0, encryptedContent,
encryptedContentSz, encryptedContent,
pkcs7->decryptionCtx);
}
else {
ret = wc_PKCS7_DecryptContent(encOID, pkcs7->encryptionKey,
pkcs7->encryptionKeySz, tmpIv, expBlockSz,
NULL, 0, NULL, 0, encryptedContent,
encryptedContentSz, encryptedContent); encryptedContentSz, encryptedContent);
}
if (ret != 0) { if (ret != 0) {
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
} }