feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

add AES-192-CBC to PKCS#7 Encode/DecodeEnvelopedData

Browse Source
This commit is contained in:
Chris Conlon
2016-10-31 11:22:49 -06:00
parent 17c184e720
commit 8c23c3cdd0
4 changed files with 32 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
wolfcrypt/src/asn.c
View File

@@ -784,6 +784,7 @@ static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3};
/* blkType */
static const byte blkAes128CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 2};
static const byte blkAes192CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 22};
static const byte blkDesCbcOid[] = {43, 14, 3, 2, 7};
static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7};
@@ -964,6 +965,10 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
oid = blkAes128CbcOid;
*oidSz = sizeof(blkAes128CbcOid);
break;
case AES192CBCb:
oid = blkAes192CbcOid;
*oidSz = sizeof(blkAes192CbcOid);
break;
case DESb:
oid = blkDesCbcOid;
*oidSz = sizeof(blkDesCbcOid);

17
wolfcrypt/src/pkcs7.c
View File

@@ -1192,7 +1192,8 @@ int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
switch (encryptOID) {
#ifndef NO_AES
case AES128CBCb:
if (keySz != 16 || ivSz != AES_BLOCK_SIZE)
case AES192CBCb:
if (ivSz != AES_BLOCK_SIZE)
return BAD_FUNC_ARG;
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_ENCRYPTION);
@@ -1211,6 +1212,7 @@ int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
ret = wc_Des_CbcEncrypt(&des, out, in, inSz);
break;
case DES3b:
if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
return BAD_FUNC_ARG;
@@ -1249,7 +1251,8 @@ int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
switch (encryptOID) {
#ifndef NO_AES
case AES128CBCb:
if (keySz != 16 || ivSz != AES_BLOCK_SIZE)
case AES192CBCb:
if (ivSz != AES_BLOCK_SIZE)
return BAD_FUNC_ARG;
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_DECRYPTION);
@@ -1344,6 +1347,11 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
blockSz = AES_BLOCK_SIZE;
break;
case AES192CBCb:
blockKeySz = 24;
blockSz = AES_BLOCK_SIZE;
break;
case DESb:
blockKeySz = DES_KEYLEN;
blockSz = DES_BLOCK_SIZE;
@@ -1791,6 +1799,11 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
expBlockSz = AES_BLOCK_SIZE;
break;
case AES192CBCb:
blockKeySz = 24;
expBlockSz = AES_BLOCK_SIZE;
break;
case DESb:
blockKeySz = DES_KEYLEN;
expBlockSz = DES_BLOCK_SIZE;

13
wolfcrypt/test/test.c
View File

@@ -8538,8 +8538,8 @@ int pkcs7enveloped_test(void)
0x72,0x6c,0x64
};
pkcs7EnvelopedVector a, b;
pkcs7EnvelopedVector test_pkcs7env[2];
pkcs7EnvelopedVector a, b, c;
pkcs7EnvelopedVector test_pkcs7env[3];
int times = sizeof(test_pkcs7env) / sizeof(pkcs7EnvelopedVector), i;
/* read client cert and key in DER format */
@@ -8596,8 +8596,17 @@ int pkcs7enveloped_test(void)
b.privateKeySz = (word32)privKeySz;
b.outFileName = "pkcs7envelopedDataAES128CBC.der";
c.content = data;
c.contentSz = (word32)sizeof(data);
c.contentOID = DATA;
c.encryptOID = AES192CBCb;
c.privateKey = privKey;
c.privateKeySz = (word32)privKeySz;
c.outFileName = "pkcs7envelopedDataAES192CBC.der";
test_pkcs7env[0] = a;
test_pkcs7env[1] = b;
test_pkcs7env[2] = c;
for (i = 0; i < times; i++) {
pkcs7.content = (byte*)test_pkcs7env[i].content;

1
wolfssl/wolfcrypt/asn.h
View File

@@ -228,6 +228,7 @@ enum Hash_Sum {
enum Block_Sum {
AES128CBCb = 414,
AES192CBCb = 434,
DESb = 69,
DES3b = 652
};