diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 1e18861f8..9e96bd149 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -784,6 +784,7 @@ static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3}; /* blkType */ static const byte blkAes128CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 2}; +static const byte blkAes192CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 22}; static const byte blkDesCbcOid[] = {43, 14, 3, 2, 7}; static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7}; @@ -964,6 +965,10 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz) oid = blkAes128CbcOid; *oidSz = sizeof(blkAes128CbcOid); break; + case AES192CBCb: + oid = blkAes192CbcOid; + *oidSz = sizeof(blkAes192CbcOid); + break; case DESb: oid = blkDesCbcOid; *oidSz = sizeof(blkDesCbcOid); diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 83056b56b..bca23a584 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -1192,7 +1192,8 @@ int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz, switch (encryptOID) { #ifndef NO_AES case AES128CBCb: - if (keySz != 16 || ivSz != AES_BLOCK_SIZE) + case AES192CBCb: + if (ivSz != AES_BLOCK_SIZE) return BAD_FUNC_ARG; ret = wc_AesSetKey(&aes, key, keySz, iv, AES_ENCRYPTION); @@ -1211,6 +1212,7 @@ int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz, ret = wc_Des_CbcEncrypt(&des, out, in, inSz); break; + case DES3b: if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE) return BAD_FUNC_ARG; @@ -1249,7 +1251,8 @@ int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz, switch (encryptOID) { #ifndef NO_AES case AES128CBCb: - if (keySz != 16 || ivSz != AES_BLOCK_SIZE) + case AES192CBCb: + if (ivSz != AES_BLOCK_SIZE) return BAD_FUNC_ARG; ret = wc_AesSetKey(&aes, key, keySz, iv, AES_DECRYPTION); @@ -1344,6 +1347,11 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) blockSz = AES_BLOCK_SIZE; break; + case AES192CBCb: + blockKeySz = 24; + blockSz = AES_BLOCK_SIZE; + break; + case DESb: blockKeySz = DES_KEYLEN; blockSz = DES_BLOCK_SIZE; @@ -1791,6 +1799,11 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, expBlockSz = AES_BLOCK_SIZE; break; + case AES192CBCb: + blockKeySz = 24; + expBlockSz = AES_BLOCK_SIZE; + break; + case DESb: blockKeySz = DES_KEYLEN; expBlockSz = DES_BLOCK_SIZE; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 2d1c1f526..9e5955af1 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -8538,8 +8538,8 @@ int pkcs7enveloped_test(void) 0x72,0x6c,0x64 }; - pkcs7EnvelopedVector a, b; - pkcs7EnvelopedVector test_pkcs7env[2]; + pkcs7EnvelopedVector a, b, c; + pkcs7EnvelopedVector test_pkcs7env[3]; int times = sizeof(test_pkcs7env) / sizeof(pkcs7EnvelopedVector), i; /* read client cert and key in DER format */ @@ -8596,8 +8596,17 @@ int pkcs7enveloped_test(void) b.privateKeySz = (word32)privKeySz; b.outFileName = "pkcs7envelopedDataAES128CBC.der"; + c.content = data; + c.contentSz = (word32)sizeof(data); + c.contentOID = DATA; + c.encryptOID = AES192CBCb; + c.privateKey = privKey; + c.privateKeySz = (word32)privKeySz; + c.outFileName = "pkcs7envelopedDataAES192CBC.der"; + test_pkcs7env[0] = a; test_pkcs7env[1] = b; + test_pkcs7env[2] = c; for (i = 0; i < times; i++) { pkcs7.content = (byte*)test_pkcs7env[i].content; diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 4e6718637..00bef121c 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -228,6 +228,7 @@ enum Hash_Sum { enum Block_Sum { AES128CBCb = 414, + AES192CBCb = 434, DESb = 69, DES3b = 652 };