From b1b1c15b35e65800fdd5360b00bde2d1ff22a80a Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Wed, 26 Jun 2024 13:35:16 -0600 Subject: [PATCH 01/18] add content stream output callback for VerifySignedData function --- wolfcrypt/src/pkcs7.c | 95 ++++++++++++++++++++++++++++++------------- 1 file changed, 67 insertions(+), 28 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 5050a3331..95209d3dd 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -5276,35 +5276,49 @@ static int wc_PKCS7_HandleOctetStrings(wc_PKCS7* pkcs7, byte* in, word32 inSz, /* got partial octet string data */ /* accumulate partial octet string to buffer */ if (keepContent) { - - /* store current content buffer temporarily */ - tempBuf = pkcs7->stream->content; - pkcs7->stream->content = NULL; - - /* grow content buffer */ - contBufSz = pkcs7->stream->accumContSz; - pkcs7->stream->accumContSz += pkcs7->stream->expected; - - pkcs7->stream->content = - (byte*)XMALLOC(pkcs7->stream->accumContSz, - pkcs7->heap, DYNAMIC_TYPE_PKCS7); - - if (pkcs7->stream->content == NULL) { - WOLFSSL_MSG("failed to grow content buffer."); - XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - tempBuf = NULL; - ret = MEMORY_E; - break; + if (pkcs7->streamOutCb) { + ret = wc_HashUpdate(&pkcs7->stream->hashAlg, + pkcs7->stream->hashType, + msg + *idx, pkcs7->stream->expected); + if (ret != 0) + break; + pkcs7->streamOutCb(pkcs7, msg + *idx, + pkcs7->stream->expected, pkcs7->streamCtx); } else { - /* accumulate content */ - if (tempBuf != NULL && contBufSz != 0) { - XMEMCPY(pkcs7->stream->content, tempBuf, contBufSz); + /* store current content buffer temporarily */ + tempBuf = pkcs7->stream->content; + pkcs7->stream->content = NULL; + + /* grow content buffer */ + contBufSz = pkcs7->stream->accumContSz; + pkcs7->stream->accumContSz += pkcs7->stream->expected; + + pkcs7->stream->content = + (byte*)XMALLOC(pkcs7->stream->accumContSz, + pkcs7->heap, DYNAMIC_TYPE_PKCS7); + + if (pkcs7->stream->content == NULL) { + WOLFSSL_MSG("failed to grow content buffer."); + if (tempBuf != NULL) { + XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + tempBuf = NULL; + } + ret = MEMORY_E; + break; + } + else { + /* accumulate content */ + if (tempBuf != NULL && contBufSz != 0) { + XMEMCPY(pkcs7->stream->content, tempBuf, contBufSz); + } + XMEMCPY(pkcs7->stream->content + contBufSz, msg + *idx, + pkcs7->stream->expected); + if (tempBuf != NULL) { + XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + tempBuf = NULL; + } } - XMEMCPY(pkcs7->stream->content + contBufSz, msg + *idx, - pkcs7->stream->expected); - XFREE(tempBuf, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - tempBuf = NULL; } } @@ -5924,6 +5938,14 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE3); #ifndef NO_PKCS7_STREAM + /* setup hash struct for creating hash of content if needed */ + if (pkcs7->streamOutCb) { + ret = wc_HashInit_ex(&pkcs7->stream->hashAlg, + pkcs7->stream->hashType, pkcs7->heap, pkcs7->devId); + if (ret != 0) + break; + } + /* free pkcs7->stream->content buffer */ XFREE(pkcs7->stream->content, pkcs7->heap, DYNAMIC_TYPE_PKCS7); pkcs7->stream->content = NULL; @@ -6586,8 +6608,25 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, pkcs7->contentSz = (word32)contentSz; if (ret == 0) { - ret = wc_PKCS7_SignedDataVerifySignature(pkcs7, sig, (word32)sigSz, - signedAttrib, (word32)signedAttribSz, + #ifndef NO_PKCS7_STREAM + byte streamHash[WC_MAX_DIGEST_SIZE]; + + /* get final hash if having done hash updates while + * streaming out the content */ + if (pkcs7->streamOutCb) { + ret = wc_HashFinal(&pkcs7->stream->hashAlg, + pkcs7->stream->hashType, streamHash); + hashBuf = streamHash; + hashSz = wc_HashGetDigestSize(pkcs7->stream->hashType); + + wc_HashFree(&pkcs7->stream->hashAlg, + pkcs7->stream->hashType); + if (ret != 0) + break; + } + #endif + ret = wc_PKCS7_SignedDataVerifySignature(pkcs7, sig, + (word32)sigSz, signedAttrib, (word32)signedAttribSz, hashBuf, hashSz); } } From 1e254c014db62b871e6e017e7afc03475a50ba1c Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Thu, 20 Feb 2025 00:23:06 -0700 Subject: [PATCH 02/18] application decryption successful --- certs/include.am | 1 + certs/renewcerts.sh | 5 + certs/test-stream-dec.p7b | Bin 0 -> 6093 bytes tests/api.c | 69 ++++ wolfcrypt/src/pkcs7.c | 663 +++++++++++++++++++++++++++----------- wolfssl/wolfcrypt/pkcs7.h | 15 + 6 files changed, 560 insertions(+), 193 deletions(-) create mode 100644 certs/test-stream-dec.p7b diff --git a/certs/include.am b/certs/include.am index f3f1f6a36..1c622e8c3 100644 --- a/certs/include.am +++ b/certs/include.am @@ -53,6 +53,7 @@ EXTRA_DIST += \ certs/wolfssl-website-ca.pem \ certs/test-degenerate.p7b \ certs/test-stream-sign.p7b \ + certs/test-stream-dec.p7b \ certs/test-ber-exp02-05-2022.p7b \ certs/test-servercert.p12 \ certs/test-servercert-rc2.p12 \ diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 5a1726bd5..cf5154217 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -858,6 +858,11 @@ run_renewcerts(){ openssl smime -sign -in ./ca-cert.pem -out test-stream-sign.p7b -signer ./ca-cert.pem -nodetach -nocerts -binary -outform DER -stream -inkey ./ca-key.pem check_result $? "" + echo "Creating test-stream-dec.p7b..." + echo "" + openssl cms -encrypt -in ca-cert.pem -recip client-cert.pem -out test-stream-dec.p7b -outform DER -stream + check_result $? "" + echo "End of section" echo "---------------------------------------------------------------------" diff --git a/certs/test-stream-dec.p7b b/certs/test-stream-dec.p7b new file mode 100644 index 0000000000000000000000000000000000000000..a70b37fc4dc6f519dda5bae2c6c42619bd69fe55 GIT binary patch literal 6093 zcmXqLVB^$k^Jx3d%gD~WpuwPliIKsuiSdd-6XOLYMh1h%?FNnW47m+B*_cCF*o2uv zgAD}?_&^*E9(LdSypqJcM3@LW54%%-RcdZxo}s9LFh~s-4^Mf1PFirVPrQ+ViG`u0 zfjCH*n@1p^C_lX@F*i3eFI^WbC1D^2l49oJFE20G1L-O*&e2QG&oz`ckcGRElTl0{ zGcPUQ0Z9Rq2*-wyD(0v+p4ibcT+!Ub zC&K%_3VYp|X7l%~@>k=PSt5shf7}t4sa}-i`YeTQ<`nkJDr@7LSxaKR&R#a{mA39q z_t1l1ub53eRQmJT-5u?x9(>nh-^8FXS2XN;?8cqp3bh>51b%!tw94a08e__dn|>GE zi&zR~c566>G|cIHqJRBj+y4S@Ux#d#fVCgBML$0@&MV!s{Lej`inZ2T%0rdI6x3Ug zs)h=*@aEl}NfO~q^8y`&H3o3}eRw+Qd< zIav2r^hK_k(DO4~4=t-NW*qy#eEZAkt+RR`qu4<9qn0hyM%dd}gF) zJ=?Qxff(b@%k6K&_8qv_Se4&=sC!FAQuf8uOZv8$E!gJk>mDijE4W&5|FcBSlEh`f zxsC<1`;J!rcI`Kgll)+3elgR6#-Fvv z+=M*e9`h``aj)oR_uKw{Szq2?#|0<96bUbL$zzQ?pw}aD==PdfO&{2;o-FSY`l?tp zb06D8k8`s-j!ezDf6!fV_ngvQD>vU;-L>%4o9!Hv{L5cH3V67c=Xd5KA6u5mPlK-P zRTOLTjaG<0Bw&5PTgFG@h{@XfDjQZD(qEIP#1JUkzF*_3&%9|~Xtj3T4&X6CXzKR`TwHg?`rAoEzL55B`$9yjXD}KzdXG=zw)2i1f{R~GhctW9KZaD%iBNqc2D}UXpg$& zgz`_*R_}0q_4?M7=})-@m&{G({~Y~tOJZ?&@6*C|z9skG&E@lJ_6jdud0Eri>{sOs zrn3i^FPnT)WKw#ml5eXhr)o_2)rmh%*^Tt?-^lryyt=WfxKnGYOIp74Le+xr(k_4R z>zj6;S#Be=pXub)9U0fuuKxAyiFOG6*QtN(kCEA%(EVvH#sc>7i(LXM3pVD5hCMlB zzc}D^*qnzp8)f$TIIZF`^|h%gvNTTL$<2F%Pd(9ao|&~!i+jkPT|Bq@G*cVjGWRYy zHt$3KX=%ooXv>S=3-!Oxj}JO;elgw)}EPL@qZA)s_B^J(!Di()a7(P7v^ICS}5B8H+A`SYUiwM-SUiH!N@qef?D`eH- z-`&S_%#Su0?^gHs%j*CCH>P)a$K!=j5u)$5Z`>KjZ?k;YL}O0QB|?W5r0x}+cV#Na z>OV7ovK?%VEs(XexyzNCe`=$8`jZ56wfFCI7pomx`TBv=v+9QDy<0^V=WS5)FXhiul1|8HOUh2zLy*&nafioLKl_uf?oFS+e%p)b ze*0ryu})06x;banp8LH)|F`p# z_U3(W?Cvz`K2nrzJLF;9lW)HEmq%6F%X;}qJpIB&-t}k9FNyC@XjsM4xsAnC&V9n% z`HyWLW(V4t?JrYOoWXv5m)DU4596+V-moBhO^#9XUFKu`jj!*y*lhSeY2I!<-OmwO zE;*mpMc+OA;^L{D5$oRS)F!%0YF_M_6@P*E#E-I55f&xaBF}xgx+FEB*G}(_@ZZ1p zuTHw6(UIPLbeWp2!?lhFCcdSg-q&>QR#Ay6Kj<-SyWhEFiMi7^3EHvp=9UxSu~Mz564`!ats zp3wgEK!^RW+Bb~rv|^rAY|6Rt`CRE7IcBb9^S9mjtSVJ-sNva}IhzurQsa{N#JQHN zzj|i#3jO&lSykGbzRGi?_;<(ECPZ(P_E_pIEE#Zs{*hj5ydS=($eemwV%41#`AwTIzhxe&zF(=Th#cddYSiTiEYkqqzT_WtU*o#i^4cHm7KqRcha5{Bv^0 zzdhRw4A**^|Ft<#ZB}c^{c+oc?GbBEbWYm(p?}8nxUeG+`;1oe$<1*K-WRzu-}L(7 zf5{E~(i7#%7MjgeTY25hclynFQ!gifkq(yN(74L}A#Jj9>Wu|C+mja@OHQ;k;jVLH;r`(CCuY}wcN>?gwpArq<|Q&6WMBR2 z#IhOrbAL`b+kL9pDsun+q7?q} zcAp8i=Uyrb-2FW8DZBKyDa>ghSDbIz$$d#%vXk>8tDH+jp!l)(cV`E0J#!)FmfrWG zeH^j7q^l&R<-G0pT@+&We#bB7!#}5enA2=+Ah>$Tx#lSX|Cn^&)G8lcp|ZHO;s0I# zeIE;U-9EYM!nCJqRjaz4Iz@hmXAda;ARwa#J3&{!crKE0xtu zuXg@f@$3k5o`qae|K-0|e=FbJV=~6RpF2zyezfH6GyMCWHA~}5WKE#>tvuG4 zpO>$!=dsyde>W{Fp1(=$mxIT%XAcUcu9(bx$Pi%ubM>t*Rt=Xoch)SC53?;!lyj?G zXDD<<@VeB>Ir)G6-tk^3O}e(^`>#9tA1|MqF=M-yg1~_~ve( zt1M=v2HjC;%AQuN^nCGCtpbbpQ)e4nu3liw`#-JkQ^C@gn^%0; z`*XqO4?lM<_DK0t6V>?M?=4qrwLbHkEU7H}opZZ2lP&x7CjDEtvs{1bW0QyP)ZV^# zec!9m@-ebFU-ExxZuOyen=Dk#Uc9q#>Yw`M^lsi&&kUdK;B3{>r$~Aht{@9<~E6+rOregKDB557Teu% z)=y4mhXt;`dCf^Y-ytb5@4~x^D)+TVH~lu+?X~@aap%R;&(vIx2kBer9_#kp@4wh2 zA*}HQKhI&c=fd`rHrw-jWfnBjIw(GmFWYu;-s5ctJlXDw+x&UMy6dxDwUVIOV&~I| z$ur}EQdY2u=GB%q2Ucr5P1$EEW_UjO@;{!x&jrd~Ep_kz_q21~a^0*Hr-es)sw$U# zGMfMDR=rxwiKqw0>gVS_&1t>wVDx=Xw)e$58dcGbdM=aO?+XZsUD+T}Fd=HwF@INu zu6{}G?g`t}HXgm8mTN5aH~nV1iB*|(BVYEv&iP;DlEaoXo|S%e%P=S5ZqFU1{MZP+ zMMtJ=*xi_TuH-s@Ip>L~f|zw3&gcsUA%9&$tv;K3BKwrv5{q%jgscNe^7U3h~M3?;4nkqA&Z|obyrN|M z*sL!Y3I)#mmUZ%({$g1P39tNlS4>5pe_ZhCwbCiZi7KAVw>@UIJDB@(JWq}A=>Jw7 zx2KxPTsxA_@SH6_q@+pTv=uh;(XR<&rJb52fiQLmGAo!%Ll9lkQJb=R~-RB6<2 zF@F+YICI&F3IAoLNvxcf$J8GMip#obWuqWSNZ)+wZit z>UM^nTko}!q{WZ%<(t(yTkLx^-$KIl#^xoF4sYzP6!?Da_;A~*Lf{y)i6QfyDB%;V z`HOV+zCFpr8GbN-#d5pFpN)*eG@F^?vKvD^?0co-Bd6}l_= z(|J~}k@Mt`VZ3fBbNBm!bOFULjvLu(PDi?bTluza$|Cd6HEXP1GdqZ{GfutI^xp1? zSk>O^H;Yz_%N|cFr579)ud@%F z6_x($>6gov!E;QK4crq%i_~@A&RueD;YUuLZ5Ea5f6rlQVqLKE`vo4a-|ashB))pd zCwA(^_we{#M_=V<9<{jaV7^dMg0W)t*Av+(Rw2*xi>$dE);X10i@*JKeoxGzEP-_% zU1!$J)MC7A$H-7Fp8hLZWGb?Lv^S3f>&O!M_F zdFc5kd}X%4QiGKn8&nS6-M;7i^{ylHluy-JL^?=)nk;ctWc%Xj7qoi*CH7vszDO(c z1*hJ-T-Lk=A3xm{sbMTT_=Ep&kaJJ5{;Jt`uXV3}v~F=<^+6V$i_B-Z?B017f6?H% zc6ye+t6Nw4!EFM>~dvJz3xtvQ{VDLt9{okH{-DjTO zFN);a!1%N~|KaYOADVypuG%bUf8J7l?0`UdpVIe3ezRYHe8Tdk&h>N6R9VI@#j65~ z%5ENC-Fu?th}^7sN92!YKQFWEh^tRB?Un5N&ojxyExqqr)3PhEzfW`&Ff94XI&!=Z*u6Ng#H{T98|8&O*Q+k=RcSpL&iG;y$J@(0QZVs-Cp z=GOwvm0vtQ35w*JpKM#meFaK$46rC*K*%xz0>}x@mH4#vN@9B6_;oU_`GU7S+Z^DZDc_e<52HC?wa%$sX@j`MhBmqDj@=;;M_=50v6ZgI4Hn$vE! z1)2*&`lg?i*uQA)1S@NWyxu+ueY44p)7G6&=Y4vaXH9;QtQ{v{p zP?3-QY4c?tviK}jQaZmW=JlHQ++E9-d1c+&_n3{lTWhbT$*PC$Q+OwqY}#;7%vy(A znDNWXmfFG)9{HO6{){P6<$7=m06 z1Cl-aR^GX)y3kwkh}+R-yPwfzUo!R=uG18onGj*I_W8w4{ELnWE#?UeX~_${@cDmM z!^+#@O{eGF>g+REIM=G0sj_^A{SWtv>Vi|sU+j9d=Ioq4h8A-Pws?)1JKDb_>Ap&Q z)gn;Wkl?s@O8C(d|5a{3n9m$=D_k1t=ylG^i~0S*g!S(xsEglT$ac%G;g#r~edisd zjJ7Nk=1yDRSn|XE(Wc06in2=I@_Uk-jS?GuW&ZhB$;{p|<<@M=mXNL19k1tyX9O+K z{ix5g=kDx9j`<$-Ql~a2HR*jzSU2(HI)_Dngp>sxAEZtFwcJ$8dIXUyp8Ydc=CTP^m@cT>7ow;*nB^_pWQ>|5&dTe`?){DGWNFIX?Yyomv-e zsnTG6bM*r4sWDq6MBR99DqT3Fm&$b}FGE-5$96IK-VZU~Jd_=ewRAe4+#wsoJeh^# P?!Q@E%5Eo|W`F|#55K8~ literal 0 HcmV?d00001 diff --git a/tests/api.c b/tests/api.c index e90082864..6d63494b0 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39205,6 +39205,74 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, #endif /* HAVE_PKCS7 && !NO_AES && HAVE_AES_CBC && !NO_AES_256 */ +#define MAX_TEST_DECODE_SIZE 6000 +static int test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb(PKCS7* pkcs7, const byte* output, + word32 outputSz, void* ctx) { + WOLFSSL_BUFFER_INFO* out = (WOLFSSL_BUFFER_INFO*)ctx; + + if (out == NULL) { + return -1; + } + + if (outputSz + out->length > MAX_TEST_DECODE_SIZE) { + printf("Example buffer size needs increased"); + } + + XMEMCPY(out->buffer + out->length, output, outputSz); + out->length += outputSz; + + (void)pkcs7; + return 0; +} + +/* + * Testing wc_PKCS7_DecodeEnvelopedData with streaming + */ +static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) +{ +#if defined(HAVE_PKCS7) && defined(ASN_BER_TO_DER) + EXPECT_DECLS; + PKCS7* pkcs7 = NULL; + int ret; + FILE* f; + const char* testStream = "./certs/test-stream-dec.p7b"; + byte testStreamBuffer[100]; + int testStreamBufferSz; + byte decodedData[MAX_TEST_DECODE_SIZE]; /* large enough to hold result of decode, which is ca-cert.pem */ + WOLFSSL_BUFFER_INFO out; + + out.length = 0; + out.buffer = decodedData; + + ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); + ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048, + sizeof_client_cert_der_2048), 0); + + ExpectIntEQ(wc_PKCS7_SetKey(pkcs7, (byte*)client_key_der_2048, sizeof_client_key_der_2048), 0); + ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, + test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb, (void*)&out), 0); + + do { + ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE); + ExpectIntGT(testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, + sizeof(testStreamBuffer), f), 0); + + ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, testStreamBufferSz, NULL, 0); + } while (ret == WC_PKCS7_WANT_READ_E); + ExpectIntGT(ret, 0); + + if (f != XBADFILE) { + XFCLOSE(f); + f = XBADFILE; + } + + wc_PKCS7_Free(pkcs7); + return EXPECT_RESULT(); +#else + return TEST_SKIPPED; +#endif +} /* END test_wc_PKCS7_DecodeEnvelopedData_stream() */ + /* * Testing wc_PKCS7_EncodeEnvelopedData() */ @@ -89456,6 +89524,7 @@ TEST_CASE testCases[] = { TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex), TEST_DECL(test_wc_PKCS7_VerifySignedData_RSA), TEST_DECL(test_wc_PKCS7_VerifySignedData_ECC), + TEST_DECL(test_wc_PKCS7_DecodeEnvelopedData_stream), TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData), TEST_DECL(test_wc_PKCS7_EncodeEncryptedData), TEST_DECL(test_wc_PKCS7_Degenerate), diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 95209d3dd..08c3281b4 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -383,7 +383,7 @@ static int wc_PKCS7_SetMaxStream(wc_PKCS7* pkcs7, byte* in, word32 defSz) idx = 0; if ((ret = wc_BerToDer(pt, maxIdx, NULL, (word32*)&length)) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) { - return ret; + // return ret; } } #endif /* ASN_BER_TO_DER */ @@ -8448,34 +8448,21 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } -/* decrypt content using encryptOID algo - * returns 0 on success */ -static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, - int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, - word32 authTagSz, byte* in, int inSz, byte* out, int devId, void* heap) +static int wc_PKCS7_DecryptContentInit(PKCS7* pkcs7, int encryptOID, byte* key, + int keySz, byte* iv, int ivSz, int devId, void* heap) { int ret; #ifndef NO_AES -#ifdef WOLFSSL_SMALL_STACK Aes *aes; -#else - Aes aes[1]; -#endif #endif #ifndef NO_DES3 - Des des; - Des3 des3; + Des *des; + Des3 *des3; #endif - if (iv == NULL || in == NULL || out == NULL) + if (iv == NULL) return BAD_FUNC_ARG; - if (pkcs7->decryptionCb != NULL) { - return pkcs7->decryptionCb(pkcs7, encryptOID, iv, ivSz, - aad, aadSz, authTag, authTagSz, in, - inSz, out, pkcs7->decryptionCtx); - } - if (key == NULL) return BAD_FUNC_ARG; @@ -8503,26 +8490,138 @@ static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, #endif (ivSz != WC_AES_BLOCK_SIZE) ) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) + + pkcs7->decryptKey.aes = (Aes *)XMALLOC(sizeof *aes, NULL, + DYNAMIC_TYPE_AES); + aes = pkcs7->decryptKey.aes; + if (aes == NULL) return MEMORY_E; -#endif ret = wc_AesInit(aes, heap, devId); if (ret == 0) { ret = wc_AesSetKey(aes, key, (word32)keySz, iv, AES_DECRYPTION); - if (ret == 0) { - ret = wc_AesCbcDecrypt(aes, out, in, (word32)inSz); - #ifdef WOLFSSL_ASYNC_CRYPT - /* async decrypt not available here, so block till done */ - ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE); - #endif - } - wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + break; + + #endif /* HAVE_AES_CBC */ + #ifdef HAVE_AESGCM + #ifdef WOLFSSL_AES_128 + case AES128GCMb: + #endif + #ifdef WOLFSSL_AES_192 + case AES192GCMb: + #endif + #ifdef WOLFSSL_AES_256 + case AES256GCMb: + #endif + #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \ + defined(WOLFSSL_AES_256) + pkcs7->decryptKey.aes = (Aes *)XMALLOC(sizeof *aes, NULL, + DYNAMIC_TYPE_AES); + aes = pkcs7->decryptKey.aes; + if (aes == NULL) + return MEMORY_E; + ret = wc_AesInit(aes, heap, devId); + if (ret == 0) { + ret = wc_AesGcmSetKey(aes, key, (word32)keySz); + } + break; + #endif + #endif /* HAVE_AESGCM */ + #ifdef HAVE_AESCCM + #ifdef WOLFSSL_AES_128 + case AES128CCMb: + #endif + #ifdef WOLFSSL_AES_192 + case AES192CCMb: + #endif + #ifdef WOLFSSL_AES_256 + case AES256CCMb: + #endif + #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \ + defined(WOLFSSL_AES_256) + pkcs7->decryptKey.aes = (Aes *)XMALLOC(sizeof *aes, NULL, + DYNAMIC_TYPE_AES); + aes = pkcs7->decryptKey.aes; + if (aes == NULL) + return MEMORY_E; + ret = wc_AesInit(aes, heap, devId); + if (ret == 0) { + ret = wc_AesCcmSetKey(aes, key, (word32)keySz); + } + break; + #endif + #endif /* HAVE_AESCCM */ +#endif /* !NO_AES */ +#ifndef NO_DES3 + case DESb: + if (keySz != DES_KEYLEN || ivSz != DES_BLOCK_SIZE) + return BAD_FUNC_ARG; + + pkcs7->decryptKey.des = (Des *)XMALLOC(sizeof *des, NULL, + DYNAMIC_TYPE_PKCS7); + des = pkcs7->decryptKey.des; + if (des == NULL) { + return MEMORY_E; + } + ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION); + break; + case DES3b: + if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE) + return BAD_FUNC_ARG; + + pkcs7->decryptKey.des3 = (Des3 *)XMALLOC(sizeof *des3, NULL, + DYNAMIC_TYPE_PKCS7); + des3 = pkcs7->decryptKey.des3; + if (des3 == NULL) { + return MEMORY_E; + } + ret = wc_Des3Init(des3, heap, devId); + if (ret == 0) { + ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION); + } + + break; +#endif /* !NO_DES3 */ + default: + WOLFSSL_MSG("Unsupported content cipher type"); + return ALGO_ID_E; + }; + + return ret; +} + + +/* Only does decryption of content using encryptOID algo and already set keys + * returns 0 on success */ +static int wc_PKCS7_DecryptContentEx(PKCS7* pkcs7, int encryptOID, + byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, + word32 authTagSz, byte* in, int inSz, byte* out) +{ + int ret; + + if (in == NULL && pkcs7->getContentCb == NULL) { + return BAD_FUNC_ARG; + } + + switch (encryptOID) { +#ifndef NO_AES + #ifdef HAVE_AES_CBC + #ifdef WOLFSSL_AES_128 + case AES128CBCb: + #endif + #ifdef WOLFSSL_AES_192 + case AES192CBCb: + #endif + #ifdef WOLFSSL_AES_256 + case AES256CBCb: + #endif +printf("trying to do decryption\n"); + ret = wc_AesCbcDecrypt(pkcs7->decryptKey.aes, out, in, + (word32)inSz); + #ifdef WOLFSSL_ASYNC_CRYPT + /* async decrypt not available here, so block till done */ + ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE); + #endif break; #endif /* HAVE_AES_CBC */ #ifdef HAVE_AESGCM @@ -8540,28 +8639,14 @@ static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, if (authTag == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; -#endif - ret = wc_AesInit(aes, heap, devId); - if (ret == 0) { - ret = wc_AesGcmSetKey(aes, key, (word32)keySz); - if (ret == 0) { - ret = wc_AesGcmDecrypt(aes, out, in, (word32)inSz, iv, - (word32)ivSz, authTag, authTagSz, - aad, aadSz); - #ifdef WOLFSSL_ASYNC_CRYPT - /* async decrypt not available here, so block till done */ - ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE); - #endif - } - wc_AesFree(aes); - } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + ret = wc_AesGcmDecrypt(pkcs7->decryptKey.aes, out, in, + (word32)inSz, iv, (word32)ivSz, authTag, authTagSz, + aad, aadSz); + #ifdef WOLFSSL_ASYNC_CRYPT + /* async decrypt not available here, so block till done */ + ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev, + WC_ASYNC_FLAG_NONE); + #endif break; #endif #endif /* HAVE_AESGCM */ @@ -8575,64 +8660,31 @@ static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, #ifdef WOLFSSL_AES_256 case AES256CCMb: #endif - #if defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_192) || \ - defined(WOLFSSL_AES_256) - if (authTag == NULL) - return BAD_FUNC_ARG; - -#ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; -#endif - ret = wc_AesInit(aes, heap, devId); - if (ret == 0) { - ret = wc_AesCcmSetKey(aes, key, (word32)keySz); - if (ret == 0) { - ret = wc_AesCcmDecrypt(aes, out, in, (word32)inSz, iv, - (word32)ivSz, authTag, authTagSz, - aad, aadSz); - #ifdef WOLFSSL_ASYNC_CRYPT - /* async decrypt not available here, so block till done */ - ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE); - #endif - } - wc_AesFree(aes); - } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif - break; + ret = wc_AesCcmDecrypt(pkcs7->decryptKey.aes, out, in, + (word32)inSz, iv, (word32)ivSz, authTag, authTagSz, + aad, aadSz); + #ifdef WOLFSSL_ASYNC_CRYPT + /* async decrypt not available here, so block till done */ + ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev, + WC_ASYNC_FLAG_NONE); #endif + break; #endif /* HAVE_AESCCM */ #endif /* !NO_AES */ #ifndef NO_DES3 case DESb: - if (keySz != DES_KEYLEN || ivSz != DES_BLOCK_SIZE) - return BAD_FUNC_ARG; - - ret = wc_Des_SetKey(&des, key, iv, DES_DECRYPTION); - if (ret == 0) - ret = wc_Des_CbcDecrypt(&des, out, in, (word32)inSz); - + ret = wc_Des_CbcDecrypt(pkcs7->decryptKey.des, out, in, + (word32)inSz); break; + case DES3b: - if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE) - return BAD_FUNC_ARG; - - ret = wc_Des3Init(&des3, heap, devId); - if (ret == 0) { - ret = wc_Des3_SetKey(&des3, key, iv, DES_DECRYPTION); - if (ret == 0) { - ret = wc_Des3_CbcDecrypt(&des3, out, in, (word32)inSz); - #ifdef WOLFSSL_ASYNC_CRYPT - /* async decrypt not available here, so block till done */ - ret = wc_AsyncWait(ret, &des3.asyncDev, WC_ASYNC_FLAG_NONE); - #endif - } - wc_Des3Free(&des3); - } - + ret = wc_Des3_CbcDecrypt(pkcs7->decryptKey.des3, out, in, + (word32)inSz); + #ifdef WOLFSSL_ASYNC_CRYPT + /* async decrypt not available here, so block till done */ + ret = wc_AsyncWait(ret, + &pkcs7->decryptKey.des3.asyncDev, WC_ASYNC_FLAG_NONE); + #endif break; #endif /* !NO_DES3 */ default: @@ -8651,6 +8703,102 @@ static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } +/* clears up struct for algo used and free's memory */ +static void wc_PKCS7_DecryptContentFree(PKCS7* pkcs7, int encryptOID, + void* heap) +{ + switch (encryptOID) { +#ifndef NO_AES + #ifdef HAVE_AES_CBC + #ifdef WOLFSSL_AES_128 + case AES128CBCb: + #endif + #ifdef WOLFSSL_AES_192 + case AES192CBCb: + #endif + #ifdef WOLFSSL_AES_256 + case AES256CBCb: + #endif + #endif /* HAVE_AES_CBC */ + #ifdef HAVE_AESGCM + #ifdef WOLFSSL_AES_128 + case AES128GCMb: + #endif + #ifdef WOLFSSL_AES_192 + case AES192GCMb: + #endif + #ifdef WOLFSSL_AES_256 + case AES256GCMb: + #endif + #endif /* HAVE_AESGCM */ + #ifdef HAVE_AESCCM + #ifdef WOLFSSL_AES_128 + case AES128CCMb: + #endif + #ifdef WOLFSSL_AES_192 + case AES192CCMb: + #endif + #ifdef WOLFSSL_AES_256 + case AES256CCMb: + #endif + #endif /* HAVE_AESCCM */ + if (pkcs7->decryptKey.aes != NULL) { + wc_AesFree(pkcs7->decryptKey.aes); + XFREE(pkcs7->decryptKey.aes, heap, DYNAMIC_TYPE_AES); + pkcs7->decryptKey.aes = NULL; + } + break; +#endif /* !NO_AES */ +#ifndef NO_DES3 + case DESb: + if (pkcs7->decryptKey.des != NULL) { + XFREE(pkcs7->decryptKey.des, heap, DYNAMIC_TYPE_PKCS7); + pkcs7->decryptKey.des = NULL; + } + break; + case DES3b: + if (pkcs7->decryptKey.des3 != NULL) { + wc_Des3Free(pkcs7->decryptKey.des3); + XFREE(pkcs7->decryptKey.des3, heap, DYNAMIC_TYPE_PKCS7); + pkcs7->decryptKey.des3 = NULL; + } + break; +#endif /* !NO_DES3 */ + default: + WOLFSSL_MSG("Unsupported content cipher type"); + }; +} + + +/* decrypts the content in one shot, doing init / decrypt / free + * returns 0 on success + */ +static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, + int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, + word32 authTagSz, byte* in, int inSz, byte* out, int devId, void* heap) +{ + int ret; + + if (pkcs7->decryptionCb != NULL) { + return pkcs7->decryptionCb(pkcs7, encryptOID, iv, ivSz, + aad, aadSz, authTag, authTagSz, in, + inSz, out, pkcs7->decryptionCtx); + } + + ret = wc_PKCS7_DecryptContentInit(pkcs7, encryptOID, key, keySz, iv, ivSz, + devId, heap); + + if (ret == 0) { + ret = wc_PKCS7_DecryptContentEx(pkcs7, encryptOID, iv, ivSz, aad, + aadSz, authTag, authTagSz, in, inSz, out); + } + + wc_PKCS7_DecryptContentFree(pkcs7, encryptOID, heap); + + return ret; +} + + /* Generate random block, place in out, return 0 on success negative on error. * Used for generation of IV, nonce, etc */ static int wc_PKCS7_GenerateBlock(wc_PKCS7* pkcs7, WC_RNG* rng, byte* out, @@ -10106,6 +10254,7 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, return ASN_VERSION_E; } +printf("epxected size = %d\n", pkcs7->stream->expected); #ifndef NO_PKCS7_STREAM if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; @@ -10119,10 +10268,12 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, ret = BUFFER_E; break; } - pkcs7->stream->expected = (pkcs7->stream->maxLen - - pkcs7->stream->totalRd) + pkcs7->stream->length; +// pkcs7->stream->expected = (pkcs7->stream->maxLen - +// pkcs7->stream->totalRd) + pkcs7->stream->length; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_2); +//pkcs7->stream->expected = MAX_SEQ_SZ; +printf("epxected size = %d\n", pkcs7->stream->expected); FALL_THROUGH; case WC_PKCS7_DECRYPT_KTRI_2: @@ -10139,6 +10290,7 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, wc_PKCS7_StreamGetVar(pkcs7, NULL, &sidType, &version); +printf("epxected size = %d\n", pkcs7->stream->expected); /* @TODO get expected size for next part, does not account for * GetInt call well */ if (pkcs7->stream->expected == MAX_SEQ_SZ) { @@ -10159,7 +10311,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, } pkcs7->stream->expected = (word32)sz + MAX_ALGO_SZ + ASN_TAG_SZ + - MAX_LENGTH_SZ; + MAX_LENGTH_SZ + 512; + printf("new expected size = %d\n", pkcs7->stream->expected); if (pkcs7->stream->length > 0 && pkcs7->stream->length < pkcs7->stream->expected) { return WC_PKCS7_WANT_READ_E; @@ -10167,16 +10320,20 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, } #endif /* !NO_PKCS7_STREAM */ +printf("flag 1\n"); if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) { +printf("flag 1.2\n"); /* remove IssuerAndSerialNumber */ if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; +printf("flag 1.3\n"); if (GetNameHash_ex(pkiMsg, idx, issuerHash, (int)pkiMsgSz, pkcs7->publicKeyOID) < 0) return ASN_PARSE_E; +printf("flag 1.4\n"); /* if we found correct recipient, issuer hashes will match */ if (XMEMCMP(issuerHash, pkcs7->issuerHash, (word32)keyIdSize) == 0) { @@ -10197,6 +10354,7 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, return ASN_PARSE_E; } +printf("flag 1.5\n"); mp_clear(serialNum); #ifdef WOLFSSL_SMALL_STACK @@ -10216,6 +10374,7 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, * context specific with tag number 0 within the class. */ +printf("flag 1.2\n"); if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) return ASN_PARSE_E; @@ -10262,20 +10421,24 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, } #endif +printf("flag 2\n"); /* read encryptedKey */ if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) return ASN_PARSE_E; +printf("flag 3\n"); if (tag != ASN_OCTET_STRING) return ASN_PARSE_E; if (GetLength(pkiMsg, idx, &encryptedKeySz, pkiMsgSz) < 0) { return ASN_PARSE_E; } +printf("flag 4\n"); if (encryptedKeySz > MAX_ENCRYPTED_KEY_SZ) { return BUFFER_E; } +printf("flag 5\n"); #ifndef NO_PKCS7_STREAM if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; @@ -11754,7 +11917,7 @@ static int wc_PKCS7_DecryptRecipientInfos(wc_PKCS7* pkcs7, byte* in, /* when looking for next recipient, use first sequence and version to * indicate there is another, if not, move on */ - while(*recipFound == 0) { + while (*recipFound == 0) { /* remove RecipientInfo, if we don't have a SEQUENCE, back up idx to * last good saved one */ @@ -11946,7 +12109,6 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, switch (pkcs7->state) { case WC_PKCS7_INFOSET_START: - case WC_PKCS7_INFOSET_BER: case WC_PKCS7_INFOSET_STAGE1: case WC_PKCS7_INFOSET_STAGE2: case WC_PKCS7_INFOSET_END: @@ -11965,6 +12127,7 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, return ret; } if ((ret = wc_PKCS7_SetMaxStream(pkcs7, in, inSz)) != 0) { + printf("ret of set max stream = %d\n", ret); break; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -11973,46 +12136,13 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, if (ret == 0 && GetSequence_ex(pkiMsg, idx, &length, pkiMsgSz, NO_USER_CHECK) < 0) { +printf("ret of getsequence = %d\n", ret); ret = ASN_PARSE_E; } if (ret == 0 && length == 0 && pkiMsg[(*idx)-1] == 0x80) { #ifdef ASN_BER_TO_DER - word32 len; - - wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_INFOSET_BER); - FALL_THROUGH; - - /* full buffer is needed for conversion */ - case WC_PKCS7_INFOSET_BER: - #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, - pkcs7->stream->maxLen - pkcs7->stream->length, - &pkiMsg, idx)) != 0) { - return ret; - } - pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: - inSz; - #endif - - len = 0; - - ret = wc_BerToDer(pkiMsg, pkiMsgSz, NULL, &len); - if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) - return ret; - pkcs7->der = (byte*)XMALLOC(len, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - if (pkcs7->der == NULL) - return MEMORY_E; - ret = wc_BerToDer(pkiMsg, pkiMsgSz, pkcs7->der, &len); - if (ret < 0) - return ret; - - pkiMsg = in = pkcs7->der; - pkiMsgSz = pkcs7->derSz = inSz = len; - *idx = 0; - - if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) - return ASN_PARSE_E; + pkcs7->indefDepth++; #else return BER_INDEF_E; #endif @@ -12141,10 +12271,12 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, NO_USER_CHECK) < 0) ret = ASN_PARSE_E; +printf("Length of recipient inof set = %d\n", length); if (ret < 0) break; #ifndef NO_PKCS7_STREAM + pkcs7->stream->expected = length; if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; } @@ -12181,6 +12313,7 @@ WOLFSSL_API int wc_PKCS7_SetKey(wc_PKCS7* pkcs7, byte* key, word32 keySz) } +#if 0 /* append data to encrypted content cache in PKCS7 structure * return 0 on success, negative on error */ static int PKCS7_CacheEncryptedContent(wc_PKCS7* pkcs7, byte* in, word32 inSz) @@ -12214,6 +12347,7 @@ static int PKCS7_CacheEncryptedContent(wc_PKCS7* pkcs7, byte* in, word32 inSz) return 0; } +#endif /* unwrap and decrypt PKCS#7 envelopedData object, return decoded size */ @@ -12248,8 +12382,10 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (pkcs7 == NULL) return BAD_FUNC_ARG; - if (pkiMsg == NULL || pkiMsgSz == 0 || - output == NULL || outputSz == 0) + if (pkiMsg == NULL || pkiMsgSz == 0) + return BAD_FUNC_ARG; + + if (pkcs7->streamOutCb == NULL && (output == NULL || outputSz == 0)) return BAD_FUNC_ARG; #ifndef NO_PKCS7_STREAM @@ -12264,7 +12400,6 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, switch (pkcs7->state) { case WC_PKCS7_START: case WC_PKCS7_INFOSET_START: - case WC_PKCS7_INFOSET_BER: case WC_PKCS7_INFOSET_STAGE1: case WC_PKCS7_INFOSET_STAGE2: case WC_PKCS7_INFOSET_END: @@ -12274,17 +12409,6 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } - #ifdef ASN_BER_TO_DER - /* check if content was BER and has been converted to DER */ - if (pkcs7->derSz > 0) { - pkiMsg = in = pkcs7->der; - inSz = pkcs7->derSz; - #ifdef NO_PKCS7_STREAM - pkiMsgSz = pkcs7->derSz; - #endif - } - #endif - decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (decryptedKey == NULL) @@ -12338,10 +12462,14 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_ENV_3: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ + - MAX_VERSION_SZ + ASN_TAG_SZ + + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_SEQ_SZ + + MAX_OID_SZ + MAX_ALGO_SZ + ASN_TAG_SZ + MAX_LENGTH_SZ, &pkiMsg, &idx)) != 0) { + //if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ + + // MAX_VERSION_SZ + ASN_TAG_SZ + + // MAX_LENGTH_SZ, &pkiMsg, &idx)) + // != 0) { return ret; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -12355,11 +12483,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } +printf("-1 ret = %d\n", ret); if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) { ret = ASN_PARSE_E; } +printf("-2 ret = %d\n", ret); if (ret == 0) { pkcs7->contentOID = (int)contentType; } @@ -12369,6 +12499,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } +printf("-3 ret = %d\n", ret); blockKeySz = wc_PKCS7_GetOIDKeySize((int)encOID); if (ret == 0 && blockKeySz < 0) { ret = blockKeySz; @@ -12384,20 +12515,24 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } +printf("-4 ret = %d\n", ret); if (ret == 0 && tag != ASN_OCTET_STRING) { ret = ASN_PARSE_E; } +printf("-5 ret = %d\n", ret); if (ret == 0 && GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz, NO_USER_CHECK) < 0) { ret = ASN_PARSE_E; } +printf("-6 ret = %d\n", ret); if (ret == 0 && length != expBlockSz) { WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); ret = ASN_PARSE_E; } +printf("-7 ret = %d\n", ret); if (ret != 0) break; #ifndef NO_PKCS7_STREAM @@ -12449,9 +12584,12 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } idx++; - if (ret == 0 && GetLength(pkiMsg, &idx, &encryptedContentTotalSz, - pkiMsgSz) <= 0) { - ret = ASN_PARSE_E; + if (ret == 0) { + ret = GetLength_ex(pkiMsg, &idx, &encryptedContentTotalSz, + pkiMsgSz, 0); + if (ret < 0) { + ret = ASN_PARSE_E; + } } if (ret != 0) @@ -12462,6 +12600,10 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } pkcs7->stream->expected = (word32)encryptedContentTotalSz; + if (explicitOctet) { + pkcs7->stream->expected = MAX_OCTET_STR_SZ; + } +printf("Expecting %d bytes... \n", pkcs7->stream->expected); wc_PKCS7_StreamGetVar(pkcs7, &encOID, &expBlockSz, 0); wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet); #endif @@ -12471,6 +12613,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_ENV_5: #ifndef NO_PKCS7_STREAM +printf("inSz = %d pkcs7->length = %d, idx = %d expected = %d\n", inSz, pkcs7->stream->length, idx, pkcs7->stream->expected); if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; @@ -12480,6 +12623,9 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, tmpIv = pkcs7->stream->tmpIv; encryptedContentTotalSz = (int)pkcs7->stream->expected; + pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; + + printf("pkcs7->length = %d pkimsgSz = %d\n", pkcs7->stream->length, pkiMsgSz); /* restore decrypted key */ decryptedKey = pkcs7->stream->aad; decryptedKeySz = pkcs7->stream->aadSz; @@ -12491,47 +12637,168 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (explicitOctet) { /* encrypted content may be fragmented into multiple * consecutive OCTET STRINGs, if so loop through - * collecting and caching encrypted content bytes */ - localIdx = idx; - while (idx < (localIdx + (word32)encryptedContentTotalSz)) { + * decrypting and outputing or caching contents until the indef + * ending tag is found */ - if (GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0) { - ret = ASN_PARSE_E; + if (pkcs7->decryptionCb == NULL) { + + ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID, + decryptedKey, blockKeySz, tmpIv, expBlockSz, + pkcs7->devId, pkcs7->heap); + } + + while (1) { + if (pkiMsgSz <= localIdx) { + /* ran out of data to parse */ +printf("ran out of pkimsgsz, trying to read more from in\n"); + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { + printf("error %d reading more\n", ret); + break; + } + } + + localIdx = idx; + printf("getting asn tag, idx = %d , pkiMsgSz = %d\n", idx, pkiMsgSz); + if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0) { + if (localIdx >= pkiMsgSz) { + /* ran out of data to parse */ + ret = WC_PKCS7_WANT_READ_E; + } + else { + ret = ASN_PARSE_E; + } } if (ret == 0 && (tag != ASN_OCTET_STRING)) { ret = ASN_PARSE_E; } - if (ret == 0 && GetLength(pkiMsg, &idx, - &encryptedContentSz, pkiMsgSz) <= 0) { - ret = ASN_PARSE_E; + printf("ret [%d] getting length, idx = %d , pkiMsgSz = %d %02X %02X\n", ret, idx, pkiMsgSz, pkiMsg[localIdx], pkiMsg[localIdx+1]); + if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, + &encryptedContentSz, pkiMsgSz, 0) <= 0) { + if (localIdx + MAX_LENGTH_SZ >= pkiMsgSz) { + /* ran out of data to parse */ + ret = WC_PKCS7_WANT_READ_E; + } + else { + ret = ASN_PARSE_E; + } + } + if (ret == 0) { + pkcs7->stream->expected = encryptedContentSz + (localIdx-idx); + } + +printf("Length of octet found is %d, pkiMsgSz = %d idx = %d\n", encryptedContentSz, pkiMsgSz, idx); +{ + int z; + for (z = 0; z < 6; z++) printf("%02X", pkiMsg[localIdx + z]); + printf("\n"); +} + if (ret == 0 && + pkcs7->cachedEncryptedContentSz < + (word32)encryptedContentSz) { + if (pkcs7->cachedEncryptedContent != NULL) { + XFREE(pkcs7->cachedEncryptedContent, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); + } + pkcs7->cachedEncryptedContent = (byte*)XMALLOC( + encryptedContentSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + if (pkcs7->cachedEncryptedContent == NULL) { + ret = MEMORY_E; + } + } + pkcs7->cachedEncryptedContentSz = encryptedContentSz; + + /* sanity check that the buffer has all of the data */ + if (ret == 0 && (localIdx + encryptedContentSz) > pkiMsgSz) { + ret = WC_PKCS7_WANT_READ_E; + + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &localIdx)) != 0) { + return ret; + } + } +printf("caching?..\n"); + + /* Use callback for decryption still, if set */ + if (ret == 0 && pkcs7->decryptionCb != NULL) { + ret = pkcs7->decryptionCb(pkcs7, encOID, tmpIv, + expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx], + encryptedContentSz, pkcs7->cachedEncryptedContent, + pkcs7->decryptionCtx); } if (ret == 0) { - ret = PKCS7_CacheEncryptedContent(pkcs7, &pkiMsg[idx], - (word32)encryptedContentSz); + ret = wc_PKCS7_DecryptContentEx(pkcs7, encOID, + tmpIv, expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx], + encryptedContentSz, pkcs7->cachedEncryptedContent); } if (ret != 0) { + if (ret == -270) + wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx); break; } /* advance idx past encrypted content */ - idx += (word32)encryptedContentSz; + localIdx += (word32)encryptedContentSz; + + if (localIdx + ASN_INDEF_END_SZ < pkiMsgSz) { + if (pkiMsg[localIdx] == ASN_EOC && + pkiMsg[localIdx+1] == ASN_EOC) { + /* found the end of encrypted content */ +printf("found end of BER indef, ret = %d\n", ret); + localIdx += ASN_INDEF_END_SZ; + break; + } + } + + pkcs7->stream->expected = MAX_OCTET_STR_SZ; + if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { + break; + } +printf("consumed and decrypted some, localIdx = %d, idx = %d\n", localIdx, idx); + + + /* save last decrypted string to handle padding (this output + * flush happens outside of the while loop in the case that + * the indef end was found) */ + if (ret == 0) { + if (pkcs7->streamOutCb) { +printf("flush out decrypted data\n"); + ret = pkcs7->streamOutCb(pkcs7, + pkcs7->cachedEncryptedContent, + encryptedContentSz, pkcs7->streamCtx); + } + else { + //@TODO copy over into output buffer, we need an + // index/ofset into the buffer + } + } + + idx = localIdx; } if (ret != 0) { break; } - + wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); } else { - /* cache encrypted content, no OCTET STRING */ - ret = PKCS7_CacheEncryptedContent(pkcs7, &pkiMsg[idx], - (word32)encryptedContentTotalSz); + pkcs7->cachedEncryptedContent = XMALLOC(encryptedContentTotalSz, + pkcs7->heap, DYNAMIC_TYPE_PKCS7); + pkcs7->cachedEncryptedContentSz = encryptedContentTotalSz; + + /* decrypt encryptedContent */ + ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, decryptedKey, + blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, + &pkiMsg[idx], encryptedContentTotalSz, + pkcs7->cachedEncryptedContent, + pkcs7->devId, pkcs7->heap); if (ret != 0) { break; } + idx += (word32)encryptedContentTotalSz; } @@ -12539,25 +12806,34 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, encryptedContent = pkcs7->cachedEncryptedContent; encryptedContentSz = (int)pkcs7->cachedEncryptedContentSz; - /* decrypt encryptedContent */ - ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, decryptedKey, - blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, - encryptedContent, encryptedContentSz, encryptedContent, - pkcs7->devId, pkcs7->heap); - if (ret != 0) { - break; - } - +{ + word32 z; + printf("last decryted block: "); + for (z = 0; z < pkcs7->cachedEncryptedContentSz; z++) printf("%02X", pkcs7->cachedEncryptedContent[z]); + printf("\n"); +} padLen = encryptedContent[encryptedContentSz-1]; +printf("padLen = %d\n", padLen); /* copy plaintext to output */ - if (padLen > encryptedContentSz || - (word32)(encryptedContentSz - padLen) > outputSz) { + if (padLen > encryptedContentSz) { ret = BUFFER_E; break; } - XMEMCPY(output, encryptedContent, + + if (pkcs7->streamOutCb) { + ret = pkcs7->streamOutCb(pkcs7, encryptedContent, + encryptedContentSz - padLen, pkcs7->streamCtx); + printf("ret of streamOutCb = %d\n", ret); + } + else { + if ((word32)(encryptedContentSz - padLen) > outputSz) { + ret = BUFFER_E; + break; + } + XMEMCPY(output, encryptedContent, (word32)encryptedContentSz - padLen); + } /* free memory, zero out keys */ ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ); @@ -12570,6 +12846,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } ret = encryptedContentSz - padLen; + printf("ret at 12836 = %d\n", ret); #ifndef NO_PKCS7_STREAM pkcs7->stream->aad = NULL; pkcs7->stream->aadSz = 0; diff --git a/wolfssl/wolfcrypt/pkcs7.h b/wolfssl/wolfcrypt/pkcs7.h index 4bb57d4f6..8dc024f21 100644 --- a/wolfssl/wolfcrypt/pkcs7.h +++ b/wolfssl/wolfcrypt/pkcs7.h @@ -243,6 +243,7 @@ typedef int (*CallbackRsaSignRawDigest)(wc_PKCS7* pkcs7, byte* digest, int devId, int hashOID); #endif + /* Public Structure Warning: * Existing members must not be changed to maintain backwards compatibility! */ @@ -258,6 +259,7 @@ struct wc_PKCS7 { #ifdef ASN_BER_TO_DER byte* der; /* DER encoded version of message */ word32 derSz; + byte indefDepth; CallbackGetContent getContentCb; CallbackStreamOut streamOutCb; void* streamCtx; /* passed to getcontentCb and streamOutCb */ @@ -372,6 +374,19 @@ struct wc_PKCS7 { byte* customSKID; word16 customSKIDSz; + +#if !defined(NO_DES3) || !defined(NO_AES) + union { + #ifndef NO_AES + Aes* aes; + #endif + #ifndef NO_DES3 + Des* des; + Des3* des3; + #endif + } decryptKey; +#endif + /* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */ }; From 7c6cd1deeaafb4208f8f3645a77e729dd0fa0e0a Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Thu, 20 Feb 2025 01:31:49 -0700 Subject: [PATCH 03/18] passing a unit test --- tests/api.c | 8 ++++- wolfcrypt/src/pkcs7.c | 75 ++++++------------------------------------- 2 files changed, 17 insertions(+), 66 deletions(-) diff --git a/tests/api.c b/tests/api.c index 6d63494b0..f2b4ec313 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39218,6 +39218,9 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb(PKCS7* pkcs7, con printf("Example buffer size needs increased"); } +printf("Decoded in %d bytes\n", outputSz); +for (word32 z = 0; z < outputSz; z++) printf("%02X", output[z]); +printf("\n"); XMEMCPY(out->buffer + out->length, output, outputSz); out->length += outputSz; @@ -39252,11 +39255,14 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb, (void*)&out), 0); + ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE); do { - ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE); ExpectIntGT(testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, sizeof(testStreamBuffer), f), 0); +printf("Fedding in %d bytes\n", testStreamBufferSz); +for (int z = 0; z < testStreamBufferSz; z++) printf("%02X", testStreamBuffer[z]); +printf("\n"); ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, testStreamBufferSz, NULL, 0); } while (ret == WC_PKCS7_WANT_READ_E); ExpectIntGT(ret, 0); diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 08c3281b4..f6fae9607 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -6241,7 +6241,6 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, /* store current index to get the signerInfo index later */ certIdx2 = idx; - /* store certificate if needed */ if (length > 0 && in2Sz == 0) { /* free tmpCert if not NULL */ @@ -8615,7 +8614,6 @@ static int wc_PKCS7_DecryptContentEx(PKCS7* pkcs7, int encryptOID, #ifdef WOLFSSL_AES_256 case AES256CBCb: #endif -printf("trying to do decryption\n"); ret = wc_AesCbcDecrypt(pkcs7->decryptKey.aes, out, in, (word32)inSz); #ifdef WOLFSSL_ASYNC_CRYPT @@ -10254,7 +10252,6 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, return ASN_VERSION_E; } -printf("epxected size = %d\n", pkcs7->stream->expected); #ifndef NO_PKCS7_STREAM if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; @@ -10273,7 +10270,6 @@ printf("epxected size = %d\n", pkcs7->stream->expected); #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_2); //pkcs7->stream->expected = MAX_SEQ_SZ; -printf("epxected size = %d\n", pkcs7->stream->expected); FALL_THROUGH; case WC_PKCS7_DECRYPT_KTRI_2: @@ -10290,7 +10286,6 @@ printf("epxected size = %d\n", pkcs7->stream->expected); wc_PKCS7_StreamGetVar(pkcs7, NULL, &sidType, &version); -printf("epxected size = %d\n", pkcs7->stream->expected); /* @TODO get expected size for next part, does not account for * GetInt call well */ if (pkcs7->stream->expected == MAX_SEQ_SZ) { @@ -10312,7 +10307,6 @@ printf("epxected size = %d\n", pkcs7->stream->expected); pkcs7->stream->expected = (word32)sz + MAX_ALGO_SZ + ASN_TAG_SZ + MAX_LENGTH_SZ + 512; - printf("new expected size = %d\n", pkcs7->stream->expected); if (pkcs7->stream->length > 0 && pkcs7->stream->length < pkcs7->stream->expected) { return WC_PKCS7_WANT_READ_E; @@ -10320,20 +10314,16 @@ printf("epxected size = %d\n", pkcs7->stream->expected); } #endif /* !NO_PKCS7_STREAM */ -printf("flag 1\n"); if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) { -printf("flag 1.2\n"); /* remove IssuerAndSerialNumber */ if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) return ASN_PARSE_E; -printf("flag 1.3\n"); if (GetNameHash_ex(pkiMsg, idx, issuerHash, (int)pkiMsgSz, pkcs7->publicKeyOID) < 0) return ASN_PARSE_E; -printf("flag 1.4\n"); /* if we found correct recipient, issuer hashes will match */ if (XMEMCMP(issuerHash, pkcs7->issuerHash, (word32)keyIdSize) == 0) { @@ -10354,7 +10344,6 @@ printf("flag 1.4\n"); return ASN_PARSE_E; } -printf("flag 1.5\n"); mp_clear(serialNum); #ifdef WOLFSSL_SMALL_STACK @@ -10374,7 +10363,6 @@ printf("flag 1.5\n"); * context specific with tag number 0 within the class. */ -printf("flag 1.2\n"); if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) return ASN_PARSE_E; @@ -10421,24 +10409,20 @@ printf("flag 1.2\n"); } #endif -printf("flag 2\n"); /* read encryptedKey */ if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) return ASN_PARSE_E; -printf("flag 3\n"); if (tag != ASN_OCTET_STRING) return ASN_PARSE_E; if (GetLength(pkiMsg, idx, &encryptedKeySz, pkiMsgSz) < 0) { return ASN_PARSE_E; } -printf("flag 4\n"); if (encryptedKeySz > MAX_ENCRYPTED_KEY_SZ) { return BUFFER_E; } -printf("flag 5\n"); #ifndef NO_PKCS7_STREAM if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; @@ -11582,7 +11566,6 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, #ifndef NO_PKCS7_STREAM word32 tmpIdx = (idx) ? *idx : 0; #endif - WOLFSSL_ENTER("wc_PKCS7_DecryptKari"); if (pkcs7 == NULL || pkiMsg == NULL || idx == NULL || decryptedKey == NULL || decryptedKeySz == NULL) { @@ -11628,7 +11611,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert, pkcs7->singleCertSz, pkcs7->privateKey, pkcs7->privateKeySz); - if (ret != 0) { + + if (ret != 0) { wc_PKCS7_KariFree(kari); #ifdef WOLFSSL_SMALL_STACK XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); @@ -12127,7 +12111,6 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, return ret; } if ((ret = wc_PKCS7_SetMaxStream(pkcs7, in, inSz)) != 0) { - printf("ret of set max stream = %d\n", ret); break; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -12136,7 +12119,6 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, if (ret == 0 && GetSequence_ex(pkiMsg, idx, &length, pkiMsgSz, NO_USER_CHECK) < 0) { -printf("ret of getsequence = %d\n", ret); ret = ASN_PARSE_E; } @@ -12271,7 +12253,6 @@ printf("ret of getsequence = %d\n", ret); NO_USER_CHECK) < 0) ret = ASN_PARSE_E; -printf("Length of recipient inof set = %d\n", length); if (ret < 0) break; @@ -12483,13 +12464,11 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } -printf("-1 ret = %d\n", ret); if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) { ret = ASN_PARSE_E; } -printf("-2 ret = %d\n", ret); if (ret == 0) { pkcs7->contentOID = (int)contentType; } @@ -12499,7 +12478,6 @@ printf("-2 ret = %d\n", ret); ret = ASN_PARSE_E; } -printf("-3 ret = %d\n", ret); blockKeySz = wc_PKCS7_GetOIDKeySize((int)encOID); if (ret == 0 && blockKeySz < 0) { ret = blockKeySz; @@ -12515,24 +12493,20 @@ printf("-3 ret = %d\n", ret); ret = ASN_PARSE_E; } -printf("-4 ret = %d\n", ret); if (ret == 0 && tag != ASN_OCTET_STRING) { ret = ASN_PARSE_E; } -printf("-5 ret = %d\n", ret); if (ret == 0 && GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz, NO_USER_CHECK) < 0) { ret = ASN_PARSE_E; } -printf("-6 ret = %d\n", ret); if (ret == 0 && length != expBlockSz) { WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); ret = ASN_PARSE_E; } -printf("-7 ret = %d\n", ret); if (ret != 0) break; #ifndef NO_PKCS7_STREAM @@ -12584,12 +12558,9 @@ printf("-7 ret = %d\n", ret); } idx++; - if (ret == 0) { - ret = GetLength_ex(pkiMsg, &idx, &encryptedContentTotalSz, - pkiMsgSz, 0); - if (ret < 0) { - ret = ASN_PARSE_E; - } + if (ret == 0 && GetLength_ex(pkiMsg, &idx, &encryptedContentTotalSz, + pkiMsgSz, 0) < 0) { + ret = ASN_PARSE_E; } if (ret != 0) @@ -12603,7 +12574,6 @@ printf("-7 ret = %d\n", ret); if (explicitOctet) { pkcs7->stream->expected = MAX_OCTET_STR_SZ; } -printf("Expecting %d bytes... \n", pkcs7->stream->expected); wc_PKCS7_StreamGetVar(pkcs7, &encOID, &expBlockSz, 0); wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet); #endif @@ -12613,7 +12583,6 @@ printf("Expecting %d bytes... \n", pkcs7->stream->expected); case WC_PKCS7_ENV_5: #ifndef NO_PKCS7_STREAM -printf("inSz = %d pkcs7->length = %d, idx = %d expected = %d\n", inSz, pkcs7->stream->length, idx, pkcs7->stream->expected); if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; @@ -12625,7 +12594,6 @@ printf("inSz = %d pkcs7->length = %d, idx = %d expected = %d\n", inSz, pkcs7->st pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; - printf("pkcs7->length = %d pkimsgSz = %d\n", pkcs7->stream->length, pkiMsgSz); /* restore decrypted key */ decryptedKey = pkcs7->stream->aad; decryptedKeySz = pkcs7->stream->aadSz; @@ -12650,16 +12618,15 @@ printf("inSz = %d pkcs7->length = %d, idx = %d expected = %d\n", inSz, pkcs7->st while (1) { if (pkiMsgSz <= localIdx) { /* ran out of data to parse */ -printf("ran out of pkimsgsz, trying to read more from in\n"); - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { - printf("error %d reading more\n", ret); - break; - } + break; + } + pkiMsgSz = (pkcs7->stream->length > 0) ? + pkcs7->stream->length : inSz; } localIdx = idx; - printf("getting asn tag, idx = %d , pkiMsgSz = %d\n", idx, pkiMsgSz); if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0) { if (localIdx >= pkiMsgSz) { /* ran out of data to parse */ @@ -12674,7 +12641,6 @@ printf("ran out of pkimsgsz, trying to read more from in\n"); ret = ASN_PARSE_E; } - printf("ret [%d] getting length, idx = %d , pkiMsgSz = %d %02X %02X\n", ret, idx, pkiMsgSz, pkiMsg[localIdx], pkiMsg[localIdx+1]); if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &encryptedContentSz, pkiMsgSz, 0) <= 0) { if (localIdx + MAX_LENGTH_SZ >= pkiMsgSz) { @@ -12689,12 +12655,6 @@ printf("ran out of pkimsgsz, trying to read more from in\n"); pkcs7->stream->expected = encryptedContentSz + (localIdx-idx); } -printf("Length of octet found is %d, pkiMsgSz = %d idx = %d\n", encryptedContentSz, pkiMsgSz, idx); -{ - int z; - for (z = 0; z < 6; z++) printf("%02X", pkiMsg[localIdx + z]); - printf("\n"); -} if (ret == 0 && pkcs7->cachedEncryptedContentSz < (word32)encryptedContentSz) { @@ -12719,7 +12679,6 @@ printf("Length of octet found is %d, pkiMsgSz = %d idx = %d\n", encryptedContent return ret; } } -printf("caching?..\n"); /* Use callback for decryption still, if set */ if (ret == 0 && pkcs7->decryptionCb != NULL) { @@ -12748,7 +12707,6 @@ printf("caching?..\n"); if (pkiMsg[localIdx] == ASN_EOC && pkiMsg[localIdx+1] == ASN_EOC) { /* found the end of encrypted content */ -printf("found end of BER indef, ret = %d\n", ret); localIdx += ASN_INDEF_END_SZ; break; } @@ -12758,15 +12716,12 @@ printf("found end of BER indef, ret = %d\n", ret); if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { break; } -printf("consumed and decrypted some, localIdx = %d, idx = %d\n", localIdx, idx); - /* save last decrypted string to handle padding (this output * flush happens outside of the while loop in the case that * the indef end was found) */ if (ret == 0) { if (pkcs7->streamOutCb) { -printf("flush out decrypted data\n"); ret = pkcs7->streamOutCb(pkcs7, pkcs7->cachedEncryptedContent, encryptedContentSz, pkcs7->streamCtx); @@ -12805,15 +12760,7 @@ printf("flush out decrypted data\n"); /* use cached content */ encryptedContent = pkcs7->cachedEncryptedContent; encryptedContentSz = (int)pkcs7->cachedEncryptedContentSz; - -{ - word32 z; - printf("last decryted block: "); - for (z = 0; z < pkcs7->cachedEncryptedContentSz; z++) printf("%02X", pkcs7->cachedEncryptedContent[z]); - printf("\n"); -} padLen = encryptedContent[encryptedContentSz-1]; -printf("padLen = %d\n", padLen); /* copy plaintext to output */ if (padLen > encryptedContentSz) { @@ -12824,7 +12771,6 @@ printf("padLen = %d\n", padLen); if (pkcs7->streamOutCb) { ret = pkcs7->streamOutCb(pkcs7, encryptedContent, encryptedContentSz - padLen, pkcs7->streamCtx); - printf("ret of streamOutCb = %d\n", ret); } else { if ((word32)(encryptedContentSz - padLen) > outputSz) { @@ -12846,7 +12792,6 @@ printf("padLen = %d\n", padLen); } ret = encryptedContentSz - padLen; - printf("ret at 12836 = %d\n", ret); #ifndef NO_PKCS7_STREAM pkcs7->stream->aad = NULL; pkcs7->stream->aadSz = 0; From 638d9961d2f510a365ddc0a200725be80eed6037 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 28 Feb 2025 14:11:27 -0700 Subject: [PATCH 04/18] passing the rest of the PKCS7 unit tests --- wolfcrypt/src/pkcs7.c | 135 +++++++++++++++++++++++++----------------- 1 file changed, 81 insertions(+), 54 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index f6fae9607..3e7e2b32e 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12436,6 +12436,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM tmpIdx = idx; pkcs7->stream->aadSz = decryptedKeySz; + pkcs7->stream->expected = MAX_LENGTH_SZ + MAX_VERSION_SZ + ASN_TAG_SZ; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_3); FALL_THROUGH; @@ -12443,14 +12444,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_ENV_3: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_SEQ_SZ + - MAX_OID_SZ + MAX_ALGO_SZ + ASN_TAG_SZ + - MAX_LENGTH_SZ, &pkiMsg, &idx)) - != 0) { - //if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ + - // MAX_VERSION_SZ + ASN_TAG_SZ + - // MAX_LENGTH_SZ, &pkiMsg, &idx)) - // != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, + &pkiMsg, &idx)) != 0) { return ret; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -12464,6 +12459,18 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } + #ifndef NO_PKCS7_STREAM + /* Did we get enough for the expected length? */ + if (length > (int)pkcs7->stream->expected && + length > (int)pkiMsgSz) { + pkcs7->stream->expected = length + 1; + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, + &pkiMsg, &idx)) != 0) { + return ret; + } + } + #endif + if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) { ret = ASN_PARSE_E; @@ -13407,12 +13414,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, byte authTag[WC_AES_BLOCK_SIZE]; byte nonce[GCM_NONCE_MID_SZ]; /* GCM nonce is larger than CCM */ int nonceSz = 0, authTagSz = 0, macSz = 0; - -#ifdef WOLFSSL_SMALL_STACK byte* decryptedKey = NULL; -#else - byte decryptedKey[MAX_ENCRYPTED_KEY_SZ]; -#endif int encryptedContentSz = 0; int encryptedAllocSz = 0; byte* encryptedContent = NULL; @@ -13464,7 +13466,6 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } #endif - #ifdef WOLFSSL_SMALL_STACK decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (decryptedKey == NULL) { @@ -13476,7 +13477,6 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } #ifndef NO_PKCS7_STREAM pkcs7->stream->key = decryptedKey; - #endif #endif XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ); FALL_THROUGH; @@ -13490,10 +13490,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_DECRYPT_ORI: decryptedKeySz = MAX_ENCRYPTED_KEY_SZ; - #ifdef WOLFSSL_SMALL_STACK - #ifndef NO_PKCS7_STREAM + #ifndef NO_PKCS7_STREAM decryptedKey = pkcs7->stream->key; - #endif #endif ret = wc_PKCS7_DecryptRecipientInfos(pkcs7, in, inSz, &idx, @@ -13511,14 +13509,14 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM tmpIdx = idx; + pkcs7->stream->expected = MAX_SEQ_SZ; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_3); FALL_THROUGH; case WC_PKCS7_AUTHENV_3: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_SEQ_SZ + - MAX_ALGO_SZ + MAX_ALGO_SZ + ASN_TAG_SZ, + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { break; } @@ -13526,10 +13524,21 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, #endif /* remove EncryptedContentInfo */ - if (ret == 0 && GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) { + if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) < 0) { ret = ASN_PARSE_E; } + /* check that the expected size was acurate */ + if (ret == 0) { + if (length > (int)pkcs7->stream->expected && length > (int)pkiMsgSz) { + pkcs7->stream->expected = length + 1; + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, + &pkiMsg, &idx)) != 0) { + break; + } + } + } + if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) { ret = ASN_PARSE_E; @@ -13639,8 +13648,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } - if (ret == 0 && GetLength(pkiMsg, &idx, &encryptedContentSz, - pkiMsgSz) <= 0) { + if (ret == 0 && GetLength_ex(pkiMsg, &idx, &encryptedContentSz, + pkiMsgSz, 0) <= 0) { ret = ASN_PARSE_E; } @@ -13680,7 +13689,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } } - pkcs7->stream->expected = (word32)encryptedContentSz; + pkcs7->stream->expected = (word32)encryptedContentSz + MAX_LENGTH_SZ + + ASN_TAG_SZ + ASN_TAG_SZ; wc_PKCS7_StreamStoreVar(pkcs7, encOID, blockKeySz, encryptedContentSz); #endif @@ -13690,21 +13700,19 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_AUTHENV_5: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ + - ASN_TAG_SZ + ASN_TAG_SZ + pkcs7->stream->expected, + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { break; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; - encryptedContentSz = (int)pkcs7->stream->expected; + wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz, &encryptedContentSz); #else pkiMsgSz = inSz; #endif if (expBlockSz == 0) { #ifndef NO_PKCS7_STREAM - wc_PKCS7_StreamGetVar(pkcs7, &encOID, NULL, NULL); #endif if (encOID == 0) expBlockSz = 1; @@ -13737,7 +13745,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, idx += (word32)encryptedContentSz; } #ifndef NO_PKCS7_STREAM - pkcs7->stream->bufferPt = encryptedContent; + pkcs7->stream->bufferPt = encryptedContent; #endif /* may have IMPLICIT [1] authenticatedAttributes */ @@ -13748,8 +13756,9 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, encodedAttribs = pkiMsg + idx; idx++; - if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) <= 0) + if (GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) <= 0) { ret = ASN_PARSE_E; + } #ifndef NO_PKCS7_STREAM pkcs7->stream->expected = (word32)length; #endif @@ -13768,8 +13777,13 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } else { - XMEMCPY(pkcs7->stream->aad, encodedAttribs, - (idx - encodedAttribIdx)); + /* From RFC5083, "For the purpose of constructing the AAD, the + * IMPLICIT [1] tag in the authAttrs field is not used for the + * DER encoding: rather a universal SET OF tag is used. */ + if (SetSet(length, pkcs7->stream->aad) < 0) { + ret = ASN_PARSE_E; + break; + } } } @@ -13784,7 +13798,9 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { break; } + pkcs7->stream->expected = MAX_LENGTH_SZ + ASN_TAG_SZ; #endif + wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_ATRBEND); goto authenv_atrbend; /* jump over attribute cases */ } FALL_THROUGH; @@ -13813,14 +13829,14 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, idx += (word32)length; #ifndef NO_PKCS7_STREAM - if (encodedAttribSz > 0) { - XMEMCPY(pkcs7->stream->aad + (encodedAttribSz - (word32)length), + if (pkcs7->stream->aadSz > 0) { + XMEMCPY(pkcs7->stream->aad + (pkcs7->stream->aadSz - (word32)length), authAttrib, (word32)authAttribSz); } if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { break; } - + pkcs7->stream->expected = MAX_LENGTH_SZ + ASN_TAG_SZ; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_AUTHENV_ATRBEND); FALL_THROUGH; @@ -13828,8 +13844,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_AUTHENV_ATRBEND: authenv_atrbend: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ + - ASN_TAG_SZ, &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, + &pkiMsg, &idx)) != 0) { return ret; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -13841,17 +13857,30 @@ authenv_atrbend: #endif - /* get authTag OCTET STRING */ - if (ret == 0 && GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz) < 0) { + localIdx = idx; + + /* Get authTag OCTET STRING */ + if (ret == 0 && pkiMsg[localIdx] != ASN_OCTET_STRING) { ret = ASN_PARSE_E; } - if (ret == 0 && tag != ASN_OCTET_STRING) { + localIdx++; /* move past ASN_OCTET_STRING */ + + if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz, pkiMsgSz, 0) < 0) { ret = ASN_PARSE_E; } - if (ret == 0 && GetLength(pkiMsg, &idx, &authTagSz, pkiMsgSz) < 0) { - ret = ASN_PARSE_E; + /* there might not be enough data for the auth tag too, check here */ + if (ret == 0) { + if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected && + (authTagSz + (localIdx - idx)) > pkiMsgSz) { + pkcs7->stream->expected = authTagSz + (localIdx - idx); + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, + &pkiMsg, &idx)) != 0) { + return ret; + } + } } + idx = localIdx; if (ret == 0 && authTagSz > (int)sizeof(authTag)) { WOLFSSL_MSG("AuthEnvelopedData authTag too large for buffer"); @@ -13940,9 +13969,7 @@ authenv_atrbend: wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz, &encryptedContentSz); encryptedContent = pkcs7->stream->bufferPt; - #ifdef WOLFSSL_SMALL_STACK decryptedKey = pkcs7->stream->key; - #endif #endif /* decrypt encryptedContent */ @@ -13969,12 +13996,10 @@ authenv_atrbend: XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); encryptedContent = NULL; ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ); - #ifdef WOLFSSL_SMALL_STACK XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); decryptedKey = NULL; - #ifndef NO_PKCS7_STREAM + #ifndef NO_PKCS7_STREAM pkcs7->stream->key = NULL; - #endif #endif ret = encryptedContentSz; #ifndef NO_PKCS7_STREAM @@ -13987,23 +14012,25 @@ authenv_atrbend: ret = BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { if (decryptedKey != NULL) { ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ); + XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + decryptedKey = NULL; + #ifndef NO_PKCS7_STREAM + pkcs7->stream->key = NULL; + #endif } - XFREE(decryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - } -#else - if (ret < 0) { + if (encryptedContent != NULL) { ForceZero(encryptedContent, (word32)encryptedContentSz); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); encryptedContent = NULL; + #ifndef NO_PKCS7_STREAM + pkcs7->stream->bufferPt = NULL; + #endif } - ForceZero(decryptedKey, MAX_ENCRYPTED_KEY_SZ); } -#endif #ifndef NO_PKCS7_STREAM if (ret != 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { From ea387323c356b82dc1f92614071d3a509867c242 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 28 Feb 2025 14:23:03 -0700 Subject: [PATCH 05/18] remove white space and add macro guard around test case --- tests/api.c | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/tests/api.c b/tests/api.c index f2b4ec313..084630bb4 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39205,10 +39205,11 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, #endif /* HAVE_PKCS7 && !NO_AES && HAVE_AES_CBC && !NO_AES_256 */ +#if defined(HAVE_PKCS7) && defined(ASN_BER_TO_DER) #define MAX_TEST_DECODE_SIZE 6000 -static int test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb(PKCS7* pkcs7, const byte* output, - word32 outputSz, void* ctx) { - WOLFSSL_BUFFER_INFO* out = (WOLFSSL_BUFFER_INFO*)ctx; +static int test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb(wc_PKCS7* pkcs7, + const byte* output, word32 outputSz, void* ctx) { + WOLFSSL_BUFFER_INFO* out = (WOLFSSL_BUFFER_INFO*)ctx; if (out == NULL) { return -1; @@ -39218,15 +39219,18 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb(PKCS7* pkcs7, con printf("Example buffer size needs increased"); } -printf("Decoded in %d bytes\n", outputSz); -for (word32 z = 0; z < outputSz; z++) printf("%02X", output[z]); -printf("\n"); + /* printf("Decoded in %d bytes\n", outputSz); + * for (word32 z = 0; z < outputSz; z++) printf("%02X", output[z]); + * printf("\n"); + */ + XMEMCPY(out->buffer + out->length, output, outputSz); out->length += outputSz; (void)pkcs7; - return 0; -} + return 0; +} +#endif /* HAVE_PKCS7 && ASN_BER_TO_DER */ /* * Testing wc_PKCS7_DecodeEnvelopedData with streaming @@ -39251,7 +39255,8 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048, sizeof_client_cert_der_2048), 0); - ExpectIntEQ(wc_PKCS7_SetKey(pkcs7, (byte*)client_key_der_2048, sizeof_client_key_der_2048), 0); + ExpectIntEQ(wc_PKCS7_SetKey(pkcs7, (byte*)client_key_der_2048, + sizeof_client_key_der_2048), 0); ExpectIntEQ(wc_PKCS7_SetStreamMode(pkcs7, 1, NULL, test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb, (void*)&out), 0); @@ -39260,10 +39265,8 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) ExpectIntGT(testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, sizeof(testStreamBuffer), f), 0); -printf("Fedding in %d bytes\n", testStreamBufferSz); -for (int z = 0; z < testStreamBufferSz; z++) printf("%02X", testStreamBuffer[z]); -printf("\n"); - ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, testStreamBufferSz, NULL, 0); + ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, + testStreamBufferSz, NULL, 0); } while (ret == WC_PKCS7_WANT_READ_E); ExpectIntGT(ret, 0); From ea9f044bcc6f5ccb9dbfc8b2d95a759ec1c52974 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 28 Feb 2025 14:34:51 -0700 Subject: [PATCH 06/18] spelling fixes and return value fix --- wolfcrypt/src/pkcs7.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 3e7e2b32e..82885a83c 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12612,7 +12612,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (explicitOctet) { /* encrypted content may be fragmented into multiple * consecutive OCTET STRINGs, if so loop through - * decrypting and outputing or caching contents until the indef + * decrypting and outputting or caching contents until the indef * ending tag is found */ if (pkcs7->decryptionCb == NULL) { @@ -12735,7 +12735,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } else { //@TODO copy over into output buffer, we need an - // index/ofset into the buffer + // index/offset into the buffer } } @@ -13528,7 +13528,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } - /* check that the expected size was acurate */ + /* check that the expected size was accurate */ if (ret == 0) { if (length > (int)pkcs7->stream->expected && length > (int)pkiMsgSz) { pkcs7->stream->expected = length + 1; @@ -13780,10 +13780,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, /* From RFC5083, "For the purpose of constructing the AAD, the * IMPLICIT [1] tag in the authAttrs field is not used for the * DER encoding: rather a universal SET OF tag is used. */ - if (SetSet(length, pkcs7->stream->aad) < 0) { - ret = ASN_PARSE_E; - break; - } + (void)SetSet(length, pkcs7->stream->aad); /* ignoring the size returned, + * we know it is idx - encodedAttribIdx from parsing whats given */ } } From 6020bf23681a95ad569fae6edf204ce2f12b09fb Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 28 Feb 2025 14:46:42 -0700 Subject: [PATCH 07/18] initialize test variables and fix async build --- tests/api.c | 4 ++-- wolfcrypt/src/pkcs7.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/api.c b/tests/api.c index 084630bb4..a1c098854 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39241,10 +39241,10 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) EXPECT_DECLS; PKCS7* pkcs7 = NULL; int ret; - FILE* f; + FILE* f = NULL; const char* testStream = "./certs/test-stream-dec.p7b"; byte testStreamBuffer[100]; - int testStreamBufferSz; + int testStreamBufferSz = 0; byte decodedData[MAX_TEST_DECODE_SIZE]; /* large enough to hold result of decode, which is ca-cert.pem */ WOLFSSL_BUFFER_INFO out; diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 82885a83c..68943451d 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -8618,7 +8618,7 @@ static int wc_PKCS7_DecryptContentEx(PKCS7* pkcs7, int encryptOID, (word32)inSz); #ifdef WOLFSSL_ASYNC_CRYPT /* async decrypt not available here, so block till done */ - ret = wc_AsyncWait(ret, &aes->asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev, WC_ASYNC_FLAG_NONE); #endif break; #endif /* HAVE_AES_CBC */ @@ -8681,7 +8681,7 @@ static int wc_PKCS7_DecryptContentEx(PKCS7* pkcs7, int encryptOID, #ifdef WOLFSSL_ASYNC_CRYPT /* async decrypt not available here, so block till done */ ret = wc_AsyncWait(ret, - &pkcs7->decryptKey.des3.asyncDev, WC_ASYNC_FLAG_NONE); + &pkcs7->decryptKey.des3->asyncDev, WC_ASYNC_FLAG_NONE); #endif break; #endif /* !NO_DES3 */ @@ -13781,7 +13781,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, * IMPLICIT [1] tag in the authAttrs field is not used for the * DER encoding: rather a universal SET OF tag is used. */ (void)SetSet(length, pkcs7->stream->aad); /* ignoring the size returned, - * we know it is idx - encodedAttribIdx from parsing whats given */ + * we know it is idx - encodedAttribIdx from parsing what's given */ } } From b781ac6c29f8d06e968018e466f440312ea99674 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 28 Feb 2025 15:42:24 -0700 Subject: [PATCH 08/18] asn to der macro gaurds and co-exist build fix --- wolfcrypt/src/pkcs7.c | 77 +++++++++++++++++++++++++++++++++---------- 1 file changed, 59 insertions(+), 18 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 68943451d..c23ffd5a4 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -5276,6 +5276,7 @@ static int wc_PKCS7_HandleOctetStrings(wc_PKCS7* pkcs7, byte* in, word32 inSz, /* got partial octet string data */ /* accumulate partial octet string to buffer */ if (keepContent) { + #ifdef ASN_BER_TO_DER if (pkcs7->streamOutCb) { ret = wc_HashUpdate(&pkcs7->stream->hashAlg, pkcs7->stream->hashType, @@ -5285,7 +5286,9 @@ static int wc_PKCS7_HandleOctetStrings(wc_PKCS7* pkcs7, byte* in, word32 inSz, pkcs7->streamOutCb(pkcs7, msg + *idx, pkcs7->stream->expected, pkcs7->streamCtx); } - else { + else + #endif /* ASN_BER_TO_DER */ + { /* store current content buffer temporarily */ tempBuf = pkcs7->stream->content; pkcs7->stream->content = NULL; @@ -5938,6 +5941,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE3); #ifndef NO_PKCS7_STREAM + #ifdef ASN_BER_TO_DER /* setup hash struct for creating hash of content if needed */ if (pkcs7->streamOutCb) { ret = wc_HashInit_ex(&pkcs7->stream->hashAlg, @@ -5945,6 +5949,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, if (ret != 0) break; } + #endif /* ASN_BER_TO_DER */ /* free pkcs7->stream->content buffer */ XFREE(pkcs7->stream->content, pkcs7->heap, DYNAMIC_TYPE_PKCS7); @@ -6607,7 +6612,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, pkcs7->contentSz = (word32)contentSz; if (ret == 0) { - #ifndef NO_PKCS7_STREAM + #if !defined(NO_PKCS7_STREAM) && defined(ASN_BER_TO_DER) byte streamHash[WC_MAX_DIGEST_SIZE]; /* get final hash if having done hash updates while @@ -6623,7 +6628,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, if (ret != 0) break; } - #endif + #endif /* !NO_PKCS7_STREAM && ASN_BER_TO_DER */ ret = wc_PKCS7_SignedDataVerifySignature(pkcs7, sig, (word32)sigSz, signedAttrib, (word32)signedAttribSz, hashBuf, hashSz); @@ -8447,7 +8452,7 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } -static int wc_PKCS7_DecryptContentInit(PKCS7* pkcs7, int encryptOID, byte* key, +static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID, byte* key, int keySz, byte* iv, int ivSz, int devId, void* heap) { int ret; @@ -8592,13 +8597,17 @@ static int wc_PKCS7_DecryptContentInit(PKCS7* pkcs7, int encryptOID, byte* key, /* Only does decryption of content using encryptOID algo and already set keys * returns 0 on success */ -static int wc_PKCS7_DecryptContentEx(PKCS7* pkcs7, int encryptOID, +static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out) { int ret; - if (in == NULL && pkcs7->getContentCb == NULL) { + if (in == NULL + #ifdef ASN_BER_TO_DER + && pkcs7->getContentCb == NULL + #endif + ) { return BAD_FUNC_ARG; } @@ -8702,7 +8711,7 @@ static int wc_PKCS7_DecryptContentEx(PKCS7* pkcs7, int encryptOID, /* clears up struct for algo used and free's memory */ -static void wc_PKCS7_DecryptContentFree(PKCS7* pkcs7, int encryptOID, +static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, int encryptOID, void* heap) { switch (encryptOID) { @@ -12366,8 +12375,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (pkiMsg == NULL || pkiMsgSz == 0) return BAD_FUNC_ARG; - if (pkcs7->streamOutCb == NULL && (output == NULL || outputSz == 0)) + if ((output == NULL || outputSz == 0) + #ifdef ASN_BER_TO_DER + && pkcs7->streamOutCb == NULL + #endif + ) { return BAD_FUNC_ARG; + } #ifndef NO_PKCS7_STREAM (void)tmpIv; /* help out static analysis */ @@ -12436,7 +12450,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM tmpIdx = idx; pkcs7->stream->aadSz = decryptedKeySz; - pkcs7->stream->expected = MAX_LENGTH_SZ + MAX_VERSION_SZ + ASN_TAG_SZ; + pkcs7->stream->expected = MAX_LENGTH_SZ + MAX_VERSION_SZ + + ASN_TAG_SZ + MAX_LENGTH_SZ; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_3); FALL_THROUGH; @@ -12460,14 +12475,34 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } #ifndef NO_PKCS7_STREAM + if (length == 0) { + /* if indefinet length, assume worst case size + * - Content Type OID + tag/length + * - Algorithm ID structure (OID + parameters) + * - Version + */ + pkcs7->stream->expected = MAX_SEQ_SZ + /* outer sequence */ + MAX_OID_SZ + /* content type OID */ + MAX_ALGO_SZ + /* algorithm identifier */ + MAX_VERSION_SZ + /* version */ + ASN_TAG_SZ + /* tag */ + MAX_LENGTH_SZ; /* length */ + } + else { + pkcs7->stream->expected = length + ASN_TAG_SZ; /* revize size if known */ + } + /* Did we get enough for the expected length? */ - if (length > (int)pkcs7->stream->expected && - length > (int)pkiMsgSz) { - pkcs7->stream->expected = length + 1; + if (pkcs7->stream->expected > pkiMsgSz) { + localIdx = idx; if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; } + pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; + if (pkcs7->stream->length > 0) { + idx = localIdx; /* acount for byte used with seq read */ + } } #endif @@ -12719,21 +12754,24 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } } - pkcs7->stream->expected = MAX_OCTET_STR_SZ; - if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { - break; - } + pkcs7->stream->expected = MAX_OCTET_STR_SZ; + if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { + break; + } /* save last decrypted string to handle padding (this output * flush happens outside of the while loop in the case that * the indef end was found) */ if (ret == 0) { + #ifdef ASN_BER_TO_DER if (pkcs7->streamOutCb) { ret = pkcs7->streamOutCb(pkcs7, pkcs7->cachedEncryptedContent, encryptedContentSz, pkcs7->streamCtx); } - else { + else + #endif /* ASN_BER_TO_DER */ + { //@TODO copy over into output buffer, we need an // index/offset into the buffer } @@ -12775,11 +12813,14 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } + #ifdef ASN_BER_TO_DER if (pkcs7->streamOutCb) { ret = pkcs7->streamOutCb(pkcs7, encryptedContent, encryptedContentSz - padLen, pkcs7->streamCtx); } - else { + else + #endif /* ASN_BER_TO_DER */ + { if ((word32)(encryptedContentSz - padLen) > outputSz) { ret = BUFFER_E; break; From fcf88f16e6a26871800e1bfa6c97557c29ced7b2 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Sat, 1 Mar 2025 15:39:42 -0700 Subject: [PATCH 09/18] spelling fixes and free decrypt structs on error case --- wolfcrypt/src/pkcs7.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index c23ffd5a4..dbd510c41 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12476,7 +12476,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM if (length == 0) { - /* if indefinet length, assume worst case size + /* if indefinite length, assume worst case size * - Content Type OID + tag/length * - Algorithm ID structure (OID + parameters) * - Version @@ -12501,7 +12501,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; if (pkcs7->stream->length > 0) { - idx = localIdx; /* acount for byte used with seq read */ + idx = localIdx; /* account for byte used with seq read */ } } #endif @@ -12737,8 +12737,9 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } if (ret != 0) { - if (ret == -270) + if (ret == WC_PKCS7_WANT_READ_E) { wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx); + } break; } @@ -12781,6 +12782,10 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } if (ret != 0) { + if (ret != WC_PKCS7_WANT_READ_E) { + /* free up in an error case if not looking for more data */ + wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); + } break; } wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); From 4124c824ca1c676f961457c5bb11cf4a07274902 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Tue, 4 Mar 2025 09:29:36 -0700 Subject: [PATCH 10/18] refactor decrypt content init call --- wolfcrypt/src/pkcs7.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index dbd510c41..908db3e4b 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -8452,8 +8452,8 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } -static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID, byte* key, - int keySz, byte* iv, int ivSz, int devId, void* heap) +static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID, + byte* key, int keySz, byte* iv, int ivSz, int devId, void* heap) { int ret; #ifndef NO_AES @@ -12618,6 +12618,19 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } wc_PKCS7_StreamGetVar(pkcs7, &encOID, &expBlockSz, 0); wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet); + + if (explicitOctet) { + /* initialize decryption state in preperation */ + if (pkcs7->decryptionCb == NULL) { + ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID, + pkcs7->stream->aad, pkcs7->stream->aadSz, + pkcs7->stream->tmpIv, expBlockSz, + pkcs7->devId, pkcs7->heap); + if (ret != 0) + break; + } + } + #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_5); FALL_THROUGH; @@ -12650,13 +12663,6 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, * decrypting and outputting or caching contents until the indef * ending tag is found */ - if (pkcs7->decryptionCb == NULL) { - - ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID, - decryptedKey, blockKeySz, tmpIv, expBlockSz, - pkcs7->devId, pkcs7->heap); - } - while (1) { if (pkiMsgSz <= localIdx) { /* ran out of data to parse */ From b75976692ee3fbaffb164f8d132c6a5e9af90589 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Tue, 4 Mar 2025 14:21:59 -0700 Subject: [PATCH 11/18] spelling fix and code formatting --- tests/api.c | 2 +- wolfcrypt/src/pkcs7.c | 276 +++++++++++++++++++++----------------- wolfssl/wolfcrypt/pkcs7.h | 2 +- 3 files changed, 153 insertions(+), 127 deletions(-) diff --git a/tests/api.c b/tests/api.c index a1c098854..d56982cba 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39267,7 +39267,7 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, testStreamBufferSz, NULL, 0); - } while (ret == WC_PKCS7_WANT_READ_E); + } while (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)); ExpectIntGT(ret, 0); if (f != XBADFILE) { diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 908db3e4b..f7c2deba6 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -378,15 +378,11 @@ static int wc_PKCS7_SetMaxStream(wc_PKCS7* pkcs7, byte* in, word32 defSz) return ret; } - #ifdef ASN_BER_TO_DER if (length == 0 && ret == 0) { idx = 0; - if ((ret = wc_BerToDer(pt, maxIdx, NULL, (word32*)&length)) - != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) { - // return ret; - } + WOLFSSL_MSG("PKCS7 found indef SEQ with peek"); } - #endif /* ASN_BER_TO_DER */ + pkcs7->stream->maxLen = (word32)length + idx; if (pkcs7->stream->maxLen == 0) { @@ -1735,8 +1731,8 @@ static int FlattenAttributes(wc_PKCS7* pkcs7, byte* output, EncodedAttrib* ea, } /* create array of FlatAttrib struct pointers to hold DER attribs */ - derArr = (FlatAttrib**) XMALLOC((unsigned long)eaSz * sizeof(FlatAttrib*), pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); + derArr = (FlatAttrib**) XMALLOC((unsigned long)eaSz * sizeof(FlatAttrib*), + pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); if (derArr == NULL) { return MEMORY_E; } @@ -8627,7 +8623,8 @@ static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID, (word32)inSz); #ifdef WOLFSSL_ASYNC_CRYPT /* async decrypt not available here, so block till done */ - ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev, + WC_ASYNC_FLAG_NONE); #endif break; #endif /* HAVE_AES_CBC */ @@ -9057,10 +9054,9 @@ static int wc_PKCS7_GenerateKEK_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen, /* RFC3211 (Section 2.3.1) key wrap algorithm (id-alg-PWRI-KEK). * * Returns output size on success, negative upon error */ -static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kekSz, - const byte* cek, word32 cekSz, - byte* out, word32 *outSz, - const byte* iv, word32 ivSz, int algID) +static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, + word32 kekSz, const byte* cek, word32 cekSz, + byte* out, word32 *outSz, const byte* iv, word32 ivSz, int algID) { WC_RNG rng; int blockSz, outLen, ret; @@ -9113,8 +9109,8 @@ static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kek if (ret == 0) { /* encrypt, normal */ ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, - (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, out, - outLen, out); + (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, out, + outLen, out); } if (ret == 0) { @@ -9411,7 +9407,8 @@ int wc_PKCS7_AddRecipient_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen, totalSz += (kdfSaltOctetStrSz + saltSz); /* set KDF iteration count */ - kdfIterationsSz = (word32)SetMyVersion((word32)iterations, kdfIterations, 0); + kdfIterationsSz = (word32)SetMyVersion((word32)iterations, kdfIterations, + 0); totalSz += kdfIterationsSz; /* set KDF params SEQ */ @@ -9623,8 +9620,8 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, #endif encryptedKeySz = wc_PKCS7_KeyWrap(pkcs7->cek, pkcs7->cekSz, kek, kekSz, - encryptedKey, (word32)encryptedKeySz, keyWrapOID, - direction); + encryptedKey, (word32)encryptedKeySz, keyWrapOID, + direction); if (encryptedKeySz < 0) { #ifdef WOLFSSL_SMALL_STACK XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); @@ -10004,8 +10001,8 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) return BAD_FUNC_ARG; } - encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0, (word32)encryptedOutSz, - encContentOctet, pkcs7->encodeStream); + encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0, + (word32)encryptedOutSz, encContentOctet, pkcs7->encodeStream); encContentSeqSz = (int)SetSequenceEx((word32)(contentTypeSz + contentEncAlgoSz + ivOctetStringSz + blockSz + encContentOctetSz + encryptedOutSz), @@ -10045,7 +10042,8 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) } } #endif - envDataSeqSz = (int)SetSequenceEx((word32)totalSz, envDataSeq, pkcs7->encodeStream); + envDataSeqSz = (int)SetSequenceEx((word32)totalSz, envDataSeq, + pkcs7->encodeStream); totalSz += envDataSeqSz; #ifdef ASN_BER_TO_DER if (pkcs7->encodeStream) { @@ -10054,7 +10052,8 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) #endif /* outer content */ - outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent, pkcs7->encodeStream); + outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent, + pkcs7->encodeStream); #ifdef ASN_BER_TO_DER if (pkcs7->encodeStream) { totalSz += ASN_INDEF_END_SZ; @@ -10274,11 +10273,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, ret = BUFFER_E; break; } -// pkcs7->stream->expected = (pkcs7->stream->maxLen - -// pkcs7->stream->totalRd) + pkcs7->stream->length; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_2); -//pkcs7->stream->expected = MAX_SEQ_SZ; FALL_THROUGH; case WC_PKCS7_DECRYPT_KTRI_2: @@ -10436,7 +10432,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; } - wc_PKCS7_StreamStoreVar(pkcs7, (word32)encryptedKeySz, sidType, version); + wc_PKCS7_StreamStoreVar(pkcs7, (word32)encryptedKeySz, sidType, + version); pkcs7->stream->expected = (word32)encryptedKeySz; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_3); @@ -10519,8 +10516,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, if (encOID != RSAESOAEPk) { #endif keySz = wc_RsaPrivateDecryptInline(encryptedKey, - (word32)encryptedKeySz, &outKey, - privKey); + (word32)encryptedKeySz, &outKey, + privKey); #ifndef WC_NO_RSA_OAEP } else { @@ -11152,7 +11149,8 @@ static int wc_PKCS7_DecryptOri(wc_PKCS7* pkcs7, byte* in, word32 inSz, return PKCS7_RECIP_E; } - /* mark recipFound, since we only support one RecipientInfo for now */ + /* mark recipFound, since we only support one RecipientInfo for + * now */ *recipFound = 1; #ifndef NO_PKCS7_STREAM @@ -11308,7 +11306,8 @@ static int wc_PKCS7_DecryptPwri(wc_PKCS7* pkcs7, byte* in, word32 inSz, } if (length != blockSz) { - WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); + WOLFSSL_MSG("Incorrect IV length, must be of content alg block " + "size"); XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ASN_PARSE_E; } @@ -11463,8 +11462,8 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz, localIdx = *idx; if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 && tag == ASN_GENERALIZED_TIME) { - if (wc_GetDateInfo(pkiMsg + *idx, (int)pkiMsgSz, &datePtr, &dateFormat, - &dateLen) != 0) { + if (wc_GetDateInfo(pkiMsg + *idx, (int)pkiMsgSz, &datePtr, + &dateFormat, &dateLen) != 0) { return ASN_PARSE_E; } *idx += (word32)(dateLen + 1); @@ -11491,7 +11490,8 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz, } /* get KeyEncryptionAlgorithmIdentifier */ - if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz) < 0) + if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz) + < 0) return ASN_PARSE_E; /* get EncryptedKey */ @@ -11512,22 +11512,24 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz, /* decrypt CEK with KEK */ if (pkcs7->wrapCEKCb) { - keySz = pkcs7->wrapCEKCb(pkcs7, pkiMsg + *idx, (word32)length, keyId, - keyIdSz, NULL, 0, decryptedKey, - *decryptedKeySz, (int)keyWrapOID, - (int)PKCS7_KEKRI, direction); + keySz = pkcs7->wrapCEKCb(pkcs7, pkiMsg + *idx, (word32)length, + keyId, keyIdSz, NULL, 0, decryptedKey, + *decryptedKeySz, (int)keyWrapOID, + (int)PKCS7_KEKRI, direction); } else { - keySz = wc_PKCS7_KeyWrap(pkiMsg + *idx, (word32)length, pkcs7->privateKey, - pkcs7->privateKeySz, decryptedKey, *decryptedKeySz, - (int)keyWrapOID, direction); + keySz = wc_PKCS7_KeyWrap(pkiMsg + *idx, (word32)length, + pkcs7->privateKey, pkcs7->privateKeySz, + decryptedKey, *decryptedKeySz, + (int)keyWrapOID, direction); } if (keySz <= 0) return keySz; *decryptedKeySz = (word32)keySz; - /* mark recipFound, since we only support one RecipientInfo for now */ + /* mark recipFound, since we only support one RecipientInfo for + * now */ *recipFound = 1; *idx += (word32)length; @@ -11618,8 +11620,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, /* parse cert and key */ ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert, - pkcs7->singleCertSz, pkcs7->privateKey, - pkcs7->privateKeySz); + pkcs7->singleCertSz, pkcs7->privateKey, + pkcs7->privateKeySz); if (ret != 0) { wc_PKCS7_KariFree(kari); @@ -11641,7 +11643,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, } /* try and remove optional UserKeyingMaterial */ - ret = wc_PKCS7_KariGetUserKeyingMaterial(kari, pkiMsg, pkiMsgSz, idx); + ret = wc_PKCS7_KariGetUserKeyingMaterial(kari, pkiMsg, pkiMsgSz, + idx); if (ret != 0) { wc_PKCS7_KariFree(kari); #ifdef WOLFSSL_SMALL_STACK @@ -11661,7 +11664,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, return ret; } - /* if user has not explicitly set keyAgreeOID, set from one in bundle */ + /* if user has not explicitly set keyAgreeOID, set from one in + * bundle */ if (pkcs7->keyAgreeOID == 0) pkcs7->keyAgreeOID = (int)keyAgreeOID; @@ -11753,10 +11757,10 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, } tmpKeySz = (word32)ret; - keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey, (word32)encryptedKeySz, - rid, (word32)keyIdSize, tmpKeyDer, tmpKeySz, - decryptedKey, *decryptedKeySz, - (int)keyWrapOID, (int)PKCS7_KARI, direction); + keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey, + (word32)encryptedKeySz, rid, (word32)keyIdSize, tmpKeyDer, + tmpKeySz, decryptedKey, *decryptedKeySz, + (int)keyWrapOID, (int)PKCS7_KARI, direction); XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); if (keySz > 0) { @@ -11769,8 +11773,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, } else { /* create KEK */ - ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng, (int)keyWrapOID, - pkcs7->keyAgreeOID); + ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng, + (int)keyWrapOID, pkcs7->keyAgreeOID); if (ret != 0) { wc_PKCS7_KariFree(kari); #ifdef WOLFSSL_SMALL_STACK @@ -11780,9 +11784,9 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, } /* decrypt CEK with KEK */ - keySz = wc_PKCS7_KeyWrap(encryptedKey, (word32)encryptedKeySz, kari->kek, - kari->kekSz, decryptedKey, *decryptedKeySz, - (int)keyWrapOID, direction); + keySz = wc_PKCS7_KeyWrap(encryptedKey, (word32)encryptedKeySz, + kari->kek, kari->kekSz, decryptedKey, *decryptedKeySz, + (int)keyWrapOID, direction); } if (keySz <= 0) { wc_PKCS7_KariFree(kari); @@ -12162,7 +12166,8 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; if (ret == 0) { - if (type == ENVELOPED_DATA && contentType != ENVELOPED_DATA) { + if (type == ENVELOPED_DATA && contentType != + ENVELOPED_DATA) { WOLFSSL_MSG("PKCS#7 input not of type EnvelopedData"); ret = PKCS7_OID_E; } else if (type == AUTH_ENVELOPED_DATA && @@ -12252,7 +12257,8 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, } else { /* AuthEnvelopedData version MUST be 0 */ if (version != 0) { - WOLFSSL_MSG("PKCS#7 AuthEnvelopedData needs to be of version 0"); + WOLFSSL_MSG( + "PKCS#7 AuthEnvelopedData needs to be of version 0"); ret = ASN_VERSION_E; } } @@ -12374,7 +12380,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (pkiMsg == NULL || pkiMsgSz == 0) return BAD_FUNC_ARG; - + if ((output == NULL || outputSz == 0) #ifdef ASN_BER_TO_DER && pkcs7->streamOutCb == NULL @@ -12441,7 +12447,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, decryptedKey, &decryptedKeySz, &recipFound); if (ret == 0 && recipFound == 0) { - WOLFSSL_MSG("No recipient found in envelopedData that matches input"); + WOLFSSL_MSG( + "No recipient found in envelopedData that matches input"); ret = PKCS7_RECIP_E; } @@ -12459,8 +12466,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_ENV_3: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -12481,25 +12488,27 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, * - Algorithm ID structure (OID + parameters) * - Version */ - pkcs7->stream->expected = MAX_SEQ_SZ + /* outer sequence */ - MAX_OID_SZ + /* content type OID */ - MAX_ALGO_SZ + /* algorithm identifier */ - MAX_VERSION_SZ + /* version */ - ASN_TAG_SZ + /* tag */ - MAX_LENGTH_SZ; /* length */ + pkcs7->stream->expected = MAX_SEQ_SZ + /* outer sequence */ + MAX_OID_SZ + /* content type OID */ + MAX_ALGO_SZ + /* algo identifier */ + MAX_VERSION_SZ +/* version */ + ASN_TAG_SZ + /* tag */ + MAX_LENGTH_SZ; /* length */ } else { - pkcs7->stream->expected = length + ASN_TAG_SZ; /* revize size if known */ + /* revize expected size if known */ + pkcs7->stream->expected = length + ASN_TAG_SZ; } /* Did we get enough for the expected length? */ if (pkcs7->stream->expected > pkiMsgSz) { localIdx = idx; - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; } - pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; + pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: + inSz; if (pkcs7->stream->length > 0) { idx = localIdx; /* account for byte used with seq read */ } @@ -12545,7 +12554,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } if (ret == 0 && length != expBlockSz) { - WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); + WOLFSSL_MSG( + "Incorrect IV length, must be of content alg block size"); ret = ASN_PARSE_E; } @@ -12557,8 +12567,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, length); pkcs7->stream->contentSz = (word32)blockKeySz; - pkcs7->stream->expected = (word32)length + MAX_LENGTH_SZ + MAX_LENGTH_SZ + - ASN_TAG_SZ + ASN_TAG_SZ; + pkcs7->stream->expected = (word32)length + MAX_LENGTH_SZ + + MAX_LENGTH_SZ + ASN_TAG_SZ + ASN_TAG_SZ; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_4); FALL_THROUGH; @@ -12620,7 +12630,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet); if (explicitOctet) { - /* initialize decryption state in preperation */ + /* initialize decryption state in preparation */ if (pkcs7->decryptionCb == NULL) { ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID, pkcs7->stream->aad, pkcs7->stream->aadSz, @@ -12700,7 +12710,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } } if (ret == 0) { - pkcs7->stream->expected = encryptedContentSz + (localIdx-idx); + pkcs7->stream->expected = encryptedContentSz + + (localIdx - idx); } if (ret == 0 && @@ -12711,7 +12722,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, DYNAMIC_TYPE_PKCS7); } pkcs7->cachedEncryptedContent = (byte*)XMALLOC( - encryptedContentSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + encryptedContentSz, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); if (pkcs7->cachedEncryptedContent == NULL) { ret = MEMORY_E; } @@ -12719,11 +12731,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, pkcs7->cachedEncryptedContentSz = encryptedContentSz; /* sanity check that the buffer has all of the data */ - if (ret == 0 && (localIdx + encryptedContentSz) > pkiMsgSz) { + if (ret == 0 && (localIdx + encryptedContentSz) > + pkiMsgSz) { ret = WC_PKCS7_WANT_READ_E; if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, - pkcs7->stream->expected, &pkiMsg, &localIdx)) != 0) { + pkcs7->stream->expected, &pkiMsg, &localIdx)) + != 0) { return ret; } } @@ -12738,12 +12752,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret == 0) { ret = wc_PKCS7_DecryptContentEx(pkcs7, encOID, - tmpIv, expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx], - encryptedContentSz, pkcs7->cachedEncryptedContent); + tmpIv, expBlockSz, NULL, 0, NULL, 0, + &pkiMsg[localIdx], encryptedContentSz, + pkcs7->cachedEncryptedContent); } if (ret != 0) { - if (ret == WC_PKCS7_WANT_READ_E) { + if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx); } break; @@ -12762,7 +12777,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } pkcs7->stream->expected = MAX_OCTET_STR_SZ; - if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { + if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, + &localIdx)) != 0) { break; } @@ -12776,20 +12792,16 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, pkcs7->cachedEncryptedContent, encryptedContentSz, pkcs7->streamCtx); } - else #endif /* ASN_BER_TO_DER */ - { - //@TODO copy over into output buffer, we need an - // index/offset into the buffer - } } idx = localIdx; } if (ret != 0) { - if (ret != WC_PKCS7_WANT_READ_E) { - /* free up in an error case if not looking for more data */ + if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { + /* free up in an error case if not looking for more + * data */ wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); } break; @@ -13325,8 +13337,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output, return BAD_FUNC_ARG; } - encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0, (word32)encryptedOutSz, - encContentOctet, 0); + encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0, + (word32)encryptedOutSz, encContentOctet, 0); encContentSeqSz = (int)SetSequence((word32)contentTypeSz + (word32)contentEncAlgoSz + (word32)nonceOctetStringSz + nonceSz + macIntSz + @@ -13519,7 +13531,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } #endif decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, - DYNAMIC_TYPE_PKCS7); + DYNAMIC_TYPE_PKCS7); if (decryptedKey == NULL) { ret = MEMORY_E; break; @@ -13554,7 +13566,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } if (recipFound == 0) { - WOLFSSL_MSG("No recipient found in envelopedData that matches input"); + WOLFSSL_MSG( + "No recipient found in envelopedData that matches input"); ret = PKCS7_RECIP_E; break; } @@ -13568,24 +13581,26 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_AUTHENV_3: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { break; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; #endif /* remove EncryptedContentInfo */ - if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) < 0) { + if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) + < 0) { ret = ASN_PARSE_E; } /* check that the expected size was accurate */ if (ret == 0) { - if (length > (int)pkcs7->stream->expected && length > (int)pkiMsgSz) { + if (length > (int)pkcs7->stream->expected && length > + (int)pkiMsgSz) { pkcs7->stream->expected = length + 1; - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { break; } } @@ -13741,8 +13756,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } } - pkcs7->stream->expected = (word32)encryptedContentSz + MAX_LENGTH_SZ + - ASN_TAG_SZ + ASN_TAG_SZ; + pkcs7->stream->expected = (word32)encryptedContentSz + + MAX_LENGTH_SZ + ASN_TAG_SZ + ASN_TAG_SZ; wc_PKCS7_StreamStoreVar(pkcs7, encOID, blockKeySz, encryptedContentSz); #endif @@ -13752,13 +13767,14 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_AUTHENV_5: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { break; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; - wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz, &encryptedContentSz); + wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz, + &encryptedContentSz); #else pkiMsgSz = inSz; #endif @@ -13829,11 +13845,13 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } else { - /* From RFC5083, "For the purpose of constructing the AAD, the - * IMPLICIT [1] tag in the authAttrs field is not used for the - * DER encoding: rather a universal SET OF tag is used. */ - (void)SetSet(length, pkcs7->stream->aad); /* ignoring the size returned, - * we know it is idx - encodedAttribIdx from parsing what's given */ + /* From RFC5083, "For the purpose of constructing the + * AAD, the IMPLICIT [1] tag in the authAttrs field is + * not used for the DER encoding: rather a universal SET + * OF tag is used. */ + (void)SetSet(length, pkcs7->stream->aad); + /* ignoring the size returned, we know it is + * idx - encodedAttribIdx from parsing what's given */ } } @@ -13870,7 +13888,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, authAttrib = &pkiMsg[idx]; authAttribSz = length; - if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, authAttrib, authAttribSz) < 0) { + if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, authAttrib, + authAttribSz) < 0) { WOLFSSL_MSG("Error parsing authenticated attributes"); ret = ASN_PARSE_E; break; @@ -13880,8 +13899,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM if (pkcs7->stream->aadSz > 0) { - XMEMCPY(pkcs7->stream->aad + (pkcs7->stream->aadSz - (word32)length), - authAttrib, (word32)authAttribSz); + XMEMCPY(pkcs7->stream->aad + (pkcs7->stream->aadSz - + (word32)length), authAttrib, (word32)authAttribSz); } if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { break; @@ -13894,8 +13913,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, case WC_PKCS7_AUTHENV_ATRBEND: authenv_atrbend: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; } pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; @@ -13915,7 +13934,8 @@ authenv_atrbend: } localIdx++; /* move past ASN_OCTET_STRING */ - if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz, pkiMsgSz, 0) < 0) { + if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz, + pkiMsgSz, 0) < 0) { ret = ASN_PARSE_E; } @@ -13924,8 +13944,8 @@ authenv_atrbend: if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected && (authTagSz + (localIdx - idx)) > pkiMsgSz) { pkcs7->stream->expected = authTagSz + (localIdx - idx); - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; } } @@ -14554,7 +14574,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, if (ret == 0 && (ret = GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType, pkiMsgSz)) < 0) ret = ASN_PARSE_E; - if (ret == 0 && (expBlockSz = wc_PKCS7_GetOIDBlockSize((int)encOID)) < 0) + if (ret == 0 && (expBlockSz = + wc_PKCS7_GetOIDBlockSize((int)encOID)) < 0) ret = expBlockSz; if (ret != 0) break; @@ -14595,7 +14616,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, ret = ASN_PARSE_E; if (ret == 0 && length != expBlockSz) { - WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); + WOLFSSL_MSG( + "Incorrect IV length, must be of content alg block size"); ret = ASN_PARSE_E; } @@ -14731,7 +14753,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, pkiMsgSz, &idx); if (ret != 0) { ForceZero(encryptedContent, (word32)encryptedContentSz); - XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + XFREE(encryptedContent, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); ret = ASN_PARSE_E; } } @@ -14741,7 +14764,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, ForceZero(encryptedContent, (word32)encryptedContentSz); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - /* go back and check the version now that attribs have been processed */ + /* go back and check the version now that attribs have been + * processed */ if (pkcs7->version == 3 && version != 0) { WOLFSSL_MSG("Wrong PKCS#7 FirmwareEncryptedData version"); return ASN_VERSION_E; @@ -14871,7 +14895,8 @@ int wc_PKCS7_GetNoCerts(wc_PKCS7* pkcs7) #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA) /* build PKCS#7 compressedData content type, return encrypted size */ -int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) +int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, + word32 outputSz) { byte contentInfoSeq[MAX_SEQ_SZ]; byte contentInfoTypeOid[MAX_OID_SZ]; @@ -14982,7 +15007,8 @@ int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz */ /* ContentInfo content EXPLICIT SEQUENCE */ - contentInfoContentSeqSz = SetExplicit(0, totalSz, contentInfoContentSeq, 0); + contentInfoContentSeqSz = SetExplicit(0, totalSz, contentInfoContentSeq, + 0); totalSz += contentInfoContentSeqSz; ret = wc_SetContentType(COMPRESSED_DATA, contentInfoTypeOid, @@ -15043,8 +15069,8 @@ int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz /* unwrap and decompress PKCS#7/CMS compressedData object, * Handles content wrapped compressed data and raw compressed data packet * returned decoded size */ -int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, - byte* output, word32 outputSz) +int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, word32 outputSz) { int length, version, ret; word32 idx = 0, algOID, contentType; diff --git a/wolfssl/wolfcrypt/pkcs7.h b/wolfssl/wolfcrypt/pkcs7.h index 8dc024f21..efce67c83 100644 --- a/wolfssl/wolfcrypt/pkcs7.h +++ b/wolfssl/wolfcrypt/pkcs7.h @@ -378,7 +378,7 @@ struct wc_PKCS7 { #if !defined(NO_DES3) || !defined(NO_AES) union { #ifndef NO_AES - Aes* aes; + Aes* aes; #endif #ifndef NO_DES3 Des* des; From 68e483d196157dab8d62d44a4875faf7ae370738 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Wed, 5 Mar 2025 15:24:02 -0700 Subject: [PATCH 12/18] refactor of decode envelop for edge cases --- wolfcrypt/src/pkcs7.c | 46 ++++++++++++++++++------------------------- 1 file changed, 19 insertions(+), 27 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index f7c2deba6..772953211 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -10031,14 +10031,14 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) /* resize encrypted content buffer */ if (encryptedContent != NULL) { - XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - encryptedContent = (byte*)XMALLOC(streamSz, pkcs7->heap, - DYNAMIC_TYPE_PKCS7); - if (encryptedContent == NULL) { - XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - wc_PKCS7_FreeEncodedRecipientSet(pkcs7); - return MEMORY_E; - } + XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + encryptedContent = (byte*)XMALLOC(streamSz, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); + if (encryptedContent == NULL) { + XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + wc_PKCS7_FreeEncodedRecipientSet(pkcs7); + return MEMORY_E; + } } } #endif @@ -12674,7 +12674,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, * ending tag is found */ while (1) { - if (pkiMsgSz <= localIdx) { + encryptedContentSz = 0; + if (pkiMsgSz <= localIdx + MAX_OCTET_STR_SZ) { /* ran out of data to parse */ if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { @@ -12686,13 +12687,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, localIdx = idx; if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0) { - if (localIdx >= pkiMsgSz) { - /* ran out of data to parse */ - ret = WC_PKCS7_WANT_READ_E; - } - else { - ret = ASN_PARSE_E; - } + ret = ASN_PARSE_E; } if (ret == 0 && (tag != ASN_OCTET_STRING)) { @@ -12701,17 +12696,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &encryptedContentSz, pkiMsgSz, 0) <= 0) { - if (localIdx + MAX_LENGTH_SZ >= pkiMsgSz) { - /* ran out of data to parse */ - ret = WC_PKCS7_WANT_READ_E; - } - else { - ret = ASN_PARSE_E; - } + ret = ASN_PARSE_E; } + if (ret == 0) { + /* always try to get 2 extra bytes to catch indef ending */ pkcs7->stream->expected = encryptedContentSz + - (localIdx - idx); + (localIdx - idx) + ASN_INDEF_END_SZ; } if (ret == 0 && @@ -12733,13 +12724,14 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, /* sanity check that the buffer has all of the data */ if (ret == 0 && (localIdx + encryptedContentSz) > pkiMsgSz) { - ret = WC_PKCS7_WANT_READ_E; - + word32 ofsetIdx = localIdx - idx; if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &localIdx)) != 0) { return ret; } + localIdx += ofsetIdx; + pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; } /* Use callback for decryption still, if set */ @@ -12767,7 +12759,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, /* advance idx past encrypted content */ localIdx += (word32)encryptedContentSz; - if (localIdx + ASN_INDEF_END_SZ < pkiMsgSz) { + if (localIdx + ASN_INDEF_END_SZ <= pkiMsgSz) { if (pkiMsg[localIdx] == ASN_EOC && pkiMsg[localIdx+1] == ASN_EOC) { /* found the end of encrypted content */ From 624233fb98e50b10808d231002c4b117d72d1494 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Wed, 5 Mar 2025 16:28:26 -0700 Subject: [PATCH 13/18] update test case to account for NO_DES3 build and resolve clang tidy warnings --- tests/api.c | 6 +++++- wolfcrypt/src/pkcs7.c | 9 +++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/tests/api.c b/tests/api.c index d56982cba..727abbd18 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39268,7 +39268,11 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, testStreamBufferSz, NULL, 0); } while (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)); - ExpectIntGT(ret, 0); + #ifdef NO_DES3 + ExpectIntEQ(ret, ALGO_ID_E); + #else + ExpectIntGT(ret, 0); + #endif if (f != XBADFILE) { XFCLOSE(f); diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 772953211..5b5e569d1 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12832,11 +12832,17 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (pkcs7->streamOutCb) { ret = pkcs7->streamOutCb(pkcs7, encryptedContent, encryptedContentSz - padLen, pkcs7->streamCtx); + if (ret != 0) { + WOLFSSL_MSG("Stream out callback returned failure"); + ret = BUFFER_E; + break; + } } else #endif /* ASN_BER_TO_DER */ { - if ((word32)(encryptedContentSz - padLen) > outputSz) { + if (output == NULL || (word32)(encryptedContentSz - padLen) > + outputSz) { ret = BUFFER_E; break; } @@ -13813,7 +13819,6 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 && tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) { encodedAttribIdx = idx; - encodedAttribs = pkiMsg + idx; idx++; if (GetLength_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) <= 0) { From b039e055dfcca4c6fc40808e148e7176cd504c37 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Wed, 5 Mar 2025 17:19:53 -0700 Subject: [PATCH 14/18] clang-tidy warning of garbage value used --- wolfcrypt/src/pkcs7.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 5b5e569d1..c5e314f71 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12372,7 +12372,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, byte padLen; byte* encryptedContent = NULL; int explicitOctet = 0; - word32 localIdx; + word32 localIdx = 0; byte tag = 0; if (pkcs7 == NULL) From 8e98a414013890a2ec085d897a646510bd16b8c9 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Thu, 6 Mar 2025 10:43:02 -0700 Subject: [PATCH 15/18] fix for build with NO_PKCS7_STREAM --- wolfcrypt/src/pkcs7.c | 74 +++++++++++++++++++++++++++++++++---------- 1 file changed, 58 insertions(+), 16 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index c5e314f71..e48de2820 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12676,6 +12676,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, while (1) { encryptedContentSz = 0; if (pkiMsgSz <= localIdx + MAX_OCTET_STR_SZ) { + #ifndef NO_PKCS7_STREAM /* ran out of data to parse */ if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { @@ -12683,6 +12684,9 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } pkiMsgSz = (pkcs7->stream->length > 0) ? pkcs7->stream->length : inSz; + #else + ret = BUFFER_E; + #endif } localIdx = idx; @@ -12698,12 +12702,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, &encryptedContentSz, pkiMsgSz, 0) <= 0) { ret = ASN_PARSE_E; } - + #ifndef NO_PKCS7_STREAM if (ret == 0) { /* always try to get 2 extra bytes to catch indef ending */ pkcs7->stream->expected = encryptedContentSz + (localIdx - idx) + ASN_INDEF_END_SZ; } + #endif if (ret == 0 && pkcs7->cachedEncryptedContentSz < @@ -12724,6 +12729,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, /* sanity check that the buffer has all of the data */ if (ret == 0 && (localIdx + encryptedContentSz) > pkiMsgSz) { + #ifndef NO_PKCS7_STREAM word32 ofsetIdx = localIdx - idx; if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &localIdx)) @@ -12732,6 +12738,9 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } localIdx += ofsetIdx; pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; + #else + ret = BUFFER_E; + #endif } /* Use callback for decryption still, if set */ @@ -12749,12 +12758,14 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, pkcs7->cachedEncryptedContent); } + #ifndef NO_PKCS7_STREAM if (ret != 0) { if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx); } break; } + #endif /* advance idx past encrypted content */ localIdx += (word32)encryptedContentSz; @@ -12767,12 +12778,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, break; } } - + #ifndef NO_PKCS7_STREAM pkcs7->stream->expected = MAX_OCTET_STR_SZ; if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { break; } + #endif /* save last decrypted string to handle padding (this output * flush happens outside of the while loop in the case that @@ -13592,6 +13604,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, ret = ASN_PARSE_E; } + #ifndef NO_PKCS7_STREAM /* check that the expected size was accurate */ if (ret == 0) { if (length > (int)pkcs7->stream->expected && length > @@ -13603,6 +13616,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, } } } + #endif if (ret == 0 && wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) { @@ -13832,24 +13846,19 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret != 0) break; - #ifndef NO_PKCS7_STREAM if (encodedAttribSz > 0) { - pkcs7->stream->aadSz = encodedAttribSz; - pkcs7->stream->aad = (byte*)XMALLOC(encodedAttribSz, + encodedAttribs = (byte*)XMALLOC(encodedAttribSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - if (pkcs7->stream->aad == NULL) { + if (encodedAttribs == NULL) { ret = MEMORY_E; break; } - else { - /* From RFC5083, "For the purpose of constructing the - * AAD, the IMPLICIT [1] tag in the authAttrs field is - * not used for the DER encoding: rather a universal SET - * OF tag is used. */ - (void)SetSet(length, pkcs7->stream->aad); - /* ignoring the size returned, we know it is - * idx - encodedAttribIdx from parsing what's given */ - } + } + + #ifndef NO_PKCS7_STREAM + if (encodedAttribSz > 0) { + pkcs7->stream->aadSz = encodedAttribSz; + pkcs7->stream->aad = encodedAttribs; } if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { @@ -13885,6 +13894,21 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, authAttrib = &pkiMsg[idx]; authAttribSz = length; + { + int ofst; + + /* From RFC5083, "For the purpose of constructing the + * AAD, the IMPLICIT [1] tag in the authAttrs field is + * not used for the DER encoding: rather a universal SET + * OF tag is used. */ + ofst = SetSet(length, encodedAttribs); + + XMEMCPY(encodedAttribs + ofst, authAttrib, authAttribSz); + } + + /* ignoring the size returned, we know it is + * idx - encodedAttribIdx from parsing what's given */ + if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, authAttrib, authAttribSz) < 0) { WOLFSSL_MSG("Error parsing authenticated attributes"); @@ -13936,7 +13960,8 @@ authenv_atrbend: ret = ASN_PARSE_E; } - /* there might not be enough data for the auth tag too, check here */ + #ifndef NO_PKCS7_STREAM + /* there might not be enough data for the auth tag too */ if (ret == 0) { if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected && (authTagSz + (localIdx - idx)) > pkiMsgSz) { @@ -13947,6 +13972,7 @@ authenv_atrbend: } } } + #endif idx = localIdx; if (ret == 0 && authTagSz > (int)sizeof(authTag)) { @@ -14055,6 +14081,14 @@ authenv_atrbend: encodedAttribs[0] = authAttribSetByte; } + if (encodedAttribs != NULL) { + XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + encodedAttribs = NULL; + #ifndef NO_PKCS7_STREAM + pkcs7->stream->aad = NULL; + #endif + } + /* copy plaintext to output */ XMEMCPY(output, encryptedContent, (word32)encryptedContentSz); @@ -14097,6 +14131,14 @@ authenv_atrbend: pkcs7->stream->bufferPt = NULL; #endif } + + if (encodedAttribs != NULL) { + XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + encodedAttribs = NULL; + #ifndef NO_PKCS7_STREAM + pkcs7->stream->aad = NULL; + #endif + } } #ifndef NO_PKCS7_STREAM From 53fa4ffbaf3abcbb5613c054914a0a3bd3c20bb3 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 7 Mar 2025 10:59:10 -0700 Subject: [PATCH 16/18] conversion warning fixes --- tests/api.c | 8 ++- wolfcrypt/src/pkcs7.c | 127 ++++++++++++++++++++---------------------- wolfcrypt/test/test.c | 8 ++- 3 files changed, 72 insertions(+), 71 deletions(-) diff --git a/tests/api.c b/tests/api.c index 727abbd18..a01adafae 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39262,8 +39262,12 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE); do { - ExpectIntGT(testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, - sizeof(testStreamBuffer), f), 0); + testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, + sizeof(testStreamBuffer), f); + ExpectIntGE(testStreamBufferSz, 0); + if (testStreamBufferSz < 0) { + break; + } ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, testStreamBufferSz, NULL, 0); diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index e48de2820..9ded282d4 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -88,8 +88,8 @@ struct PKCS7State { byte* content; byte* buffer; /* main internal read buffer */ - wc_HashAlg hashAlg; - int hashType; + wc_HashAlg hashAlg; + enum wc_HashType hashType; int cntIdfCnt; /* count of in-definite length in content info */ /* stack variables to store for when returning */ @@ -5596,7 +5596,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, ret = ASN_PARSE_E; } /* store hashType for later hashing */ - pkcs7->stream->hashType = (int)hashType; + pkcs7->stream->hashType = hashType; /* restore idx */ idx = localIdx; @@ -8448,8 +8448,8 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } -static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID, - byte* key, int keySz, byte* iv, int ivSz, int devId, void* heap) +static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, word32 encryptOID, + byte* key, word32 keySz, byte* iv, int ivSz, int devId, void* heap) { int ret; #ifndef NO_AES @@ -8593,7 +8593,7 @@ static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID, /* Only does decryption of content using encryptOID algo and already set keys * returns 0 on success */ -static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID, +static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, word32 encryptOID, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out) { @@ -8708,7 +8708,7 @@ static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID, /* clears up struct for algo used and free's memory */ -static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, int encryptOID, +static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, word32 encryptOID, void* heap) { switch (encryptOID) { @@ -8777,14 +8777,15 @@ static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, int encryptOID, /* decrypts the content in one shot, doing init / decrypt / free * returns 0 on success */ -static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, - int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, - word32 authTagSz, byte* in, int inSz, byte* out, int devId, void* heap) +static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, word32 encryptOID, + byte* key, word32 keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, + byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out, + int devId, void* heap) { int ret; if (pkcs7->decryptionCb != NULL) { - return pkcs7->decryptionCb(pkcs7, encryptOID, iv, ivSz, + return pkcs7->decryptionCb(pkcs7, (int)encryptOID, iv, ivSz, aad, aadSz, authTag, authTagSz, in, inSz, out, pkcs7->decryptionCtx); } @@ -9139,7 +9140,7 @@ static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kekSz, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv, - word32 ivSz, int algID) + word32 ivSz, word32 algID) { int blockSz, cekLen, ret; byte* tmpIv = NULL; @@ -9156,7 +9157,7 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek, return MEMORY_E; /* get encryption algorithm block size */ - blockSz = wc_PKCS7_GetOIDBlockSize(algID); + blockSz = wc_PKCS7_GetOIDBlockSize((int)algID); if (blockSz <= 0) { XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); if (blockSz < 0) @@ -9178,21 +9179,21 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek, tmpIv = lastBlock - blockSz; /* decrypt last block */ - ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, tmpIv, + ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz, tmpIv, blockSz, NULL, 0, NULL, 0, lastBlock, blockSz, outTmp + inSz - blockSz, pkcs7->devId, pkcs7->heap); if (ret == 0) { /* using last decrypted block as IV, decrypt [0 ... n-1] blocks */ lastBlock = outTmp + inSz - blockSz; - ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, + ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz, lastBlock, blockSz, NULL, 0, NULL, 0, (byte*)in, (int)inSz - blockSz, outTmp, pkcs7->devId, pkcs7->heap); } if (ret == 0) { /* decrypt using original kek and iv */ - ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, + ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz, (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, outTmp, (int)inSz, outTmp, pkcs7->devId, pkcs7->heap); } @@ -11362,7 +11363,7 @@ static int wc_PKCS7_DecryptPwri(wc_PKCS7* pkcs7, byte* in, word32 inSz, ret = wc_PKCS7_PwriKek_KeyUnWrap(pkcs7, kek, (word32)kekKeySz, pkiMsg + (*idx), (word32)length, cek, cekSz, tmpIv, (word32)blockSz, - (int)pwriEncAlgoId); + pwriEncAlgoId); if (ret < 0) { XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7); @@ -12272,7 +12273,7 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, break; #ifndef NO_PKCS7_STREAM - pkcs7->stream->expected = length; + pkcs7->stream->expected = (word32)length; if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; } @@ -12497,7 +12498,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, } else { /* revize expected size if known */ - pkcs7->stream->expected = length + ASN_TAG_SZ; + pkcs7->stream->expected = (word32)length + ASN_TAG_SZ; } /* Did we get enough for the expected length? */ @@ -12705,7 +12706,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM if (ret == 0) { /* always try to get 2 extra bytes to catch indef ending */ - pkcs7->stream->expected = encryptedContentSz + + pkcs7->stream->expected = (word32)encryptedContentSz + (localIdx - idx) + ASN_INDEF_END_SZ; } #endif @@ -12718,16 +12719,17 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, DYNAMIC_TYPE_PKCS7); } pkcs7->cachedEncryptedContent = (byte*)XMALLOC( - encryptedContentSz, pkcs7->heap, + (word32)encryptedContentSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (pkcs7->cachedEncryptedContent == NULL) { ret = MEMORY_E; } } - pkcs7->cachedEncryptedContentSz = encryptedContentSz; + pkcs7->cachedEncryptedContentSz = + (word32)encryptedContentSz; /* sanity check that the buffer has all of the data */ - if (ret == 0 && (localIdx + encryptedContentSz) > + if (ret == 0 && (localIdx + (word32)encryptedContentSz) > pkiMsgSz) { #ifndef NO_PKCS7_STREAM word32 ofsetIdx = localIdx - idx; @@ -12745,7 +12747,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, /* Use callback for decryption still, if set */ if (ret == 0 && pkcs7->decryptionCb != NULL) { - ret = pkcs7->decryptionCb(pkcs7, encOID, tmpIv, + ret = pkcs7->decryptionCb(pkcs7, (int)encOID, tmpIv, expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx], encryptedContentSz, pkcs7->cachedEncryptedContent, pkcs7->decryptionCtx); @@ -12806,19 +12808,22 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { /* free up in an error case if not looking for more * data */ - wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); + wc_PKCS7_DecryptContentFree(pkcs7, encOID, + pkcs7->heap); } break; } wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); } else { - pkcs7->cachedEncryptedContent = XMALLOC(encryptedContentTotalSz, - pkcs7->heap, DYNAMIC_TYPE_PKCS7); - pkcs7->cachedEncryptedContentSz = encryptedContentTotalSz; + pkcs7->cachedEncryptedContentSz = + (word32)encryptedContentTotalSz; + pkcs7->cachedEncryptedContent = (byte*)XMALLOC( + pkcs7->cachedEncryptedContentSz, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); /* decrypt encryptedContent */ - ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, decryptedKey, - blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, + ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey, + (word32)blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, &pkiMsg[idx], encryptedContentTotalSz, pkcs7->cachedEncryptedContent, pkcs7->devId, pkcs7->heap); @@ -13487,14 +13492,14 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, int expBlockSz = 0, blockKeySz = 0; byte authTag[WC_AES_BLOCK_SIZE]; byte nonce[GCM_NONCE_MID_SZ]; /* GCM nonce is larger than CCM */ - int nonceSz = 0, authTagSz = 0, macSz = 0; + int nonceSz = 0, macSz = 0; + word32 authTagSz = 0; byte* decryptedKey = NULL; int encryptedContentSz = 0; int encryptedAllocSz = 0; byte* encryptedContent = NULL; int explicitOctet = 0; - byte authAttribSetByte = 0; byte* encodedAttribs = NULL; word32 encodedAttribIdx = 0, encodedAttribSz = 0; byte* authAttrib = NULL; @@ -13609,7 +13614,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret == 0) { if (length > (int)pkcs7->stream->expected && length > (int)pkiMsgSz) { - pkcs7->stream->expected = length + 1; + pkcs7->stream->expected = (word32)length + 1; if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { break; @@ -13895,15 +13900,16 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in, authAttribSz = length; { - int ofst; + word32 ofst; /* From RFC5083, "For the purpose of constructing the * AAD, the IMPLICIT [1] tag in the authAttrs field is * not used for the DER encoding: rather a universal SET * OF tag is used. */ - ofst = SetSet(length, encodedAttribs); + ofst = SetSet((word32)length, encodedAttribs); - XMEMCPY(encodedAttribs + ofst, authAttrib, authAttribSz); + XMEMCPY(encodedAttribs + ofst, authAttrib, + (word32)authAttribSz); } /* ignoring the size returned, we know it is @@ -13955,17 +13961,19 @@ authenv_atrbend: } localIdx++; /* move past ASN_OCTET_STRING */ - if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz, + if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length, pkiMsgSz, 0) < 0) { ret = ASN_PARSE_E; } + authTagSz = (word32)length; #ifndef NO_PKCS7_STREAM /* there might not be enough data for the auth tag too */ if (ret == 0) { if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected && (authTagSz + (localIdx - idx)) > pkiMsgSz) { - pkcs7->stream->expected = authTagSz + (localIdx - idx); + pkcs7->stream->expected = authTagSz + + (localIdx - idx); if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; @@ -13975,22 +13983,14 @@ authenv_atrbend: #endif idx = localIdx; - if (ret == 0 && authTagSz > (int)sizeof(authTag)) { + if (ret == 0 && authTagSz > (word32)sizeof(authTag)) { WOLFSSL_MSG("AuthEnvelopedData authTag too large for buffer"); ret = ASN_PARSE_E; } if (ret == 0) { - XMEMCPY(authTag, &pkiMsg[idx], (word32)authTagSz); - idx += (word32)authTagSz; - } - - if (ret == 0 && authAttrib != NULL) { - /* temporarily swap authAttribs byte[0] to SET OF instead of - * IMPLICIT [1], for aad calculation */ - authAttribSetByte = encodedAttribs[0]; - - encodedAttribs[0] = ASN_SET | ASN_CONSTRUCTED; + XMEMCPY(authTag, &pkiMsg[idx], authTagSz); + idx += authTagSz; } if (ret < 0) @@ -14006,15 +14006,15 @@ authenv_atrbend: /* store tag for later */ if (authTagSz > 0) { - pkcs7->stream->tagSz = (word32)authTagSz; - pkcs7->stream->tag = (byte*)XMALLOC((word32)authTagSz, + pkcs7->stream->tagSz = authTagSz; + pkcs7->stream->tag = (byte*)XMALLOC(authTagSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (pkcs7->stream->tag == NULL) { ret = MEMORY_E; break; } else { - XMEMCPY(pkcs7->stream->tag, authTag, (word32)authTagSz); + XMEMCPY(pkcs7->stream->tag, authTag, authTagSz); } } @@ -14043,14 +14043,14 @@ authenv_atrbend: } if (pkcs7->stream->tagSz > 0) { - authTagSz = (int)pkcs7->stream->tagSz; + authTagSz = pkcs7->stream->tagSz; if (authTagSz > WC_AES_BLOCK_SIZE) { WOLFSSL_MSG("PKCS7 saved tag is too large"); ret = BUFFER_E; break; } else { - XMEMCPY(authTag, pkcs7->stream->tag, (word32)authTagSz); + XMEMCPY(authTag, pkcs7->stream->tag, authTagSz); } } @@ -14066,21 +14066,16 @@ authenv_atrbend: #endif /* decrypt encryptedContent */ - ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, decryptedKey, - blockKeySz, nonce, nonceSz, encodedAttribs, encodedAttribSz, - authTag, (word32)authTagSz, encryptedContent, - encryptedContentSz, encryptedContent, pkcs7->devId, - pkcs7->heap); + ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey, + (word32)blockKeySz, nonce, nonceSz, encodedAttribs, + encodedAttribSz, authTag, authTagSz, + encryptedContent, encryptedContentSz, encryptedContent, + pkcs7->devId, pkcs7->heap); if (ret != 0) { XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; } - if (authAttrib != NULL) { - /* restore authAttrib IMPLICIT [1] */ - encodedAttribs[0] = authAttribSetByte; - } - if (encodedAttribs != NULL) { XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7); encodedAttribs = NULL; @@ -14753,8 +14748,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz, idx += (word32)encryptedContentSz; /* decrypt encryptedContent */ - ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, - pkcs7->encryptionKey, (int)pkcs7->encryptionKeySz, + ret = wc_PKCS7_DecryptContent(pkcs7, encOID, + pkcs7->encryptionKey, pkcs7->encryptionKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, encryptedContent, encryptedContentSz, encryptedContent, pkcs7->devId, pkcs7->heap); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index c0d3b711c..f3b37dc38 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -53186,7 +53186,8 @@ static wc_test_ret_t verifyBundle(byte* derBuf, word32 derSz, int keyHint) #endif /* !NO_SHA */ }; - decoded = (byte *)XMALLOC(decodedSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + decoded = (byte *)XMALLOC((word32)decodedSz, HEAP_HINT, + DYNAMIC_TYPE_TMP_BUFFER); if (decoded == NULL) { ret = MEMORY_E; goto out; @@ -53344,7 +53345,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void) { wc_test_ret_t ret = 0; int i, testSz; - int encryptedSz, decodedSz, attribIdx; + int encryptedSz, decodedSz; + word32 attribIdx; wc_PKCS7* pkcs7; byte *encrypted; byte *decoded; @@ -54712,7 +54714,7 @@ static wc_test_ret_t pkcs7signed_run_SingleShotVectors( ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); /* compare decrypted to expected */ if (((word32)ret != testVectors[i].contentSz) || - XMEMCMP(out, testVectors[i].content, ret)) + XMEMCMP(out, testVectors[i].content, (word32)ret)) ERROR_OUT(WC_TEST_RET_ENC_NC, out); } #endif From 09ffdeb897d31a940371d88be5a420ca3be5aa45 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 7 Mar 2025 11:52:01 -0700 Subject: [PATCH 17/18] fix for different reported conversion warnings --- wolfcrypt/src/pkcs7.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 9ded282d4..90e0a7738 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -6617,8 +6617,14 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf, ret = wc_HashFinal(&pkcs7->stream->hashAlg, pkcs7->stream->hashType, streamHash); hashBuf = streamHash; - hashSz = wc_HashGetDigestSize(pkcs7->stream->hashType); - + length = wc_HashGetDigestSize(pkcs7->stream->hashType); + if (length < 0) { + WOLFSSL_MSG("Error getting digest size"); + ret = ASN_PARSE_E; + } + else { + hashSz = (word32)length; + } wc_HashFree(&pkcs7->stream->hashAlg, pkcs7->stream->hashType); if (ret != 0) @@ -12739,7 +12745,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, return ret; } localIdx += ofsetIdx; - pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; + pkiMsgSz = (pkcs7->stream->length > 0)? + pkcs7->stream->length: inSz; #else ret = BUFFER_E; #endif @@ -12796,7 +12803,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (pkcs7->streamOutCb) { ret = pkcs7->streamOutCb(pkcs7, pkcs7->cachedEncryptedContent, - encryptedContentSz, pkcs7->streamCtx); + (word32)encryptedContentSz, pkcs7->streamCtx); } #endif /* ASN_BER_TO_DER */ } @@ -12848,7 +12855,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifdef ASN_BER_TO_DER if (pkcs7->streamOutCb) { ret = pkcs7->streamOutCb(pkcs7, encryptedContent, - encryptedContentSz - padLen, pkcs7->streamCtx); + (word32)encryptedContentSz - padLen, + pkcs7->streamCtx); if (ret != 0) { WOLFSSL_MSG("Stream out callback returned failure"); ret = BUFFER_E; From 8dd614430a45cff06d40645ed86fd29e83dda0b2 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 7 Mar 2025 15:55:34 -0700 Subject: [PATCH 18/18] clang-tidy fixes for test case --- tests/api.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/tests/api.c b/tests/api.c index a01adafae..7893a6434 100644 --- a/tests/api.c +++ b/tests/api.c @@ -39240,16 +39240,16 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) #if defined(HAVE_PKCS7) && defined(ASN_BER_TO_DER) EXPECT_DECLS; PKCS7* pkcs7 = NULL; - int ret; - FILE* f = NULL; + int ret = 0; + XFILE f = XBADFILE; const char* testStream = "./certs/test-stream-dec.p7b"; byte testStreamBuffer[100]; - int testStreamBufferSz = 0; + size_t testStreamBufferSz = 0; byte decodedData[MAX_TEST_DECODE_SIZE]; /* large enough to hold result of decode, which is ca-cert.pem */ WOLFSSL_BUFFER_INFO out; out.length = 0; - out.buffer = decodedData; + out.buffer = decodedData; ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048, @@ -39261,22 +39261,26 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void) test_wc_PKCS7_DecodeEnvelopedData_stream_decrypt_cb, (void*)&out), 0); ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE); - do { - testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, - sizeof(testStreamBuffer), f); - ExpectIntGE(testStreamBufferSz, 0); - if (testStreamBufferSz < 0) { - break; - } + if (EXPECT_SUCCESS()) { + do { + testStreamBufferSz = XFREAD(testStreamBuffer, 1, + sizeof(testStreamBuffer), f); + if (testStreamBufferSz == 0) { + break; + } - ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, - testStreamBufferSz, NULL, 0); - } while (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)); + ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, + (word32)testStreamBufferSz, NULL, 0); + if (testStreamBufferSz < sizeof(testStreamBuffer)) { + break; + } + } while (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)); #ifdef NO_DES3 ExpectIntEQ(ret, ALGO_ID_E); #else ExpectIntGT(ret, 0); #endif + } if (f != XBADFILE) { XFCLOSE(f);