mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 18:57:27 +02:00
David Garske
GitHub
@ -7616,9 +7616,9 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
|
|||||||
#ifdef WOLFSSL_NO_REALLOC
|
#ifdef WOLFSSL_NO_REALLOC
|
||||||
derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
|
derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
|
||||||
if (derBuf != NULL) {
|
if (derBuf != NULL) {
|
||||||
XMEMCPY(derBuf, pkey->pkey.ptr, pkey->pkey_sz);
|
XMEMCPY(derBuf, pkey->pkey.ptr, pkey->pkey_sz);
|
||||||
XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_DER);
|
XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_DER);
|
||||||
pkey->pkey.ptr = NULL;
|
pkey->pkey.ptr = NULL;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz,
|
derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz,
|
||||||
|
|||||||
@ -8469,7 +8469,6 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
{
|
{
|
||||||
int length, encryptedKeySz = 0, ret = 0;
|
int length, encryptedKeySz = 0, ret = 0;
|
||||||
int keySz, version, sidType = 0;
|
int keySz, version, sidType = 0;
|
||||||
word32 encOID;
|
|
||||||
word32 keyIdx;
|
word32 keyIdx;
|
||||||
byte issuerHash[KEYID_SIZE];
|
byte issuerHash[KEYID_SIZE];
|
||||||
byte* outKey = NULL;
|
byte* outKey = NULL;
|
||||||
@ -8484,9 +8483,6 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
#ifdef WC_RSA_BLINDING
|
#ifdef WC_RSA_BLINDING
|
||||||
WC_RNG rng;
|
WC_RNG rng;
|
||||||
#endif
|
#endif
|
||||||
#ifndef WC_NO_RSA_OAEP
|
|
||||||
word32 outLen;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
byte* encryptedKey = NULL;
|
byte* encryptedKey = NULL;
|
||||||
|
|
||||||
@ -8648,19 +8644,30 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
(*idx) += KEYID_SIZE;
|
(*idx) += KEYID_SIZE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
|
{
|
||||||
return ASN_PARSE_E;
|
word32 encOID = 0;
|
||||||
|
|
||||||
|
if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
|
||||||
|
return ASN_PARSE_E;
|
||||||
|
|
||||||
|
if (encOID != pkcs7->publicKeyOID) {
|
||||||
|
WOLFSSL_MSG("public key OID found in KTRI doesn't match "
|
||||||
|
"OID stored earlier.");
|
||||||
|
WOLFSSL_ERROR(ALGO_ID_E);
|
||||||
|
return ALGO_ID_E;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* key encryption algorithm must be RSA for now */
|
/* key encryption algorithm must be RSA for now */
|
||||||
if (encOID != RSAk
|
if (pkcs7->publicKeyOID != RSAk
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
&& encOID != RSAESOAEPk
|
&& pkcs7->publicKeyOID != RSAESOAEPk
|
||||||
#endif
|
#endif
|
||||||
)
|
)
|
||||||
return ALGO_ID_E;
|
return ALGO_ID_E;
|
||||||
|
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (encOID == RSAESOAEPk) {
|
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
||||||
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
|
if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0) {
|
||||||
return ASN_PARSE_E;
|
return ASN_PARSE_E;
|
||||||
}
|
}
|
||||||
@ -8697,6 +8704,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
FALL_THROUGH;
|
FALL_THROUGH;
|
||||||
|
|
||||||
case WC_PKCS7_DECRYPT_KTRI_3:
|
case WC_PKCS7_DECRYPT_KTRI_3:
|
||||||
|
|
||||||
#ifndef NO_PKCS7_STREAM
|
#ifndef NO_PKCS7_STREAM
|
||||||
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
|
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
|
||||||
pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
|
pkcs7->stream->expected, &pkiMsg, idx)) != 0) {
|
||||||
@ -8770,7 +8778,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (encOID != RSAESOAEPk) {
|
if (pkcs7->publicKeyOID != RSAESOAEPk) {
|
||||||
#endif
|
#endif
|
||||||
keySz = wc_RsaPrivateDecryptInline(encryptedKey,
|
keySz = wc_RsaPrivateDecryptInline(encryptedKey,
|
||||||
encryptedKeySz, &outKey,
|
encryptedKeySz, &outKey,
|
||||||
@ -8778,25 +8786,25 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
outLen = wc_RsaEncryptSize(privKey);
|
word32 outLen = wc_RsaEncryptSize(privKey);
|
||||||
outKey = (byte*)XMALLOC(outLen, pkcs7->heap,
|
outKey = (byte*)XMALLOC(outLen, pkcs7->heap,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (!outKey) {
|
if (!outKey) {
|
||||||
WOLFSSL_MSG("Failed to allocate out key buffer");
|
WOLFSSL_MSG("Failed to allocate out key buffer");
|
||||||
wc_FreeRsaKey(privKey);
|
wc_FreeRsaKey(privKey);
|
||||||
XFREE(encryptedKey, pkcs7->heap,
|
XFREE(encryptedKey, pkcs7->heap,
|
||||||
DYNAMIC_TYPE_WOLF_BIGINT);
|
DYNAMIC_TYPE_WOLF_BIGINT);
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(privKey, pkcs7->heap,
|
XFREE(privKey, pkcs7->heap,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
WOLFSSL_ERROR_VERBOSE(MEMORY_E);
|
WOLFSSL_ERROR_VERBOSE(MEMORY_E);
|
||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
keySz = wc_RsaPrivateDecrypt_ex(encryptedKey,
|
keySz = wc_RsaPrivateDecrypt_ex(encryptedKey,
|
||||||
encryptedKeySz, outKey, outLen, privKey,
|
encryptedKeySz, outKey, outLen, privKey,
|
||||||
WC_RSA_OAEP_PAD,
|
WC_RSA_OAEP_PAD,
|
||||||
WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
|
WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -8819,7 +8827,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (encOID == RSAESOAEPk) {
|
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
||||||
if (!outKey) {
|
if (!outKey) {
|
||||||
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
}
|
}
|
||||||
@ -8837,7 +8845,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
|
|||||||
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
#ifndef WC_NO_RSA_OAEP
|
#ifndef WC_NO_RSA_OAEP
|
||||||
if (encOID == RSAESOAEPk) {
|
if (pkcs7->publicKeyOID == RSAESOAEPk) {
|
||||||
if (!outKey) {
|
if (!outKey) {
|
||||||
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(outKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -781,8 +781,8 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
|
|||||||
|
|
||||||
#elif defined(FREESCALE_RTC)
|
#elif defined(FREESCALE_RTC)
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include "fsl_rtc.h"
|
#include "fsl_rtc.h"
|
||||||
#ifndef XTIME
|
#ifndef XTIME
|
||||||
#define XTIME(t1) fsl_time((t1))
|
#define XTIME(t1) fsl_time((t1))
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user