From 6987304f4267d1e1d2a269dbb877a8f225eb8012 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Tue, 15 Apr 2025 14:35:39 -0600 Subject: [PATCH 1/7] Fix to advance past multiple recipients --- wolfcrypt/src/pkcs7.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 686d06856..faf2bd4f3 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -106,6 +106,7 @@ struct PKCS7State { word32 currContSz; /* size of current content */ word32 currContRmnSz; /* remaining size of current content */ word32 accumContSz; /* size of accumulated content size */ + int recipientSz; /* size of recipient set */ byte tmpIv[MAX_CONTENT_IV_SIZE]; /* store IV if needed */ #ifdef WC_PKCS7_STREAM_DEBUG word32 peakUsed; /* most bytes used for struct at any one time */ @@ -12460,14 +12461,16 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM tmpIdx = idx; pkcs7->stream->aad = decryptedKey; + pkcs7->stream->expected = (word32)ret; /* get the full recipient set */ + pkcs7->stream->recipientSz = ret; #endif FALL_THROUGH; case WC_PKCS7_ENV_2: #ifndef NO_PKCS7_STREAM /* store up enough buffer for initial info set decode */ - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, MAX_LENGTH_SZ + - MAX_VERSION_SZ + ASN_TAG_SZ, &pkiMsg, &idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { return ret; } #endif @@ -12483,6 +12486,7 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM decryptedKey = pkcs7->stream->aad; decryptedKeySz = MAX_ENCRYPTED_KEY_SZ; + tmpIdx = idx; #endif ret = wc_PKCS7_DecryptRecipientInfos(pkcs7, in, inSz, &idx, @@ -12497,6 +12501,14 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret != 0) break; #ifndef NO_PKCS7_STREAM + /* advance idx past recipient info set */ + idx = tmpIdx + (word32)pkcs7->stream->recipientSz; + + /* process aditional recipients as read */ + if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { + break; + } + tmpIdx = idx; pkcs7->stream->aadSz = decryptedKeySz; pkcs7->stream->expected = MAX_LENGTH_SZ + MAX_VERSION_SZ + From 7a5e97e30e44be80cfd1244c9279c8364e38f8ce Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Wed, 16 Apr 2025 11:39:45 -0600 Subject: [PATCH 2/7] adjustment for recipient index advancement --- wolfcrypt/src/pkcs7.c | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index faf2bd4f3..3c31d1136 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12316,9 +12316,17 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM pkcs7->stream->expected = (word32)length; + if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; } + + /* update the stored max length */ + if (pkcs7->stream->totalRd + pkcs7->stream->expected > + pkcs7->stream->maxLen) { + pkcs7->stream->maxLen = pkcs7->stream->totalRd + + pkcs7->stream->expected; + } #endif if (ret == 0) @@ -12461,7 +12469,8 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM tmpIdx = idx; pkcs7->stream->aad = decryptedKey; - pkcs7->stream->expected = (word32)ret; /* get the full recipient set */ + /* get the full recipient set */ + pkcs7->stream->expected = (word32)ret; pkcs7->stream->recipientSz = ret; #endif FALL_THROUGH; @@ -12488,6 +12497,7 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, decryptedKeySz = MAX_ENCRYPTED_KEY_SZ; tmpIdx = idx; #endif + pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; ret = wc_PKCS7_DecryptRecipientInfos(pkcs7, in, inSz, &idx, decryptedKey, &decryptedKeySz, @@ -12501,12 +12511,16 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (ret != 0) break; #ifndef NO_PKCS7_STREAM - /* advance idx past recipient info set */ - idx = tmpIdx + (word32)pkcs7->stream->recipientSz; + /* advance idx past recipient info set if not all recipients + * parsed */ + if (pkcs7->stream->totalRd < (pkcs7->stream->recipientSz + + tmpIdx)) { + idx = tmpIdx + (word32)pkcs7->stream->recipientSz; - /* process aditional recipients as read */ - if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { - break; + /* process additional recipients as read */ + if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { + break; + } } tmpIdx = idx; From 328f50570283b011f34908b0caae945e9aab9fa7 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Mon, 29 Sep 2025 17:58:15 -0600 Subject: [PATCH 3/7] add pkcs7 test with multiple recipients --- certs/include.am | 1 + certs/renewcerts.sh | 5 ++ certs/test-multiple-recipients.p7b | Bin 0 -> 6443 bytes tests/api/test_pkcs7.c | 77 +++++++++++++++++++++++++++++ tests/api/test_pkcs7.h | 4 +- wolfcrypt/src/pkcs7.c | 16 +++--- 6 files changed, 96 insertions(+), 7 deletions(-) create mode 100644 certs/test-multiple-recipients.p7b diff --git a/certs/include.am b/certs/include.am index e4f6a0e6c..68fcd1e2e 100644 --- a/certs/include.am +++ b/certs/include.am @@ -53,6 +53,7 @@ EXTRA_DIST += \ certs/server-revoked-key.pem \ certs/wolfssl-website-ca.pem \ certs/test-degenerate.p7b \ + certs/test-multiple-recipients.p7b \ certs/test-stream-sign.p7b \ certs/test-stream-dec.p7b \ certs/test-ber-exp02-05-2022.p7b \ diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 609726cc1..5aed64881 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -888,6 +888,11 @@ run_renewcerts(){ openssl cms -encrypt -in ca-cert.pem -recip client-cert.pem -out test-stream-dec.p7b -outform DER -stream check_result $? "" + echo "Creating test-multiple-recipients.p7b..." + echo "" + openssl smime -encrypt -binary -aes-256-cbc -in ./client-key.pem -out ./test-multiple-recipients.p7b -outform DER ./client-cert.pem ./server-cert.pem + check_result $? "" + echo "End of section" echo "---------------------------------------------------------------------" diff --git a/certs/test-multiple-recipients.p7b b/certs/test-multiple-recipients.p7b new file mode 100644 index 0000000000000000000000000000000000000000..34915f216a1c35ac1046b685898c4be4496dab5a GIT binary patch literal 6443 zcmXqLl2m8o)N1o+`_9YA&b**WQo^7~QiO?-!LW(B+n|YYGZQ0&LE|ig#wmu}2Apin zp)72|OrgPs0tS2_4hIjrZ+>1$VqPLlgq?@oDZeT;H!;sp(10JLhKq+III+AWKfffy zP}o2aB*e|b<(!{aT$)ponU`)TVIT$)Wai;7FE7_C&(BFKF3!FzV6q0v8B?=?ZJzA0<$=Uq8{G8 zqGF>V(Y`76O;75l>17W$bXAo2O!#&>H@(MW1&hOFgC@oc;Aq=!&^V9uXcILM21N%K z4-Y7$gM)qIjSNgI3?&W3LBiZT0s%$&=|zdTxtV$Cx?m{^B2dJix98}ucZ+6kH=Xy= zOMK>sGs>UdV2RVD3EHib&)wM}^KaLp;6t8`R!I*uTv+ah?D;P^A+~bCG{qh5x)+1x zD$Ew$|2L=j)aunY=AVjF&~2UTsd?&*NZrEoPrqG!eYx+i$uMlh0Y-``uUhKG4BYZGZ5# z@NZ|9-;8YMX8aQ3Z9aWsCF_D28qNkyqIK|u&dvzR7YS`1jH%2lj9M%LV$Dsxdk;=M zW#)F*Rj{%DTtky+z}J?v!>6`dMy_r>p7?G{WT5$}eLHHMou2Yrq?>%YdfoirxxYqB z`mIa3y%xoW$=ey(dW16?I&V3~qHw?5_u2C)XZ|caD_q4GW|AONzuvr-Td5~FZPOW5 z<;ynTROgi47I?&d;<9bfH}mVu`d%%2sU_!e;l8YIy!Ej=ZS7ia$E81e9G)mr;^vph z`@87C7InK6ZhPLD9h+E~=kGFJ9kIW1U2lNy1=g1j>UlfoEs)Mo z$XI!=+WbM=tvR+A=PqKsrTx0vcoTDK@?7oHNA^{@?br8u99koO@On=}r+q{HPYu%Ni482xf^UivD8Y<;{)nC*Y z)4$|ZVNz$`t2=r8Z`8cMB>x!zx7{DrY@8cX$~Wl{-`p8oyf$`qfYY8)-gz<#e= zzoTN~(^G$?p8e$i@=q=+;z*HBo8cAyExX))H2l&u_EDHI?{tQ^Ht(Cf4HXM^EeKlK zXet=+=HgS86X$O}ymfNx#qWJ{Zn<{v@A;WrZ?iLG?)1H%8MYW1H(D}Ri=OXEIsT+h z^w0cTy(~MH9^jg4)o`)8^xo4VwIyCt`C}3qlIC7(?$6;8Z%w@`eKt7e;i7-#Q$p_e z96h)@>cx`DX~FOQzR0*1QWI4!@muGN+?i9)q!hco+qWw&c@zCZ+2Y${iH~oNiRK=D zw4vWoWvcGUogdE~wGTHbcW0Y$;d#fs?~S`u)a-ehD^+dg9KH2Yd4W;u=^anl*2>Oa zJ4ZX?&!lY?>yuu3F&3%LH!UxEGG$k&{^I+2Yn={#H`%?a-E6{qt2ctjCGu1MA6-?R z6m#oZLNWKR@KVd~Jr9~D-fGji=DZnA z=PbU6erGtlHf-h%`KK2a+Dz)Z(zDX$L)GUTV+}w452X%|PI>cQ`VwpN)6_oU>cn61 zG1?rwGd7yIX6=`|sk}n$aKXfjk3>%8H=0*uJyh^yFj}?g#}1kG=TxOW6mVaev-0)R z%a4Q?XzUfPb+A0U;!MW2Wp8($RkUZV+#|X0-Dy6C%I}|8j=Wwf)+2tpHDs!h?b5kC zyW895?s^k-DRJ*LhYBBc)1MyVy{w*YWtY4spJCG~7vK8&MXkl6Q?8t?!6cgj!}Va z;;%KYRD(+P%I@qstiaCtruN6Xb8jV2P0;PF-TvkSi_7iZN3Pm4w4A#B-=X}-@8y=0 z<VEZ(G3^S*>Sjhji-A?_WgUK|J#;K zVdjl|T=~yoeHFWWQe}d`VNFKc_Rr3jqNmKd_R5y;jkNXZXL41hPRysQ4&||W`D=H7 z&#`~o|LNAOMnSu>J%@ba9e&EpO}TNZ&i%xkaF%mROw{<5-y8hX(bV5+ah-K{{{$YT z?%8FMr{bQzo|(0}S-0BtMhRO?xO0Q%cbkv=me2oKOp{!?IeGi?uK1 zi=8Awp7nj$op4BTvO~YppKpq1wQi2&xvj`G#_-Q}?~s}m zvyY~;_7$Evue-Qa>CUge78aq>ou?0`2RyHtaH;a}eUEKL$L85aUkzPxD(`&U#zP-p zy`5veUVX;#m)4smOuM10bn%wa_qJK_BLBAkzF@a|b#u+%&B{L?$gEnaaOuC!25HZt z80G};2WfpKR+Hn+7yQ~KtoeDuL2s!&CftnkYAlTO&jmmGvhvW6xArouT+)A*bTfZ` zv6WA#`i;yS&eC(&3$)iBzIszqDwJDywxq|LkSFhi)#p{rX*s?BxrokTy_tdqg$h#l z4upA>&-iSe)^gC zpvncsBDeBHs><*B^B(KgQ2nqWJUmv@!ts#R@?$;^kIi6zVz0lMZ%&q%GSo*y`e)^>D(=^}oB?%mn?OFYFR{CC{Byll64z zquDpK-bQKFeeK+3r!I4*@gn1vUuE097#d46e^^B0sdv#Oc|TPnoHx(^Y!{iUbXfIR za^?gD*{6lyzO1gg+UL~I{+y_u5%PM|-JtaWqK4f? z{yKX)P5jqwoBc??GSM&Ueyy#ywtU-SgJhRUDZS2VvvQJ;_`fuWePwv@tlNq+Uc0x< zdb(%nb!Uy~zq9_%OVIhP<1|NS(+q__FN3!QhS~AMaIn;vZB_T}0i<-S)s;cNU2JD>elrCx9M zD}VWSFo*GtZR+Oc6I0mR*EF~MKDMk&q-aOgoW&Kc6k;s@nlw%1)pDtdBeDjbr<5B}m#Z&$O%5KIm6y|TxX?@6O(-Hxc7Jk5 zrR4dtKM&RN-MV@#xSreo5qKlar(XF}Ola2IgNb%4Y~^3vtLXmkdf=Gl6yI&S|~el+{- ztC~oM>rT@fRAS`%I%9HpimR3?Tr3w2aXVu!#NoALam;qruPenC8h`n)Gn9S#RoUz1 z`{(^gmew@iqt+DL_R2`KW7UDsRC*Jd2}u={+o-#)L~Z6e3{&2+E6UFRfgvE}-z+`G=s@{bH0TNt9Ezm+8QrR z^$kB@d^K{juE^e%Z>w9{yqx%VMg_cTxwxuXW_8h|Lkx^_>@w%SvvoQ%x5RHbln)csT2P%f|dSe>BSuz--ybE#cSGXvw9jH<(ruQpzo zJ~QOwM7voc32)~v2rJ<_Rd7l&R_>7|+nOWamT)K8wY_}cuZ3f(#D_NFS^ ze=GXs_3_~>VTJ5xo}2!E6P)%pCfYV;!+UGj5Y{iUNA%cj^|pTY(~v#2%D_eGL{D{q zJ4ZoS?WY?reaz$Dd~#yR{89eFo8`5Oj;BzSh11&KftNxHehcW-EO8fA^ZYfz#$P0N zL5?Qd{);^>Y{zGm2y>p*6p`M{bHDVR?eR(LzMYf_WHb?u7hlM(z9w$c;jGj3|DMeg zd40l_v8y6hE+BhmUzAwr|I-@%y30%!wV%K9>Y4T7zc(U^lJ&&D)^{`N&oE76Jh+!JAEDUL6(Mp7Fj_wQ@McRI$gTe`Ee@v>)!g3>+r9^TW(m+k%e z#`3Gb(JsjaouzfNxAK~^?#TVXZ2`TBx$XbdV+Iw%Ww$tUqxl8Z-ksdM=FOvtde=o%ZP%J`XTEt6)n@uc_p`;0Tz!F3~sWC)a_ru8?<*6hi0-+STs)j$!K zyvq2GY6`17E?v{Rt9)oq&8!QZTO~^~_lDhAC$+Nsw6b&S>_3n8%ZPP8J<7Y&-2bC{ zS>-ALZ%en$e|J4(bdzac7{PFyYjVq~A8nI%e0=4m*}8k$>{jPrsq0&vuB=?v<5%Cv zB0u5pjlOk3yb(997GDkw;JJ0&vQDMUc|3lzrY9{rHX|oj!lpUy)=!>` zjy)#HVN0&6t{bn1O4YM!~+ za_4H@`5Fgg#2=mA_djOGiYse-J}mNnddejH%)-25Ys->8@npyHxv(GExJhg7snGlf z|1#PqzTo269N#_f$=!*QZQc~j+p)K9mgT?up~pAmdR`U(bl3XIo4A{^--g#-I^mbF zzu~Fxf%IM6vZuxBICxFwue)Ae{-LZjcVflc=RL2F3n=Gxr8%R^6IDLW!k&ypR8GZW1EuW#}bXd_j7!vGZ?6|o;v7!{EPF} zr%I3YjCr1XSpAtb$nKNpgDtH>yh=M6r1||>)oYj3MBJKiw`SEVjpegco8B>=lFIH% zytw4f{V4*kc^E@eU%o9mvhzFp*{vKKUIZjWYaiv9)fwY#b=zBUx8JIh3u+8L*d-kRU3Ot|`2H*M*r2~1NqPTL%~?n<|DNzcrU8n1XBiv@byUgJ1+N2GlM z$JW@sGpE+`9hkCzmZ)t_eq3SY+N;W`GbRKU8RvCODNCP~Gml4p`^%i7Gd$*#SugcJ z&6jv8nlZ=gX-Y+R>EqhIhpoqC6t=%ozI6Ro=8g}sXKW?2&V+{WKb}@|YVW5F>ISo7 z|6G&(E%KoD>%U_;ye@1I}T3fs&WhyynbS>*-6WZJ*R?&oeY{e*)2GZmtGRPZSeYB#g|Q|{e)XK zK2Bxcwmn=#QQ+y#&+D`GUwmgc`S`Y}jY;2vnaj9-t*$vF^I~ms{)Ht;Pq+PcZ2P@< zn(kNY6{eeBnEcFpoF-S_Xkz|-%NbsU(A85GRJs2Ae9d{S=JlMZk}DYI8@knBsC*c%?P9UhK={Z`zMmM^}7&Gk;Rx z-Fb(#=Q?zT)m@vlZs+d`<97$<^W5WnBVh4eL@rG`oveLMeSf&mBfdEvWDx%B7PE_xxqY2WqA@6(^gzDQo8&oXKLhD7)MjZ4)Oer)<7 zT(~maWsA*Z?`y5s%#ef8bvHtpa@>aEpkf6$VVcqxQm);wl?z3s;TZD*E$zy4mL zJYM|4hfC`xJ$}|H7CpN*fOC#pq}0#bestream->length > 0)? pkcs7->stream->length: inSz; - ret = wc_PKCS7_DecryptRecipientInfos(pkcs7, in, inSz, &idx, decryptedKey, &decryptedKeySz, &recipFound); From 12cfca4060b52ce0f3cd49f1a0213102c6f30c7c Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Tue, 30 Sep 2025 09:48:16 -0600 Subject: [PATCH 4/7] account for no AES build and add err trace macro --- tests/api/test_pkcs7.c | 8 ++++++++ wolfcrypt/src/pkcs7.c | 3 ++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/tests/api/test_pkcs7.c b/tests/api/test_pkcs7.c index 332bc3b03..ec4f7f333 100644 --- a/tests/api/test_pkcs7.c +++ b/tests/api/test_pkcs7.c @@ -2182,7 +2182,11 @@ int test_wc_PKCS7_DecodeEnvelopedData_multiple_recipients(void) ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testDerBuffer, (word32)testDerBufferSz, decodedData, sizeof(decodedData)); + #if defined(NO_AES) || defined(NO_AES_256) + ExpectIntEQ(ret, ALGO_ID_E); + #else ExpectIntGT(ret, 0); + #endif wc_PKCS7_Free(pkcs7); } @@ -2197,7 +2201,11 @@ int test_wc_PKCS7_DecodeEnvelopedData_multiple_recipients(void) ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testDerBuffer, (word32)testDerBufferSz, decodedData, sizeof(decodedData)); + #if defined(NO_AES) || defined(NO_AES_256) + ExpectIntEQ(ret, ALGO_ID_E); + #else ExpectIntGT(ret, 0); + #endif wc_PKCS7_Free(pkcs7); } diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 25ed7295f..cce0c6b08 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11975,7 +11975,8 @@ static int wc_PKCS7_DecryptRecipientInfos(wc_PKCS7* pkcs7, byte* in, decryptedKey, decryptedKeySz, recipFound); if (ret != 0) { - if (ret != WC_PKCS7_WANT_READ_E && *recipFound == 0) { + if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E) && + *recipFound == 0) { continue; /* try next recipient */ } else { From 4e92920a7f5f9511db0b06e0a1e6c41e672a8530 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Tue, 30 Sep 2025 10:00:12 -0600 Subject: [PATCH 5/7] cast variable to word32 for compare --- wolfcrypt/src/pkcs7.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index cce0c6b08..b8ceb3ce9 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12518,7 +12518,7 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, #ifndef NO_PKCS7_STREAM /* advance idx past recipient info set if not all recipients * parsed */ - if (pkcs7->stream->totalRd < (pkcs7->stream->recipientSz + + if (pkcs7->stream->totalRd < ((word32)pkcs7->stream->recipientSz + tmpIdx)) { idx = tmpIdx + (word32)pkcs7->stream->recipientSz; From fca302839501cd793ebd0b4252827bcb62af3486 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 3 Oct 2025 15:52:30 -0600 Subject: [PATCH 6/7] advance index past recipent set in non stream case too --- wolfcrypt/src/pkcs7.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index b8ceb3ce9..2ca132181 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -12412,9 +12412,8 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, int recipFound = 0; int ret, length = 0; word32 idx = 0; -#ifndef NO_PKCS7_STREAM word32 tmpIdx = 0; -#endif + word32 recipientSetSz = 0; word32 contentType = 0, encOID = 0; word32 decryptedKeySz = MAX_ENCRYPTED_KEY_SZ; @@ -12473,11 +12472,12 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, if (decryptedKey == NULL) return MEMORY_E; wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_2); - #ifndef NO_PKCS7_STREAM tmpIdx = idx; + recipientSetSz = (word32)ret; + #ifndef NO_PKCS7_STREAM pkcs7->stream->aad = decryptedKey; /* get the full recipient set */ - pkcs7->stream->expected = (word32)ret; + pkcs7->stream->expected = recipientSetSz; pkcs7->stream->recipientSz = ret; #endif FALL_THROUGH; @@ -12532,6 +12532,8 @@ int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in, pkcs7->stream->aadSz = decryptedKeySz; pkcs7->stream->expected = MAX_LENGTH_SZ + MAX_VERSION_SZ + ASN_TAG_SZ + MAX_LENGTH_SZ; + #else + idx = tmpIdx + recipientSetSz; #endif wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_3); FALL_THROUGH; From 7128932eff9d26a921848c6e65fcd380feeb727d Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Mon, 6 Oct 2025 10:48:59 -0600 Subject: [PATCH 7/7] avoid attempt of key decode and free buffer if incorrect recipient found --- wolfcrypt/src/pkcs7.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 2ca132181..3ba2e8bfd 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -10488,6 +10488,14 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, XMEMCPY(encryptedKey, &pkiMsg[*idx], (word32)encryptedKeySz); *idx += (word32)encryptedKeySz; + /* If this is not the correct recipient then do not try to decode + * the encrypted key */ + if (*recipFound == 0) { + XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); + ret = PKCS7_RECIP_E; + break; + } + /* load private key */ #ifdef WOLFSSL_SMALL_STACK privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap,