wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-05 13:44:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

spelling fix and code formatting

Browse Source
This commit is contained in:
JacobBarthelmeh
2025-03-04 14:21:59 -07:00
parent 4124c824ca
commit b75976692e
3 changed files with 153 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/api.c
View File

@@ -39267,7 +39267,7 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void)
ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer,
testStreamBufferSz, NULL, 0); testStreamBufferSz, NULL, 0);
} while (ret == WC_PKCS7_WANT_READ_E); } while (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E));
ExpectIntGT(ret, 0); ExpectIntGT(ret, 0);
if (f != XBADFILE) { if (f != XBADFILE) {

276
wolfcrypt/src/pkcs7.c
View File

@@ -378,15 +378,11 @@ static int wc_PKCS7_SetMaxStream(wc_PKCS7* pkcs7, byte* in, word32 defSz)
return ret; return ret;
} }
#ifdef ASN_BER_TO_DER
if (length == 0 && ret == 0) { if (length == 0 && ret == 0) {
idx = 0; idx = 0;
if ((ret = wc_BerToDer(pt, maxIdx, NULL, (word32*)&length)) WOLFSSL_MSG("PKCS7 found indef SEQ with peek");
!= WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
// return ret;
}
} }
#endif /* ASN_BER_TO_DER */
pkcs7->stream->maxLen = (word32)length + idx; pkcs7->stream->maxLen = (word32)length + idx;
if (pkcs7->stream->maxLen == 0) { if (pkcs7->stream->maxLen == 0) {
@@ -1735,8 +1731,8 @@ static int FlattenAttributes(wc_PKCS7* pkcs7, byte* output, EncodedAttrib* ea,
} }
/* create array of FlatAttrib struct pointers to hold DER attribs */ /* create array of FlatAttrib struct pointers to hold DER attribs */
derArr = (FlatAttrib**) XMALLOC((unsigned long)eaSz * sizeof(FlatAttrib*), pkcs7->heap, derArr = (FlatAttrib**) XMALLOC((unsigned long)eaSz * sizeof(FlatAttrib*),
DYNAMIC_TYPE_TMP_BUFFER); pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (derArr == NULL) { if (derArr == NULL) {
return MEMORY_E; return MEMORY_E;
} }
@@ -8627,7 +8623,8 @@ static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID,
(word32)inSz); (word32)inSz);
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
/* async decrypt not available here, so block till done */ /* async decrypt not available here, so block till done */
ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev, WC_ASYNC_FLAG_NONE); ret = wc_AsyncWait(ret, &pkcs7->decryptKey.aes->asyncDev,
WC_ASYNC_FLAG_NONE);
#endif #endif
break; break;
#endif /* HAVE_AES_CBC */ #endif /* HAVE_AES_CBC */
@@ -9057,10 +9054,9 @@ static int wc_PKCS7_GenerateKEK_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen,
/* RFC3211 (Section 2.3.1) key wrap algorithm (id-alg-PWRI-KEK). /* RFC3211 (Section 2.3.1) key wrap algorithm (id-alg-PWRI-KEK).
* *
* Returns output size on success, negative upon error */ * Returns output size on success, negative upon error */
static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kekSz, static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek,
const byte* cek, word32 cekSz, word32 kekSz, const byte* cek, word32 cekSz,
byte* out, word32 *outSz, byte* out, word32 *outSz, const byte* iv, word32 ivSz, int algID)
const byte* iv, word32 ivSz, int algID)
{ {
WC_RNG rng; WC_RNG rng;
int blockSz, outLen, ret; int blockSz, outLen, ret;
@@ -9113,8 +9109,8 @@ static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek, word32 kek
if (ret == 0) { if (ret == 0) {
/* encrypt, normal */ /* encrypt, normal */
ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, (int)kekSz,
(byte*)iv, (int)ivSz, NULL, 0, NULL, 0, out, (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, out,
outLen, out); outLen, out);
} }
if (ret == 0) { if (ret == 0) {
@@ -9411,7 +9407,8 @@ int wc_PKCS7_AddRecipient_PWRI(wc_PKCS7* pkcs7, byte* passwd, word32 pLen,
totalSz += (kdfSaltOctetStrSz + saltSz); totalSz += (kdfSaltOctetStrSz + saltSz);
/* set KDF iteration count */ /* set KDF iteration count */
kdfIterationsSz = (word32)SetMyVersion((word32)iterations, kdfIterations, 0); kdfIterationsSz = (word32)SetMyVersion((word32)iterations, kdfIterations,
0);
totalSz += kdfIterationsSz; totalSz += kdfIterationsSz;
/* set KDF params SEQ */ /* set KDF params SEQ */
@@ -9623,8 +9620,8 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek,
#endif #endif
encryptedKeySz = wc_PKCS7_KeyWrap(pkcs7->cek, pkcs7->cekSz, kek, kekSz, encryptedKeySz = wc_PKCS7_KeyWrap(pkcs7->cek, pkcs7->cekSz, kek, kekSz,
encryptedKey, (word32)encryptedKeySz, keyWrapOID, encryptedKey, (word32)encryptedKeySz, keyWrapOID,
direction); direction);
if (encryptedKeySz < 0) { if (encryptedKeySz < 0) {
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@@ -10004,8 +10001,8 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0, (word32)encryptedOutSz, encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0,
encContentOctet, pkcs7->encodeStream); (word32)encryptedOutSz, encContentOctet, pkcs7->encodeStream);
encContentSeqSz = (int)SetSequenceEx((word32)(contentTypeSz + encContentSeqSz = (int)SetSequenceEx((word32)(contentTypeSz +
contentEncAlgoSz + ivOctetStringSz + blockSz + contentEncAlgoSz + ivOctetStringSz + blockSz +
encContentOctetSz + encryptedOutSz), encContentOctetSz + encryptedOutSz),
@@ -10045,7 +10042,8 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
} }
} }
#endif #endif
envDataSeqSz = (int)SetSequenceEx((word32)totalSz, envDataSeq, pkcs7->encodeStream); envDataSeqSz = (int)SetSequenceEx((word32)totalSz, envDataSeq,
pkcs7->encodeStream);
totalSz += envDataSeqSz; totalSz += envDataSeqSz;
#ifdef ASN_BER_TO_DER #ifdef ASN_BER_TO_DER
if (pkcs7->encodeStream) { if (pkcs7->encodeStream) {
@@ -10054,7 +10052,8 @@ int wc_PKCS7_EncodeEnvelopedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz)
#endif #endif
/* outer content */ /* outer content */
outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent, pkcs7->encodeStream); outerContentSz = (int)SetExplicit(0, (word32)totalSz, outerContent,
pkcs7->encodeStream);
#ifdef ASN_BER_TO_DER #ifdef ASN_BER_TO_DER
if (pkcs7->encodeStream) { if (pkcs7->encodeStream) {
totalSz += ASN_INDEF_END_SZ; totalSz += ASN_INDEF_END_SZ;
@@ -10274,11 +10273,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
ret = BUFFER_E; ret = BUFFER_E;
break; break;
} }
// pkcs7->stream->expected = (pkcs7->stream->maxLen -
// pkcs7->stream->totalRd) + pkcs7->stream->length;
#endif #endif
wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_2); wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_2);
//pkcs7->stream->expected = MAX_SEQ_SZ;
FALL_THROUGH; FALL_THROUGH;
case WC_PKCS7_DECRYPT_KTRI_2: case WC_PKCS7_DECRYPT_KTRI_2:
@@ -10436,7 +10432,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
break; break;
} }
wc_PKCS7_StreamStoreVar(pkcs7, (word32)encryptedKeySz, sidType, version); wc_PKCS7_StreamStoreVar(pkcs7, (word32)encryptedKeySz, sidType,
version);
pkcs7->stream->expected = (word32)encryptedKeySz; pkcs7->stream->expected = (word32)encryptedKeySz;
#endif #endif
wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_3); wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_DECRYPT_KTRI_3);
@@ -10519,8 +10516,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
if (encOID != RSAESOAEPk) { if (encOID != RSAESOAEPk) {
#endif #endif
keySz = wc_RsaPrivateDecryptInline(encryptedKey, keySz = wc_RsaPrivateDecryptInline(encryptedKey,
(word32)encryptedKeySz, &outKey, (word32)encryptedKeySz, &outKey,
privKey); privKey);
#ifndef WC_NO_RSA_OAEP #ifndef WC_NO_RSA_OAEP
} }
else { else {
@@ -11152,7 +11149,8 @@ static int wc_PKCS7_DecryptOri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
return PKCS7_RECIP_E; return PKCS7_RECIP_E;
} }
/* mark recipFound, since we only support one RecipientInfo for now */ /* mark recipFound, since we only support one RecipientInfo for
* now */
*recipFound = 1; *recipFound = 1;
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
@@ -11308,7 +11306,8 @@ static int wc_PKCS7_DecryptPwri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
} }
if (length != blockSz) { if (length != blockSz) {
WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); WOLFSSL_MSG("Incorrect IV length, must be of content alg block "
"size");
XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ASN_PARSE_E; return ASN_PARSE_E;
} }
@@ -11463,8 +11462,8 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
localIdx = *idx; localIdx = *idx;
if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag, if ((*idx < kekIdSz) && GetASNTag(pkiMsg, &localIdx, &tag,
pkiMsgSz) == 0 && tag == ASN_GENERALIZED_TIME) { pkiMsgSz) == 0 && tag == ASN_GENERALIZED_TIME) {
if (wc_GetDateInfo(pkiMsg + *idx, (int)pkiMsgSz, &datePtr, &dateFormat, if (wc_GetDateInfo(pkiMsg + *idx, (int)pkiMsgSz, &datePtr,
&dateLen) != 0) { &dateFormat, &dateLen) != 0) {
return ASN_PARSE_E; return ASN_PARSE_E;
} }
*idx += (word32)(dateLen + 1); *idx += (word32)(dateLen + 1);
@@ -11491,7 +11490,8 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
} }
/* get KeyEncryptionAlgorithmIdentifier */ /* get KeyEncryptionAlgorithmIdentifier */
if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz) < 0) if (GetAlgoId(pkiMsg, idx, &keyWrapOID, oidKeyWrapType, pkiMsgSz)
< 0)
return ASN_PARSE_E; return ASN_PARSE_E;
/* get EncryptedKey */ /* get EncryptedKey */
@@ -11512,22 +11512,24 @@ static int wc_PKCS7_DecryptKekri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
/* decrypt CEK with KEK */ /* decrypt CEK with KEK */
if (pkcs7->wrapCEKCb) { if (pkcs7->wrapCEKCb) {
keySz = pkcs7->wrapCEKCb(pkcs7, pkiMsg + *idx, (word32)length, keyId, keySz = pkcs7->wrapCEKCb(pkcs7, pkiMsg + *idx, (word32)length,
keyIdSz, NULL, 0, decryptedKey, keyId, keyIdSz, NULL, 0, decryptedKey,
*decryptedKeySz, (int)keyWrapOID, *decryptedKeySz, (int)keyWrapOID,
(int)PKCS7_KEKRI, direction); (int)PKCS7_KEKRI, direction);
} }
else { else {
keySz = wc_PKCS7_KeyWrap(pkiMsg + *idx, (word32)length, pkcs7->privateKey, keySz = wc_PKCS7_KeyWrap(pkiMsg + *idx, (word32)length,
pkcs7->privateKeySz, decryptedKey, *decryptedKeySz, pkcs7->privateKey, pkcs7->privateKeySz,
(int)keyWrapOID, direction); decryptedKey, *decryptedKeySz,
(int)keyWrapOID, direction);
} }
if (keySz <= 0) if (keySz <= 0)
return keySz; return keySz;
*decryptedKeySz = (word32)keySz; *decryptedKeySz = (word32)keySz;
/* mark recipFound, since we only support one RecipientInfo for now */ /* mark recipFound, since we only support one RecipientInfo for
* now */
*recipFound = 1; *recipFound = 1;
*idx += (word32)length; *idx += (word32)length;
@@ -11618,8 +11620,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
/* parse cert and key */ /* parse cert and key */
ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert, ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
pkcs7->singleCertSz, pkcs7->privateKey, pkcs7->singleCertSz, pkcs7->privateKey,
pkcs7->privateKeySz); pkcs7->privateKeySz);
if (ret != 0) { if (ret != 0) {
wc_PKCS7_KariFree(kari); wc_PKCS7_KariFree(kari);
@@ -11641,7 +11643,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
} }
/* try and remove optional UserKeyingMaterial */ /* try and remove optional UserKeyingMaterial */
ret = wc_PKCS7_KariGetUserKeyingMaterial(kari, pkiMsg, pkiMsgSz, idx); ret = wc_PKCS7_KariGetUserKeyingMaterial(kari, pkiMsg, pkiMsgSz,
idx);
if (ret != 0) { if (ret != 0) {
wc_PKCS7_KariFree(kari); wc_PKCS7_KariFree(kari);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -11661,7 +11664,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
return ret; return ret;
} }
/* if user has not explicitly set keyAgreeOID, set from one in bundle */ /* if user has not explicitly set keyAgreeOID, set from one in
* bundle */
if (pkcs7->keyAgreeOID == 0) if (pkcs7->keyAgreeOID == 0)
pkcs7->keyAgreeOID = (int)keyAgreeOID; pkcs7->keyAgreeOID = (int)keyAgreeOID;
@@ -11753,10 +11757,10 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
} }
tmpKeySz = (word32)ret; tmpKeySz = (word32)ret;
keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey, (word32)encryptedKeySz, keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey,
rid, (word32)keyIdSize, tmpKeyDer, tmpKeySz, (word32)encryptedKeySz, rid, (word32)keyIdSize, tmpKeyDer,
decryptedKey, *decryptedKeySz, tmpKeySz, decryptedKey, *decryptedKeySz,
(int)keyWrapOID, (int)PKCS7_KARI, direction); (int)keyWrapOID, (int)PKCS7_KARI, direction);
XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (keySz > 0) { if (keySz > 0) {
@@ -11769,8 +11773,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
} }
else { else {
/* create KEK */ /* create KEK */
ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng, (int)keyWrapOID, ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng,
pkcs7->keyAgreeOID); (int)keyWrapOID, pkcs7->keyAgreeOID);
if (ret != 0) { if (ret != 0) {
wc_PKCS7_KariFree(kari); wc_PKCS7_KariFree(kari);
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
@@ -11780,9 +11784,9 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz,
} }
/* decrypt CEK with KEK */ /* decrypt CEK with KEK */
keySz = wc_PKCS7_KeyWrap(encryptedKey, (word32)encryptedKeySz, kari->kek, keySz = wc_PKCS7_KeyWrap(encryptedKey, (word32)encryptedKeySz,
kari->kekSz, decryptedKey, *decryptedKeySz, kari->kek, kari->kekSz, decryptedKey, *decryptedKeySz,
(int)keyWrapOID, direction); (int)keyWrapOID, direction);
} }
if (keySz <= 0) { if (keySz <= 0) {
wc_PKCS7_KariFree(kari); wc_PKCS7_KariFree(kari);
@@ -12162,7 +12166,8 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in,
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
if (ret == 0) { if (ret == 0) {
if (type == ENVELOPED_DATA && contentType != ENVELOPED_DATA) { if (type == ENVELOPED_DATA && contentType !=
ENVELOPED_DATA) {
WOLFSSL_MSG("PKCS#7 input not of type EnvelopedData"); WOLFSSL_MSG("PKCS#7 input not of type EnvelopedData");
ret = PKCS7_OID_E; ret = PKCS7_OID_E;
} else if (type == AUTH_ENVELOPED_DATA && } else if (type == AUTH_ENVELOPED_DATA &&
@@ -12252,7 +12257,8 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in,
} else { } else {
/* AuthEnvelopedData version MUST be 0 */ /* AuthEnvelopedData version MUST be 0 */
if (version != 0) { if (version != 0) {
WOLFSSL_MSG("PKCS#7 AuthEnvelopedData needs to be of version 0"); WOLFSSL_MSG(
"PKCS#7 AuthEnvelopedData needs to be of version 0");
ret = ASN_VERSION_E; ret = ASN_VERSION_E;
} }
} }
@@ -12374,7 +12380,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
if (pkiMsg == NULL || pkiMsgSz == 0) if (pkiMsg == NULL || pkiMsgSz == 0)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
if ((output == NULL || outputSz == 0) if ((output == NULL || outputSz == 0)
#ifdef ASN_BER_TO_DER #ifdef ASN_BER_TO_DER
&& pkcs7->streamOutCb == NULL && pkcs7->streamOutCb == NULL
@@ -12441,7 +12447,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
decryptedKey, &decryptedKeySz, decryptedKey, &decryptedKeySz,
&recipFound); &recipFound);
if (ret == 0 && recipFound == 0) { if (ret == 0 && recipFound == 0) {
WOLFSSL_MSG("No recipient found in envelopedData that matches input"); WOLFSSL_MSG(
"No recipient found in envelopedData that matches input");
ret = PKCS7_RECIP_E; ret = PKCS7_RECIP_E;
} }
@@ -12459,8 +12466,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
case WC_PKCS7_ENV_3: case WC_PKCS7_ENV_3:
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
return ret; return ret;
} }
pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
@@ -12481,25 +12488,27 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
* - Algorithm ID structure (OID + parameters) * - Algorithm ID structure (OID + parameters)
* - Version * - Version
*/ */
pkcs7->stream->expected = MAX_SEQ_SZ + /* outer sequence */ pkcs7->stream->expected = MAX_SEQ_SZ + /* outer sequence */
MAX_OID_SZ + /* content type OID */ MAX_OID_SZ + /* content type OID */
MAX_ALGO_SZ + /* algorithm identifier */ MAX_ALGO_SZ + /* algo identifier */
MAX_VERSION_SZ + /* version */ MAX_VERSION_SZ +/* version */
ASN_TAG_SZ + /* tag */ ASN_TAG_SZ + /* tag */
MAX_LENGTH_SZ; /* length */ MAX_LENGTH_SZ; /* length */
} }
else { else {
pkcs7->stream->expected = length + ASN_TAG_SZ; /* revize size if known */ /* revize expected size if known */
pkcs7->stream->expected = length + ASN_TAG_SZ;
} }
/* Did we get enough for the expected length? */ /* Did we get enough for the expected length? */
if (pkcs7->stream->expected > pkiMsgSz) { if (pkcs7->stream->expected > pkiMsgSz) {
localIdx = idx; localIdx = idx;
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
return ret; return ret;
} }
pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length:
inSz;
if (pkcs7->stream->length > 0) { if (pkcs7->stream->length > 0) {
idx = localIdx; /* account for byte used with seq read */ idx = localIdx; /* account for byte used with seq read */
} }
@@ -12545,7 +12554,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
if (ret == 0 && length != expBlockSz) { if (ret == 0 && length != expBlockSz) {
WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); WOLFSSL_MSG(
"Incorrect IV length, must be of content alg block size");
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
@@ -12557,8 +12567,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, length); wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, length);
pkcs7->stream->contentSz = (word32)blockKeySz; pkcs7->stream->contentSz = (word32)blockKeySz;
pkcs7->stream->expected = (word32)length + MAX_LENGTH_SZ + MAX_LENGTH_SZ + pkcs7->stream->expected = (word32)length + MAX_LENGTH_SZ +
ASN_TAG_SZ + ASN_TAG_SZ; MAX_LENGTH_SZ + ASN_TAG_SZ + ASN_TAG_SZ;
#endif #endif
wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_4); wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_ENV_4);
FALL_THROUGH; FALL_THROUGH;
@@ -12620,7 +12630,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet); wc_PKCS7_StreamStoreVar(pkcs7, encOID, expBlockSz, explicitOctet);
if (explicitOctet) { if (explicitOctet) {
/* initialize decryption state in preperation */ /* initialize decryption state in preparation */
if (pkcs7->decryptionCb == NULL) { if (pkcs7->decryptionCb == NULL) {
ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID, ret = wc_PKCS7_DecryptContentInit(pkcs7, encOID,
pkcs7->stream->aad, pkcs7->stream->aadSz, pkcs7->stream->aad, pkcs7->stream->aadSz,
@@ -12700,7 +12710,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
} }
if (ret == 0) { if (ret == 0) {
pkcs7->stream->expected = encryptedContentSz + (localIdx-idx); pkcs7->stream->expected = encryptedContentSz +
(localIdx - idx);
} }
if (ret == 0 && if (ret == 0 &&
@@ -12711,7 +12722,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
DYNAMIC_TYPE_PKCS7); DYNAMIC_TYPE_PKCS7);
} }
pkcs7->cachedEncryptedContent = (byte*)XMALLOC( pkcs7->cachedEncryptedContent = (byte*)XMALLOC(
encryptedContentSz, pkcs7->heap, DYNAMIC_TYPE_PKCS7); encryptedContentSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
if (pkcs7->cachedEncryptedContent == NULL) { if (pkcs7->cachedEncryptedContent == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
} }
@@ -12719,11 +12731,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
pkcs7->cachedEncryptedContentSz = encryptedContentSz; pkcs7->cachedEncryptedContentSz = encryptedContentSz;
/* sanity check that the buffer has all of the data */ /* sanity check that the buffer has all of the data */
if (ret == 0 && (localIdx + encryptedContentSz) > pkiMsgSz) { if (ret == 0 && (localIdx + encryptedContentSz) >
pkiMsgSz) {
ret = WC_PKCS7_WANT_READ_E; ret = WC_PKCS7_WANT_READ_E;
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
pkcs7->stream->expected, &pkiMsg, &localIdx)) != 0) { pkcs7->stream->expected, &pkiMsg, &localIdx))
!= 0) {
return ret; return ret;
} }
} }
@@ -12738,12 +12752,13 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
if (ret == 0) { if (ret == 0) {
ret = wc_PKCS7_DecryptContentEx(pkcs7, encOID, ret = wc_PKCS7_DecryptContentEx(pkcs7, encOID,
tmpIv, expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx], tmpIv, expBlockSz, NULL, 0, NULL, 0,
encryptedContentSz, pkcs7->cachedEncryptedContent); &pkiMsg[localIdx], encryptedContentSz,
pkcs7->cachedEncryptedContent);
} }
if (ret != 0) { if (ret != 0) {
if (ret == WC_PKCS7_WANT_READ_E) { if (ret == WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx); wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &idx);
} }
break; break;
@@ -12762,7 +12777,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
pkcs7->stream->expected = MAX_OCTET_STR_SZ; pkcs7->stream->expected = MAX_OCTET_STR_SZ;
if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx, &localIdx)) != 0) { if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &localIdx,
&localIdx)) != 0) {
break; break;
} }
@@ -12776,20 +12792,16 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
pkcs7->cachedEncryptedContent, pkcs7->cachedEncryptedContent,
encryptedContentSz, pkcs7->streamCtx); encryptedContentSz, pkcs7->streamCtx);
} }
else
#endif /* ASN_BER_TO_DER */ #endif /* ASN_BER_TO_DER */
{
//@TODO copy over into output buffer, we need an
// index/offset into the buffer
}
} }
idx = localIdx; idx = localIdx;
} }
if (ret != 0) { if (ret != 0) {
if (ret != WC_PKCS7_WANT_READ_E) { if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
/* free up in an error case if not looking for more data */ /* free up in an error case if not looking for more
* data */
wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap);
} }
break; break;
@@ -13325,8 +13337,8 @@ int wc_PKCS7_EncodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* output,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0, (word32)encryptedOutSz, encContentOctetSz = (int)SetImplicit(ASN_OCTET_STRING, 0,
encContentOctet, 0); (word32)encryptedOutSz, encContentOctet, 0);
encContentSeqSz = (int)SetSequence((word32)contentTypeSz + encContentSeqSz = (int)SetSequence((word32)contentTypeSz +
(word32)contentEncAlgoSz + (word32)contentEncAlgoSz +
(word32)nonceOctetStringSz + nonceSz + macIntSz + (word32)nonceOctetStringSz + nonceSz + macIntSz +
@@ -13519,7 +13531,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
#endif #endif
decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap,
DYNAMIC_TYPE_PKCS7); DYNAMIC_TYPE_PKCS7);
if (decryptedKey == NULL) { if (decryptedKey == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
break; break;
@@ -13554,7 +13566,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
if (recipFound == 0) { if (recipFound == 0) {
WOLFSSL_MSG("No recipient found in envelopedData that matches input"); WOLFSSL_MSG(
"No recipient found in envelopedData that matches input");
ret = PKCS7_RECIP_E; ret = PKCS7_RECIP_E;
break; break;
} }
@@ -13568,24 +13581,26 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
case WC_PKCS7_AUTHENV_3: case WC_PKCS7_AUTHENV_3:
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
break; break;
} }
pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
#endif #endif
/* remove EncryptedContentInfo */ /* remove EncryptedContentInfo */
if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz, 0) < 0) { if (ret == 0 && GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz, 0)
< 0) {
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
/* check that the expected size was accurate */ /* check that the expected size was accurate */
if (ret == 0) { if (ret == 0) {
if (length > (int)pkcs7->stream->expected && length > (int)pkiMsgSz) { if (length > (int)pkcs7->stream->expected && length >
(int)pkiMsgSz) {
pkcs7->stream->expected = length + 1; pkcs7->stream->expected = length + 1;
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
break; break;
} }
} }
@@ -13741,8 +13756,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
} }
pkcs7->stream->expected = (word32)encryptedContentSz + MAX_LENGTH_SZ + pkcs7->stream->expected = (word32)encryptedContentSz +
ASN_TAG_SZ + ASN_TAG_SZ; MAX_LENGTH_SZ + ASN_TAG_SZ + ASN_TAG_SZ;
wc_PKCS7_StreamStoreVar(pkcs7, encOID, blockKeySz, wc_PKCS7_StreamStoreVar(pkcs7, encOID, blockKeySz,
encryptedContentSz); encryptedContentSz);
#endif #endif
@@ -13752,13 +13767,14 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
case WC_PKCS7_AUTHENV_5: case WC_PKCS7_AUTHENV_5:
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
break; break;
} }
pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz, &encryptedContentSz); wc_PKCS7_StreamGetVar(pkcs7, &encOID, &blockKeySz,
&encryptedContentSz);
#else #else
pkiMsgSz = inSz; pkiMsgSz = inSz;
#endif #endif
@@ -13829,11 +13845,13 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
break; break;
} }
else { else {
/* From RFC5083, "For the purpose of constructing the AAD, the /* From RFC5083, "For the purpose of constructing the
* IMPLICIT [1] tag in the authAttrs field is not used for the * AAD, the IMPLICIT [1] tag in the authAttrs field is
* DER encoding: rather a universal SET OF tag is used. */ * not used for the DER encoding: rather a universal SET
(void)SetSet(length, pkcs7->stream->aad); /* ignoring the size returned, * OF tag is used. */
* we know it is idx - encodedAttribIdx from parsing what's given */ (void)SetSet(length, pkcs7->stream->aad);
/* ignoring the size returned, we know it is
* idx - encodedAttribIdx from parsing what's given */
} }
} }
@@ -13870,7 +13888,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
authAttrib = &pkiMsg[idx]; authAttrib = &pkiMsg[idx];
authAttribSz = length; authAttribSz = length;
if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, authAttrib, authAttribSz) < 0) { if (ret == 0 && wc_PKCS7_ParseAttribs(pkcs7, authAttrib,
authAttribSz) < 0) {
WOLFSSL_MSG("Error parsing authenticated attributes"); WOLFSSL_MSG("Error parsing authenticated attributes");
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
break; break;
@@ -13880,8 +13899,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
if (pkcs7->stream->aadSz > 0) { if (pkcs7->stream->aadSz > 0) {
XMEMCPY(pkcs7->stream->aad + (pkcs7->stream->aadSz - (word32)length), XMEMCPY(pkcs7->stream->aad + (pkcs7->stream->aadSz -
authAttrib, (word32)authAttribSz); (word32)length), authAttrib, (word32)authAttribSz);
} }
if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) { if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, &idx)) != 0) {
break; break;
@@ -13894,8 +13913,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
case WC_PKCS7_AUTHENV_ATRBEND: case WC_PKCS7_AUTHENV_ATRBEND:
authenv_atrbend: authenv_atrbend:
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
return ret; return ret;
} }
pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz; pkiMsgSz = (pkcs7->stream->length > 0)? pkcs7->stream->length: inSz;
@@ -13915,7 +13934,8 @@ authenv_atrbend:
} }
localIdx++; /* move past ASN_OCTET_STRING */ localIdx++; /* move past ASN_OCTET_STRING */
if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz, pkiMsgSz, 0) < 0) { if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz,
pkiMsgSz, 0) < 0) {
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
@@ -13924,8 +13944,8 @@ authenv_atrbend:
if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected && if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected &&
(authTagSz + (localIdx - idx)) > pkiMsgSz) { (authTagSz + (localIdx - idx)) > pkiMsgSz) {
pkcs7->stream->expected = authTagSz + (localIdx - idx); pkcs7->stream->expected = authTagSz + (localIdx - idx);
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
&pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
return ret; return ret;
} }
} }
@@ -14554,7 +14574,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
if (ret == 0 && (ret = GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType, if (ret == 0 && (ret = GetAlgoId(pkiMsg, &idx, &encOID, oidBlkType,
pkiMsgSz)) < 0) pkiMsgSz)) < 0)
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
if (ret == 0 && (expBlockSz = wc_PKCS7_GetOIDBlockSize((int)encOID)) < 0) if (ret == 0 && (expBlockSz =
wc_PKCS7_GetOIDBlockSize((int)encOID)) < 0)
ret = expBlockSz; ret = expBlockSz;
if (ret != 0) break; if (ret != 0) break;
@@ -14595,7 +14616,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
if (ret == 0 && length != expBlockSz) { if (ret == 0 && length != expBlockSz) {
WOLFSSL_MSG("Incorrect IV length, must be of content alg block size"); WOLFSSL_MSG(
"Incorrect IV length, must be of content alg block size");
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
@@ -14731,7 +14753,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
pkiMsgSz, &idx); pkiMsgSz, &idx);
if (ret != 0) { if (ret != 0) {
ForceZero(encryptedContent, (word32)encryptedContentSz); ForceZero(encryptedContent, (word32)encryptedContentSz);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
} }
@@ -14741,7 +14764,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
ForceZero(encryptedContent, (word32)encryptedContentSz); ForceZero(encryptedContent, (word32)encryptedContentSz);
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
/* go back and check the version now that attribs have been processed */ /* go back and check the version now that attribs have been
* processed */
if (pkcs7->version == 3 && version != 0) { if (pkcs7->version == 3 && version != 0) {
WOLFSSL_MSG("Wrong PKCS#7 FirmwareEncryptedData version"); WOLFSSL_MSG("Wrong PKCS#7 FirmwareEncryptedData version");
return ASN_VERSION_E; return ASN_VERSION_E;
@@ -14871,7 +14895,8 @@ int wc_PKCS7_GetNoCerts(wc_PKCS7* pkcs7)
#if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA) #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
/* build PKCS#7 compressedData content type, return encrypted size */ /* build PKCS#7 compressedData content type, return encrypted size */
int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz) int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output,
word32 outputSz)
{ {
byte contentInfoSeq[MAX_SEQ_SZ]; byte contentInfoSeq[MAX_SEQ_SZ];
byte contentInfoTypeOid[MAX_OID_SZ]; byte contentInfoTypeOid[MAX_OID_SZ];
@@ -14982,7 +15007,8 @@ int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz
*/ */
/* ContentInfo content EXPLICIT SEQUENCE */ /* ContentInfo content EXPLICIT SEQUENCE */
contentInfoContentSeqSz = SetExplicit(0, totalSz, contentInfoContentSeq, 0); contentInfoContentSeqSz = SetExplicit(0, totalSz, contentInfoContentSeq,
0);
totalSz += contentInfoContentSeqSz; totalSz += contentInfoContentSeqSz;
ret = wc_SetContentType(COMPRESSED_DATA, contentInfoTypeOid, ret = wc_SetContentType(COMPRESSED_DATA, contentInfoTypeOid,
@@ -15043,8 +15069,8 @@ int wc_PKCS7_EncodeCompressedData(wc_PKCS7* pkcs7, byte* output, word32 outputSz
/* unwrap and decompress PKCS#7/CMS compressedData object, /* unwrap and decompress PKCS#7/CMS compressedData object,
* Handles content wrapped compressed data and raw compressed data packet * Handles content wrapped compressed data and raw compressed data packet
* returned decoded size */ * returned decoded size */
int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, int wc_PKCS7_DecodeCompressedData(wc_PKCS7* pkcs7, byte* pkiMsg,
byte* output, word32 outputSz) word32 pkiMsgSz, byte* output, word32 outputSz)
{ {
int length, version, ret; int length, version, ret;
word32 idx = 0, algOID, contentType; word32 idx = 0, algOID, contentType;

2
wolfssl/wolfcrypt/pkcs7.h
View File

@@ -378,7 +378,7 @@ struct wc_PKCS7 {
#if !defined(NO_DES3) || !defined(NO_AES) #if !defined(NO_DES3) || !defined(NO_AES)
union { union {
#ifndef NO_AES #ifndef NO_AES
Aes* aes; Aes* aes;
#endif #endif
#ifndef NO_DES3 #ifndef NO_DES3
Des* des; Des* des;