Add wc_Rc2Free for key zeroization

This commit is contained in:
Jeremiah Mackey
2026-05-12 19:38:05 +00:00
parent 9fd21431c2
commit c516d9b6af
5 changed files with 39 additions and 2 deletions
+25
View File
@@ -284,3 +284,28 @@ int test_wc_Rc2Cbc_MonteCarlo(void)
#endif
return EXPECT_RESULT();
}
/*
* Testing function for wc_Rc2Free().
*/
int test_wc_Rc2Free(void)
{
EXPECT_DECLS;
#ifdef WC_RC2
Rc2 rc2;
byte key[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
byte zero[sizeof(rc2)];
XMEMSET(&rc2, 0, sizeof(rc2));
XMEMSET(zero, 0, sizeof(zero));
wc_Rc2Free(NULL);
ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32)sizeof(key), iv, 40), 0);
ExpectIntNE(XMEMCMP(&rc2, zero, sizeof(rc2)), 0);
wc_Rc2Free(&rc2);
ExpectIntEQ(XMEMCMP(&rc2, zero, sizeof(rc2)), 0);
#endif
return EXPECT_RESULT();
}
+3 -1
View File
@@ -29,12 +29,14 @@ int test_wc_Rc2SetIV(void);
int test_wc_Rc2EcbEncryptDecrypt(void);
int test_wc_Rc2CbcEncryptDecrypt(void);
int test_wc_Rc2Cbc_MonteCarlo(void);
int test_wc_Rc2Free(void);
#define TEST_RC2_DECLS \
TEST_DECL_GROUP("rc2", test_wc_Rc2SetKey), \
TEST_DECL_GROUP("rc2", test_wc_Rc2SetIV), \
TEST_DECL_GROUP("rc2", test_wc_Rc2EcbEncryptDecrypt), \
TEST_DECL_GROUP("rc2", test_wc_Rc2CbcEncryptDecrypt), \
TEST_DECL_GROUP("rc2", test_wc_Rc2Cbc_MonteCarlo)
TEST_DECL_GROUP("rc2", test_wc_Rc2Cbc_MonteCarlo), \
TEST_DECL_GROUP("rc2", test_wc_Rc2Free)
#endif /* WOLFCRYPT_TEST_RC2_H */
+8
View File
@@ -348,5 +348,13 @@ int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
}
void wc_Rc2Free(Rc2* rc2)
{
if (rc2 == NULL)
return;
ForceZero(rc2, sizeof(Rc2));
}
#endif /* WC_RC2 */
+1 -1
View File
@@ -649,7 +649,7 @@ int wc_CryptKey(const char* password, int passwordSz, const byte* salt,
else
ret = wc_Rc2CbcDecrypt(&rc2, input, input, length);
}
ForceZero(&rc2, sizeof(Rc2));
wc_Rc2Free(&rc2);
break;
}
#endif
+2
View File
@@ -60,6 +60,8 @@ WOLFSSL_API int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out,
WOLFSSL_API int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out,
const byte* in, word32 sz);
WOLFSSL_API void wc_Rc2Free(Rc2* rc2);
#ifdef __cplusplus
} /* extern "C" */
#endif