diff --git a/tests/api/test_rc2.c b/tests/api/test_rc2.c index 8f0d143ca5..10b7194e4c 100644 --- a/tests/api/test_rc2.c +++ b/tests/api/test_rc2.c @@ -284,3 +284,28 @@ int test_wc_Rc2Cbc_MonteCarlo(void) #endif return EXPECT_RESULT(); } + +/* + * Testing function for wc_Rc2Free(). + */ +int test_wc_Rc2Free(void) +{ + EXPECT_DECLS; +#ifdef WC_RC2 + Rc2 rc2; + byte key[] = { 0x01, 0x02, 0x03, 0x04, 0x05 }; + byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 }; + byte zero[sizeof(rc2)]; + + XMEMSET(&rc2, 0, sizeof(rc2)); + XMEMSET(zero, 0, sizeof(zero)); + + wc_Rc2Free(NULL); + + ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32)sizeof(key), iv, 40), 0); + ExpectIntNE(XMEMCMP(&rc2, zero, sizeof(rc2)), 0); + wc_Rc2Free(&rc2); + ExpectIntEQ(XMEMCMP(&rc2, zero, sizeof(rc2)), 0); +#endif + return EXPECT_RESULT(); +} diff --git a/tests/api/test_rc2.h b/tests/api/test_rc2.h index 124adbbc2e..acdd08e3ae 100644 --- a/tests/api/test_rc2.h +++ b/tests/api/test_rc2.h @@ -29,12 +29,14 @@ int test_wc_Rc2SetIV(void); int test_wc_Rc2EcbEncryptDecrypt(void); int test_wc_Rc2CbcEncryptDecrypt(void); int test_wc_Rc2Cbc_MonteCarlo(void); +int test_wc_Rc2Free(void); #define TEST_RC2_DECLS \ TEST_DECL_GROUP("rc2", test_wc_Rc2SetKey), \ TEST_DECL_GROUP("rc2", test_wc_Rc2SetIV), \ TEST_DECL_GROUP("rc2", test_wc_Rc2EcbEncryptDecrypt), \ TEST_DECL_GROUP("rc2", test_wc_Rc2CbcEncryptDecrypt), \ - TEST_DECL_GROUP("rc2", test_wc_Rc2Cbc_MonteCarlo) + TEST_DECL_GROUP("rc2", test_wc_Rc2Cbc_MonteCarlo), \ + TEST_DECL_GROUP("rc2", test_wc_Rc2Free) #endif /* WOLFCRYPT_TEST_RC2_H */ diff --git a/wolfcrypt/src/rc2.c b/wolfcrypt/src/rc2.c index 4816d15165..dde4b67330 100644 --- a/wolfcrypt/src/rc2.c +++ b/wolfcrypt/src/rc2.c @@ -348,5 +348,13 @@ int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz) } +void wc_Rc2Free(Rc2* rc2) +{ + if (rc2 == NULL) + return; + ForceZero(rc2, sizeof(Rc2)); +} + + #endif /* WC_RC2 */ diff --git a/wolfcrypt/src/wc_encrypt.c b/wolfcrypt/src/wc_encrypt.c index 9e131dc768..240011ac04 100644 --- a/wolfcrypt/src/wc_encrypt.c +++ b/wolfcrypt/src/wc_encrypt.c @@ -649,7 +649,7 @@ int wc_CryptKey(const char* password, int passwordSz, const byte* salt, else ret = wc_Rc2CbcDecrypt(&rc2, input, input, length); } - ForceZero(&rc2, sizeof(Rc2)); + wc_Rc2Free(&rc2); break; } #endif diff --git a/wolfssl/wolfcrypt/rc2.h b/wolfssl/wolfcrypt/rc2.h index 9beff3c8c6..c64fffd968 100644 --- a/wolfssl/wolfcrypt/rc2.h +++ b/wolfssl/wolfcrypt/rc2.h @@ -60,6 +60,8 @@ WOLFSSL_API int wc_Rc2CbcEncrypt(Rc2* rc2, byte* out, WOLFSSL_API int wc_Rc2CbcDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz); +WOLFSSL_API void wc_Rc2Free(Rc2* rc2); + #ifdef __cplusplus } /* extern "C" */ #endif