Merge pull request #664 from cconlon/pkcs7

PKCS#7/CMS expansion
2025-08-01 03:34:39 +02:00 · 2016-12-15 12:01:00 -08:00
parent 9d94474133 55554b79a9
commit d0533c6dad
9 changed files with 2637 additions and 483 deletions
--- a/Makefile.am
+++ b/Makefile.am
@@ -38,6 +38,18 @@ CLEANFILES+= cert.der \
             othercert.der \
             othercert.pem \
             pkcs7cert.der \
             pkcs7encryptedDataAES128CBC.der \
             pkcs7encryptedDataAES192CBC.der \
             pkcs7encryptedDataAES256CBC_attribs.der \
             pkcs7encryptedDataAES256CBC.der \
             pkcs7encryptedDataAES256CBC_multi_attribs.der \
             pkcs7encryptedDataDES3.der \
             pkcs7encryptedDataDES.der \
             pkcs7envelopedDataAES256CBC_ECDH.der \
             pkcs7envelopedDataAES128CBC_ECDH_SHA1KDF.der \
             pkcs7envelopedDataAES256CBC_ECDH_SHA256KDF.der \
             pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF.der \
             pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF_ukm.der \
             pkcs7envelopedDataDES3.der \
             pkcs7envelopedDataAES128CBC.der \
             pkcs7envelopedDataAES192CBC.der \
--- a/configure.ac
+++ b/configure.ac
@@ -3011,6 +3011,16 @@ if test "x$ENABLED_PKCS7" = "xyes"
 then
    AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
    # Enable prereqs if not already enabled
    if test "x$ENABLED_AESKEYWRAP" = "xno"
    then
        ENABLED_AESKEYWRAP="yes"
        AM_CFLAGS="$AM_CFLAGS -DHAVE_AES_KEYWRAP -DWOLFSSL_AES_DIRECT"
    fi
    if test "x$ENABLED_X963KDF" = "xno"
    then
        ENABLED_X963KDF="yes"
        AM_CFLAGS="$AM_CFLAGS -DHAVE_X963_KDF"
    fi
    AS_IF([test "x$ENABLED_DES3" = "xno"],
          [ENABLED_DES3=yes])
 fi
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -802,6 +802,19 @@ static const byte blkAes256CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 42};
 static const byte blkDesCbcOid[]  = {43, 14, 3, 2, 7};
 static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7};
 /* keyWrapType */
 static const byte wrapAes128Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 5};
 static const byte wrapAes192Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 25};
 static const byte wrapAes256Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 45};
 /* cmsKeyAgreeType */
 static const byte dhSinglePass_stdDH_sha1kdf_Oid[]   =
                                          {43, 129, 5, 16, 134, 72, 63, 0, 2};
 static const byte dhSinglePass_stdDH_sha224kdf_Oid[] = {43, 129, 4, 1, 11, 0};
 static const byte dhSinglePass_stdDH_sha256kdf_Oid[] = {43, 129, 4, 1, 11, 1};
 static const byte dhSinglePass_stdDH_sha384kdf_Oid[] = {43, 129, 4, 1, 11, 2};
 static const byte dhSinglePass_stdDH_sha512kdf_Oid[] = {43, 129, 4, 1, 11, 3};
 /* ocspType */
 #ifdef HAVE_OCSP
    static const byte ocspBasicOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 1};
@@ -1124,6 +1137,7 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
                    *oidSz = sizeof(extExtKeyUsageOcspSignOid);
                    break;
            }
            break;
        case oidKdfType:
            switch (id) {
@@ -1134,6 +1148,48 @@ static const byte* OidFromId(word32 id, word32 type, word32* oidSz)
            }
            break;
        case oidKeyWrapType:
            switch (id) {
                case AES128_WRAP:
                    oid = wrapAes128Oid;
                    *oidSz = sizeof(wrapAes128Oid);
                    break;
                case AES192_WRAP:
                    oid = wrapAes192Oid;
                    *oidSz = sizeof(wrapAes192Oid);
                    break;
                case AES256_WRAP:
                    oid = wrapAes256Oid;
                    *oidSz = sizeof(wrapAes256Oid);
                    break;
            }
            break;
        case oidCmsKeyAgreeType:
            switch (id) {
                case dhSinglePass_stdDH_sha1kdf_scheme:
                    oid = dhSinglePass_stdDH_sha1kdf_Oid;
                    *oidSz = sizeof(dhSinglePass_stdDH_sha1kdf_Oid);
                    break;
                case dhSinglePass_stdDH_sha224kdf_scheme:
                    oid = dhSinglePass_stdDH_sha224kdf_Oid;
                    *oidSz = sizeof(dhSinglePass_stdDH_sha224kdf_Oid);
                    break;
                case dhSinglePass_stdDH_sha256kdf_scheme:
                    oid = dhSinglePass_stdDH_sha256kdf_Oid;
                    *oidSz = sizeof(dhSinglePass_stdDH_sha256kdf_Oid);
                    break;
                case dhSinglePass_stdDH_sha384kdf_scheme:
                    oid = dhSinglePass_stdDH_sha384kdf_Oid;
                    *oidSz = sizeof(dhSinglePass_stdDH_sha384kdf_Oid);
                    break;
                case dhSinglePass_stdDH_sha512kdf_scheme:
                    oid = dhSinglePass_stdDH_sha512kdf_Oid;
                    *oidSz = sizeof(dhSinglePass_stdDH_sha512kdf_Oid);
                    break;
            }
            break;
        case oidIgnoreType:
        default:
            break;
--- a/wolfcrypt/src/pkcs7.c
+++ b/wolfcrypt/src/pkcs7.c
--- a/wolfcrypt/test/test.c
+++ b/wolfcrypt/test/test.c
@@ -238,6 +238,7 @@ int pbkdf2_test(void);
 #ifdef HAVE_PKCS7
    int pkcs7enveloped_test(void);
    int pkcs7signed_test(void);
    int pkcs7encrypted_test(void);
 #endif
 #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT)
 int  certext_test(void);
@@ -474,7 +475,6 @@ int wolfcrypt_test(void* args)
        else
            printf( "HMAC-KDF    test passed!\n");
    #endif
 #endif
 #ifdef HAVE_X963_KDF
@@ -708,6 +708,11 @@ int wolfcrypt_test(void* args)
        return err_sys("PKCS7signed    test failed!\n", ret);
    else
        printf( "PKCS7signed    test passed!\n");
    if ( (ret = pkcs7encrypted_test()) != 0)
        return err_sys("PKCS7encrypted test failed!\n", ret);
    else
        printf( "PKCS7encrypted test passed!\n");
 #endif
 #if defined(USE_WOLFSSL_MEMORY) && defined(WOLFSSL_TRACK_MEMORY)
@@ -4433,6 +4438,10 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
    #ifdef FREESCALE_MQX
        static const char* clientKey  = "a:\\certs\\client-key.der";
        static const char* clientCert = "a:\\certs\\client-cert.der";
        #ifdef HAVE_PKCS7
            static const char* eccClientKey  = "a:\\certs\\ecc-client-key.der";
            static const char* eccClientCert = "a:\\certs\\client-ecc-cert.der";
        #endif
        #ifdef WOLFSSL_CERT_EXT
            static const char* clientKeyPub  = "a:\\certs\\client-keyPub.der";
        #endif
@@ -4455,6 +4464,12 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
        static char* clientCert = "certs/client-cert.der";
        void set_clientKey(char *key) {  clientKey = key ; }
        void set_clientCert(char *cert) {  clientCert = cert ; }
        #ifdef HAVE_PKCS7
            static const char* eccClientKey  = "certs/ecc-client-key.der";
            static const char* eccClientCert = "certs/client-ecc-cert.der";
            void set_eccClientKey(char* key) { eccClientKey = key ; }
            void set_eccClientCert(char* cert) { eccClientCert = cert ; }
        #endif
        #ifdef WOLFSSL_CERT_EXT
            static const char* clientKeyPub  = "certs/client-keyPub.der";
            void set_clientKeyPub(char *key) { clientKeyPub = key ; }
@@ -4482,6 +4497,10 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
    #else
        static const char* clientKey  = "./certs/client-key.der";
        static const char* clientCert = "./certs/client-cert.der";
        #ifdef HAVE_PKCS7
            static const char* eccClientKey  = "./certs/ecc-client-key.der";
            static const char* eccClientCert = "./certs/client-ecc-cert.der";
        #endif
        #ifdef WOLFSSL_CERT_EXT
            static const char* clientKeyPub  = "./certs/client-keyPub.der";
        #endif
@@ -9034,175 +9053,470 @@ int compress_test(void)
 #ifdef HAVE_PKCS7
 /* External Debugging/Testing Note:
 *
 * PKCS#7 test functions can output generated PKCS#7/CMS bundles for
 * additional testing. To dump bundles to files DER encoded files, please
 * define:
 *
 * #define PKCS7_OUTPUT_TEST_BUNDLES
 */
 typedef struct {
-    const char* outFileName;
+    const byte*  content;
-    const byte* content;
+    word32       contentSz;
-    word32      contentSz;
+    int          contentOID;
-    int         contentOID;
+    int          encryptOID;
-    int         encryptOID;
+    int          keyWrapOID;
-    byte*       privateKey;
+    int          keyAgreeOID;
-    word32      privateKeySz;
+    byte*        cert;
    size_t       certSz;
    byte*        privateKey;
    word32       privateKeySz;
    byte*        optionalUkm;
    word32       optionalUkmSz;
    const char*  outFileName;
 } pkcs7EnvelopedVector;
-int pkcs7enveloped_test(void)
+
 static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
                                      byte* rsaPrivKey,  word32 rsaPrivKeySz,
                                      byte* eccCert, word32 eccCertSz,
                                      byte* eccPrivKey,  word32 eccPrivKeySz)
 {
-    int ret = 0;
+    int ret, testSz, i;
    int envelopedSz, decodedSz;
    PKCS7 pkcs7;
    byte* cert;
    byte* privKey;
    byte  enveloped[2048];
    byte  decoded[2048];
-    size_t certSz;
+    byte   enveloped[2048];
-    size_t privKeySz;
+    byte   decoded[2048];
-    FILE*  certFile;
+    PKCS7  pkcs7;
-    FILE*  keyFile;
+#ifdef PKCS7_OUTPUT_TEST_BUNDLES
    FILE*  pkcs7File;
 #endif
    const byte data[] = { /* Hello World */
        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
        0x72,0x6c,0x64
    };
-    pkcs7EnvelopedVector a;
+    byte optionalUkm[] = {
-#ifndef NO_AES
+        0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
-    pkcs7EnvelopedVector b, c, d;
+    };
    pkcs7EnvelopedVector test_pkcs7env[4];
 #else
    pkcs7EnvelopedVector test_pkcs7env[1];
 #endif
    int times = sizeof(test_pkcs7env) / sizeof(pkcs7EnvelopedVector), i;
-    /* read client cert and key in DER format */
+    const pkcs7EnvelopedVector testVectors[] =
-    cert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    {
-    if (cert == NULL)
+        /* key transport key encryption technique */
 #ifndef NO_RSA
        {data, (word32)sizeof(data), DATA, DES3b, 0, 0, rsaCert, rsaCertSz,
         rsaPrivKey, rsaPrivKeySz, NULL, 0, "pkcs7envelopedDataDES3.der"},
    #ifndef NO_AES
        {data, (word32)sizeof(data), DATA, AES128CBCb, 0, 0, rsaCert, rsaCertSz,
         rsaPrivKey, rsaPrivKeySz, NULL, 0, "pkcs7envelopedDataAES128CBC.der"},
        {data, (word32)sizeof(data), DATA, AES192CBCb, 0, 0, rsaCert, rsaCertSz,
         rsaPrivKey, rsaPrivKeySz, NULL, 0, "pkcs7envelopedDataAES192CBC.der"},
        {data, (word32)sizeof(data), DATA, AES256CBCb, 0, 0, rsaCert, rsaCertSz,
         rsaPrivKey, rsaPrivKeySz, NULL, 0, "pkcs7envelopedDataAES256CBC.der"},
    #endif /* NO_AES */
 #endif
        /* key agreement key encryption technique*/
 #ifdef HAVE_ECC
    #ifndef NO_AES
        #ifndef NO_SHA
        {data, (word32)sizeof(data), DATA, AES128CBCb, AES128_WRAP,
         dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey,
         eccPrivKeySz, NULL, 0,
         "pkcs7envelopedDataAES128CBC_ECDH_SHA1KDF.der"},
        #endif
        #ifndef NO_SHA256
        {data, (word32)sizeof(data), DATA, AES256CBCb, AES256_WRAP,
         dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey,
         eccPrivKeySz, NULL, 0,
         "pkcs7envelopedDataAES256CBC_ECDH_SHA256KDF.der"},
        #endif /* NO_SHA256 */
        #ifdef WOLFSSL_SHA512
        {data, (word32)sizeof(data), DATA, AES256CBCb, AES256_WRAP,
         dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
         eccPrivKeySz, NULL, 0,
         "pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF.der"},
        /* with optional user keying material (ukm) */
        {data, (word32)sizeof(data), DATA, AES256CBCb, AES256_WRAP,
         dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey,
         eccPrivKeySz, optionalUkm, sizeof(optionalUkm),
         "pkcs7envelopedDataAES256CBC_ECDH_SHA512KDF_ukm.der"},
        #endif /* WOLFSSL_SHA512 */
    #endif /* NO_AES */
 #endif
    };
    testSz = sizeof(testVectors) / sizeof(pkcs7EnvelopedVector);
    for (i = 0; i < testSz; i++) {
        ret = wc_PKCS7_InitWithCert(&pkcs7, testVectors[i].cert,
                                    (word32)testVectors[i].certSz);
        if (ret != 0)
            return -209;
        pkcs7.content      = (byte*)testVectors[i].content;
        pkcs7.contentSz    = testVectors[i].contentSz;
        pkcs7.contentOID   = testVectors[i].contentOID;
        pkcs7.encryptOID   = testVectors[i].encryptOID;
        pkcs7.keyWrapOID   = testVectors[i].keyWrapOID;
        pkcs7.keyAgreeOID  = testVectors[i].keyAgreeOID;
        pkcs7.privateKey   = testVectors[i].privateKey;
        pkcs7.privateKeySz = testVectors[i].privateKeySz;
        pkcs7.ukm          = testVectors[i].optionalUkm;
        pkcs7.ukmSz        = testVectors[i].optionalUkmSz;
        /* encode envelopedData */
        envelopedSz = wc_PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
                                                   sizeof(enveloped));
        if (envelopedSz <= 0)
            return -210;
        /* decode envelopedData */
        decodedSz = wc_PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
                                                 decoded, sizeof(decoded));
        if (decodedSz <= 0)
            return -211;
        /* test decode result */
        if (XMEMCMP(decoded, data, sizeof(data)) != 0)
            return -212;
 #ifdef PKCS7_OUTPUT_TEST_BUNDLES
        /* output pkcs7 envelopedData for external testing */
        pkcs7File = fopen(testVectors[i].outFileName, "wb");
        if (!pkcs7File)
            return -213;
        ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
        fclose(pkcs7File);
 #endif /* PKCS7_OUTPUT_TEST_BUNDLES */
        wc_PKCS7_Free(&pkcs7);
    }
    return 0;
 }
 int pkcs7enveloped_test(void)
 {
    int ret = 0;
    byte* rsaCert    = NULL;
    byte* eccCert    = NULL;
    byte* rsaPrivKey = NULL;
    byte* eccPrivKey = NULL;
    size_t rsaCertSz    = 0;
    size_t eccCertSz    = 0;
    size_t rsaPrivKeySz = 0;
    size_t eccPrivKeySz = 0;
    FILE*  certFile;
    FILE*  keyFile;
 #ifndef NO_RSA
    /* read client RSA cert and key in DER format */
    rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    if (rsaCert == NULL)
        return -201;
-    privKey =(byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    if (privKey == NULL) {
+    if (rsaPrivKey == NULL) {
-        XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        return -202;
    }
    certFile = fopen(clientCert, "rb");
    if (!certFile) {
-        XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        err_sys("can't open ./certs/client-cert.der, "
                "Please run from wolfSSL home dir", -42);
-        return -42;
+        return -203;
    }
-    certSz = fread(cert, 1, FOURK_BUF, certFile);
+    rsaCertSz = fread(rsaCert, 1, FOURK_BUF, certFile);
    fclose(certFile);
    keyFile = fopen(clientKey, "rb");
    if (!keyFile) {
-        XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        err_sys("can't open ./certs/client-key.der, "
                "Please run from wolfSSL home dir", -43);
-        return -43;
+        return -204;
    }
-    privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
+    rsaPrivKeySz = fread(rsaPrivKey, 1, FOURK_BUF, keyFile);
    fclose(keyFile);
 #endif /* NO_RSA */
-    wc_PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
+#ifdef HAVE_ECC
    /* read client ECC cert and key in DER format */
    eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    if (eccCert == NULL) {
        XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        return -205;
    }
-    /* set up test vectors */
+    eccPrivKey =(byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    a.content      = data;
+    if (eccPrivKey == NULL) {
-    a.contentSz    = (word32)sizeof(data);
+        XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    a.contentOID   = DATA;
+        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    a.encryptOID   = DES3b;
+        XFREE(eccCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    a.privateKey   = privKey;
+        return -206;
-    a.privateKeySz = (word32)privKeySz;
+    }
    a.outFileName  = "pkcs7envelopedDataDES3.der";
-#ifndef NO_AES
+    certFile = fopen(eccClientCert, "rb");
-    b.content      = data;
+    if (!certFile) {
-    b.contentSz    = (word32)sizeof(data);
+        XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    b.contentOID   = DATA;
+        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    b.encryptOID   = AES128CBCb;
+        XFREE(eccCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    b.privateKey   = privKey;
+        XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    b.privateKeySz = (word32)privKeySz;
+        err_sys("can't open ./certs/client-ecc-cert.der, "
-    b.outFileName  = "pkcs7envelopedDataAES128CBC.der";
+                "Please run from wolfSSL home dir", -42);
        return -207;
    }
-    c.content      = data;
+    eccCertSz = fread(eccCert, 1, FOURK_BUF, certFile);
-    c.contentSz    = (word32)sizeof(data);
+    fclose(certFile);
    c.contentOID   = DATA;
    c.encryptOID   = AES192CBCb;
    c.privateKey   = privKey;
    c.privateKeySz = (word32)privKeySz;
    c.outFileName  = "pkcs7envelopedDataAES192CBC.der";
-    d.content      = data;
+    keyFile = fopen(eccClientKey, "rb");
-    d.contentSz    = (word32)sizeof(data);
+    if (!keyFile) {
-    d.contentOID   = DATA;
+        XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    d.encryptOID   = AES256CBCb;
+        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    d.privateKey   = privKey;
+        XFREE(eccCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    d.privateKeySz = (word32)privKeySz;
+        XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    d.outFileName  = "pkcs7envelopedDataAES256CBC.der";
+        err_sys("can't open ./certs/ecc-client-key.der, "
                "Please run from wolfSSL home dir", -43);
        return -208;
    }
    eccPrivKeySz = fread(eccPrivKey, 1, FOURK_BUF, keyFile);
    fclose(keyFile);
 #endif /* HAVE_ECC */
    ret = pkcs7enveloped_run_vectors(rsaCert, (word32)rsaCertSz,
                                     rsaPrivKey, (word32)rsaPrivKeySz,
                                     eccCert, (word32)eccCertSz,
                                     eccPrivKey, (word32)eccPrivKeySz);
    if (ret != 0) {
        XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        XFREE(eccCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
        return ret;
    }
    XFREE(rsaCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(eccCert,    HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    return 0;
 }
 typedef struct {
    const byte*  content;
    word32       contentSz;
    int          contentOID;
    int          encryptOID;
    byte*        encryptionKey;
    word32       encryptionKeySz;
    PKCS7Attrib* attribs;
    word32       attribsSz;
    const char*  outFileName;
 } pkcs7EncryptedVector;
 int pkcs7encrypted_test(void)
 {
    int ret = 0;
    int i, testSz;
    int encryptedSz, decodedSz, attribIdx;
    PKCS7 pkcs7;
    byte  encrypted[2048];
    byte  decoded[2048];
 #ifdef PKCS7_OUTPUT_TEST_BUNDLES
    FILE* pkcs7File;
 #endif
-    test_pkcs7env[0] = a;
+    PKCS7Attrib* expectedAttrib;
    PKCS7DecodedAttrib* decodedAttrib;
    const byte data[] = { /* Hello World */
        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
        0x72,0x6c,0x64
    };
    byte desKey[] = {
        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
    };
    byte des3Key[] = {
        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
        0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
        0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
    };
    byte aes128Key[] = {
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
    };
    byte aes192Key[] = {
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
    };
    byte aes256Key[] = {
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
        0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
    };
    /* Attribute example from RFC 4134, Section 7.2
     * OID = 1.2.5555
     * OCTET STRING = 'This is a test General ASN Attribute, number 1.' */
    static byte genAttrOid[] = { 0x06, 0x03, 0x2a, 0xab, 0x33 };
    static byte genAttr[] = { 0x04, 47,
                              0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
                              0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x47,
                              0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x41,
                              0x53, 0x4e, 0x20, 0x41, 0x74, 0x74, 0x72, 0x69,
                              0x62, 0x75, 0x74, 0x65, 0x2c, 0x20, 0x6e, 0x75,
                              0x6d, 0x62, 0x65, 0x72, 0x20, 0x31, 0x2e };
    static byte genAttrOid2[] = { 0x06, 0x03, 0x2a, 0xab, 0x34 };
    static byte genAttr2[] = { 0x04, 47,
                              0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
                              0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x47,
                              0x65, 0x6e, 0x65, 0x72, 0x61, 0x6c, 0x20, 0x41,
                              0x53, 0x4e, 0x20, 0x41, 0x74, 0x74, 0x72, 0x69,
                              0x62, 0x75, 0x74, 0x65, 0x2c, 0x20, 0x6e, 0x75,
                              0x6d, 0x62, 0x65, 0x72, 0x20, 0x32, 0x2e };
    PKCS7Attrib attribs[] =
    {
        { genAttrOid, sizeof(genAttrOid), genAttr, sizeof(genAttr) }
    };
    PKCS7Attrib multiAttribs[] =
    {
        { genAttrOid, sizeof(genAttrOid), genAttr, sizeof(genAttr) },
        { genAttrOid2, sizeof(genAttrOid2), genAttr2, sizeof(genAttr2) }
    };
    const pkcs7EncryptedVector testVectors[] =
    {
 #ifndef NO_DES3
        {data, (word32)sizeof(data), DATA, DES3b, des3Key, sizeof(des3Key),
         NULL, 0, "pkcs7encryptedDataDES3.der"},
        {data, (word32)sizeof(data), DATA, DESb, desKey, sizeof(desKey),
         NULL, 0, "pkcs7encryptedDataDES.der"},
 #endif /* NO_DES3 */
 #ifndef NO_AES
-    test_pkcs7env[1] = b;
+        {data, (word32)sizeof(data), DATA, AES128CBCb, aes128Key,
-    test_pkcs7env[2] = c;
+         sizeof(aes128Key), NULL, 0, "pkcs7encryptedDataAES128CBC.der"},
    test_pkcs7env[3] = d;
 #endif
-    for (i = 0; i < times; i++) {
+        {data, (word32)sizeof(data), DATA, AES192CBCb, aes192Key,
-        pkcs7.content     = (byte*)test_pkcs7env[i].content;
+         sizeof(aes192Key), NULL, 0, "pkcs7encryptedDataAES192CBC.der"},
        pkcs7.contentSz   = test_pkcs7env[i].contentSz;
        pkcs7.contentOID  = test_pkcs7env[i].contentOID;
        pkcs7.encryptOID  = test_pkcs7env[i].encryptOID;
        pkcs7.privateKey  = test_pkcs7env[i].privateKey;
        pkcs7.privateKeySz = test_pkcs7env[i].privateKeySz;
-        /* encode envelopedData */
+        {data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key,
-        envelopedSz = wc_PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
+         sizeof(aes256Key), NULL, 0, "pkcs7encryptedDataAES256CBC.der"},
-                                                sizeof(enveloped));
+
-        if (envelopedSz <= 0) {
+        /* test with optional unprotected attributes */
-            XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        {data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key,
-            XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+         sizeof(aes256Key), attribs, (sizeof(attribs)/sizeof(PKCS7Attrib)),
-            printf("envelopedSz = %d\n", envelopedSz);
+         "pkcs7encryptedDataAES256CBC_attribs.der"},
        /* test with multiple optional unprotected attributes */
        {data, (word32)sizeof(data), DATA, AES256CBCb, aes256Key,
         sizeof(aes256Key), multiAttribs,
         (sizeof(multiAttribs)/sizeof(PKCS7Attrib)),
         "pkcs7encryptedDataAES256CBC_multi_attribs.der"},
 #endif /* NO_AES */
    };
    testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector);
    for (i = 0; i < testSz; i++) {
        pkcs7.content              = (byte*)testVectors[i].content;
        pkcs7.contentSz            = testVectors[i].contentSz;
        pkcs7.contentOID           = testVectors[i].contentOID;
        pkcs7.encryptOID           = testVectors[i].encryptOID;
        pkcs7.encryptionKey        = testVectors[i].encryptionKey;
        pkcs7.encryptionKeySz      = testVectors[i].encryptionKeySz;
        pkcs7.unprotectedAttribs   = testVectors[i].attribs;
        pkcs7.unprotectedAttribsSz = testVectors[i].attribsSz;
        /* encode encryptedData */
        encryptedSz = wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
                                                   sizeof(encrypted));
        if (encryptedSz <= 0)
            return -203;
        }
-        /* decode envelopedData */
+        /* decode encryptedData */
-        decodedSz = wc_PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
+        decodedSz = wc_PKCS7_DecodeEncryptedData(&pkcs7, encrypted, encryptedSz,
-                                              decoded, sizeof(decoded));
+                                                 decoded, sizeof(decoded));
-        if (decodedSz <= 0) {
+        if (decodedSz <= 0)
            XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
            XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
            return -204;
        }
        /* test decode result */
-        if (XMEMCMP(decoded, data, sizeof(data)) != 0) {
+        if (XMEMCMP(decoded, data, sizeof(data)) != 0)
            XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
            XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
            return -205;
        /* verify decoded unprotected attributes */
        if (pkcs7.decodedAttrib != NULL) {
            decodedAttrib = pkcs7.decodedAttrib;
            attribIdx = 1;
            while (decodedAttrib != NULL) {
                /* expected attribute, stored list is reversed */
                expectedAttrib = &(pkcs7.unprotectedAttribs
                        [pkcs7.unprotectedAttribsSz - attribIdx]);
                /* verify oid */
                if (XMEMCMP(decodedAttrib->oid, expectedAttrib->oid,
                            decodedAttrib->oidSz) != 0)
                    return -206;
                /* verify value */
                if (XMEMCMP(decodedAttrib->value, expectedAttrib->value,
                            decodedAttrib->valueSz) != 0)
                    return -207;
                decodedAttrib = decodedAttrib->next;
                attribIdx++;
            }
        }
 #ifdef PKCS7_OUTPUT_TEST_BUNDLES
        /* output pkcs7 envelopedData for external testing */
-        pkcs7File = fopen(test_pkcs7env[i].outFileName, "wb");
+        pkcs7File = fopen(testVectors[i].outFileName, "wb");
-        if (!pkcs7File) {
+        if (!pkcs7File)
-            XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+            return -208;
            XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
            return -206;
        }
-        ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
+        ret = (int)fwrite(encrypted, encryptedSz, 1, pkcs7File);
        fclose(pkcs7File);
-    }
+#endif
-    XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        wc_PKCS7_Free(&pkcs7);
-    XFREE(privKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    }
    wc_PKCS7_Free(&pkcs7);
    if (ret > 0)
        return 0;
@@ -9351,6 +9665,7 @@ int pkcs7signed_test(void)
    else
        outSz = ret;
 #ifdef PKCS7_OUTPUT_TEST_BUNDLES
    /* write PKCS#7 to output file for more testing */
    file = fopen("./pkcs7signedData.der", "wb");
    if (!file) {
@@ -9369,6 +9684,7 @@ int pkcs7signed_test(void)
        wc_PKCS7_Free(&msg);
        return -218;
    }
 #endif /* PKCS7_OUTPUT_TEST_BUNDLES */
    wc_PKCS7_Free(&msg);
    wc_PKCS7_InitWithCert(&msg, NULL, 0);
@@ -9390,6 +9706,7 @@ int pkcs7signed_test(void)
        return -215;
    }
 #ifdef PKCS7_OUTPUT_TEST_BUNDLES
    file = fopen("./pkcs7cert.der", "wb");
    if (!file) {
        XFREE(certDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -9400,6 +9717,7 @@ int pkcs7signed_test(void)
    }
    ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
    fclose(file);
 #endif /* PKCS7_OUTPUT_TEST_BUNDLES */
    XFREE(certDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
    XFREE(keyDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -213,6 +213,8 @@ enum Oid_Types {
    oidCertAltNameType  = 9,
    oidCertKeyUseType   = 10,
    oidKdfType          = 11,
    oidKeyWrapType      = 12,
    oidCmsKeyAgreeType  = 13,
    oidIgnoreType
 };
@@ -245,6 +247,22 @@ enum Key_Sum {
 };
 enum KeyWrap_Sum {
    AES128_WRAP = 417,
    AES192_WRAP = 437,
    AES256_WRAP = 457
 };
 enum Key_Agree {
    dhSinglePass_stdDH_sha1kdf_scheme   = 464,
    dhSinglePass_stdDH_sha224kdf_scheme = 188,
    dhSinglePass_stdDH_sha256kdf_scheme = 189,
    dhSinglePass_stdDH_sha384kdf_scheme = 190,
    dhSinglePass_stdDH_sha512kdf_scheme = 191,
 };
 enum Ecc_Sum {
    ECC_SECP112R1_OID = 182,
    ECC_SECP112R2_OID = 183,
--- a/wolfssl/wolfcrypt/pkcs7.h
+++ b/wolfssl/wolfcrypt/pkcs7.h
@@ -78,6 +78,15 @@ typedef struct PKCS7Attrib {
 } PKCS7Attrib;
 typedef struct PKCS7DecodedAttrib {
    byte* oid;
    word32 oidSz;
    byte* value;
    word32 valueSz;
    struct PKCS7DecodedAttrib* next;
 } PKCS7DecodedAttrib;
 typedef struct PKCS7 {
    byte* content;                /* inner content, not owner             */
    word32 contentSz;             /* content size                         */
@@ -87,6 +96,8 @@ typedef struct PKCS7 {
    int hashOID;
    int encryptOID;               /* key encryption algorithm OID         */
    int keyWrapOID;               /* key wrap algorithm OID               */
    int keyAgreeOID;              /* key agreement algorithm OID          */
    void*  heap;                  /* heap hint for dynamic memory         */
    byte*  singleCert;            /* recipient cert, DER, not owner       */
@@ -96,35 +107,33 @@ typedef struct PKCS7 {
    word32 issuerSz;              /* length of issuer name                */
    byte issuerSn[MAX_SN_SZ];     /* singleCert's serial number           */
    word32 issuerSnSz;            /* length of serial number              */
    byte publicKey[512];
    word32 publicKeySz;
    word32 publicKeyOID;          /* key OID (RSAk, ECDSAk, etc) */
    byte*  privateKey;            /* private key, DER, not owner          */
    word32 privateKeySz;          /* size of private key buffer, bytes    */
    PKCS7Attrib* signedAttribs;
    word32 signedAttribsSz;
    /* Enveloped-data optional ukm, not owner */
    byte*  ukm;
    word32 ukmSz;
    /* Encrypted-data Content Type */
    byte*        encryptionKey;         /* block cipher encryption key */
    word32       encryptionKeySz;       /* size of key buffer, bytes */
    PKCS7Attrib* unprotectedAttribs;    /* optional */
    word32       unprotectedAttribsSz;
    PKCS7DecodedAttrib* decodedAttrib;  /* linked list of decoded attribs */
 } PKCS7;
 WOLFSSL_LOCAL int wc_PKCS7_SetHeap(PKCS7* pkcs7, void* heap);
 WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output);
 WOLFSSL_LOCAL int wc_GetContentType(const byte* input, word32* inOutIdx,
                                word32* oid, word32 maxIdx);
 WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
                                     int keyEncAlgo, int blockKeySz,
                                     WC_RNG* rng, byte* contentKeyPlain,
                                     byte* contentKeyEnc, int* keyEncSz,
                                     byte* out, word32 outSz, void* heap);
 WOLFSSL_LOCAL int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
                                     byte* iv, int ivSz, byte* in, int inSz,
                                     byte* out);
 WOLFSSL_LOCAL int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
                                     byte* iv, int ivSz, byte* in, int inSz,
                                     byte* out);
 WOLFSSL_API int  wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
 WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7);
-WOLFSSL_API int  wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
+WOLFSSL_API int  wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output,
                                       word32 outputSz);
 WOLFSSL_API int  wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
                                       byte* output, word32 outputSz);
 WOLFSSL_API int  wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
@@ -134,7 +143,11 @@ WOLFSSL_API int  wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
 WOLFSSL_API int  wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
                                          word32 pkiMsgSz, byte* output,
                                          word32 outputSz);
-
+WOLFSSL_API int  wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7,
                                          byte* output, word32 outputSz);
 WOLFSSL_API int  wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg,
                                          word32 pkiMsgSz, byte* output,
                                          word32 outputSz);
 #ifdef __cplusplus
    } /* extern "C" */
 #endif
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -1464,6 +1464,15 @@ static char *fgets(char *buff, int sz, FILE *fp)
    #endif
 #endif
 #ifdef HAVE_PKCS7
    #ifndef HAVE_AES_KEYWRAP
        #error PKCS7 requires AES key wrap please define HAVE_AES_KEYWRAP
    #endif
    #ifndef HAVE_X963_KDF
        #error PKCS7 requires X963 KDF please define HAVE_X963_KDF
    #endif
 #endif
 /* Place any other flags or defines here */
--- a/wolfssl/wolfcrypt/types.h
+++ b/wolfssl/wolfcrypt/types.h
@@ -338,7 +338,8 @@
        DYNAMIC_TYPE_DTLS_BUFFER  = 56,
        DYNAMIC_TYPE_SESSION_TICK = 57,
        DYNAMIC_TYPE_PKCS         = 58,
-        DYNAMIC_TYPE_MUTEX        = 59
+        DYNAMIC_TYPE_MUTEX        = 59,
        DYNAMIC_TYPE_PKCS7        = 60
 	};
 	/* max error buffer string size */