source: azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfcrypt/src/wc_encrypt.c@ 464

Last change on this file since 464 was 464, checked in by coas-nagasima, 3 years ago

WolfSSLとAzure IoT SDKを更新
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc;charset=UTF-8
File size: 18.6 KB
Line 
1/* wc_encrypt.c
2 *
3 * Copyright (C) 2006-2020 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22
23#ifdef HAVE_CONFIG_H
24 #include <config.h>
25#endif
26
27#include <wolfssl/wolfcrypt/settings.h>
28#include <wolfssl/wolfcrypt/aes.h>
29#include <wolfssl/wolfcrypt/des3.h>
30#include <wolfssl/wolfcrypt/hash.h>
31#include <wolfssl/wolfcrypt/rc2.h>
32#include <wolfssl/wolfcrypt/arc4.h>
33#include <wolfssl/wolfcrypt/wc_encrypt.h>
34#include <wolfssl/wolfcrypt/error-crypt.h>
35#include <wolfssl/wolfcrypt/asn.h>
36#include <wolfssl/wolfcrypt/coding.h>
37#include <wolfssl/wolfcrypt/pwdbased.h>
38#include <wolfssl/wolfcrypt/logging.h>
39
40#ifdef NO_INLINE
41 #include <wolfssl/wolfcrypt/misc.h>
42#else
43 #define WOLFSSL_MISC_INCLUDED
44 #include <wolfcrypt/src/misc.c>
45#endif
46
47#if !defined(NO_AES) && defined(HAVE_AES_CBC)
48#ifdef HAVE_AES_DECRYPT
49int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
50 const byte* key, word32 keySz, const byte* iv)
51{
52 int ret = 0;
53#ifdef WOLFSSL_SMALL_STACK
54 Aes* aes = NULL;
55#else
56 Aes aes[1];
57#endif
58
59 if (out == NULL || in == NULL || key == NULL || iv == NULL) {
60 return BAD_FUNC_ARG;
61 }
62
63#ifdef WOLFSSL_SMALL_STACK
64 aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
65 if (aes == NULL)
66 return MEMORY_E;
67#endif
68
69 ret = wc_AesInit(aes, NULL, INVALID_DEVID);
70 if (ret == 0) {
71 ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION);
72 if (ret == 0)
73 ret = wc_AesCbcDecrypt(aes, out, in, inSz);
74
75 wc_AesFree(aes);
76 }
77
78#ifdef WOLFSSL_SMALL_STACK
79 XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
80#endif
81
82 return ret;
83}
84#endif /* HAVE_AES_DECRYPT */
85
86int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
87 const byte* key, word32 keySz, const byte* iv)
88{
89 int ret = 0;
90#ifdef WOLFSSL_SMALL_STACK
91 Aes* aes;
92#else
93 Aes aes[1];
94#endif
95
96#ifdef WOLFSSL_SMALL_STACK
97 aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
98 if (aes == NULL)
99 return MEMORY_E;
100#endif
101
102 ret = wc_AesInit(aes, NULL, INVALID_DEVID);
103 if (ret == 0) {
104 ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
105 if (ret == 0)
106 ret = wc_AesCbcEncrypt(aes, out, in, inSz);
107
108 wc_AesFree(aes);
109 }
110
111#ifdef WOLFSSL_SMALL_STACK
112 XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
113#endif
114
115 return ret;
116}
117#endif /* !NO_AES && HAVE_AES_CBC */
118
119
120#if !defined(NO_DES3) && !defined(WOLFSSL_TI_CRYPT)
121int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
122 const byte* key, const byte* iv)
123{
124 int ret = 0;
125#ifdef WOLFSSL_SMALL_STACK
126 Des* des;
127#else
128 Des des[1];
129#endif
130
131#ifdef WOLFSSL_SMALL_STACK
132 des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
133 if (des == NULL)
134 return MEMORY_E;
135#endif
136
137 ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION);
138 if (ret == 0)
139 ret = wc_Des_CbcEncrypt(des, out, in, sz);
140
141#ifdef WOLFSSL_SMALL_STACK
142 XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
143#endif
144
145 return ret;
146}
147
148int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
149 const byte* key, const byte* iv)
150{
151 int ret = 0;
152#ifdef WOLFSSL_SMALL_STACK
153 Des* des;
154#else
155 Des des[1];
156#endif
157
158#ifdef WOLFSSL_SMALL_STACK
159 des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
160 if (des == NULL)
161 return MEMORY_E;
162#endif
163
164 ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
165 if (ret == 0)
166 ret = wc_Des_CbcDecrypt(des, out, in, sz);
167
168#ifdef WOLFSSL_SMALL_STACK
169 XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
170#endif
171
172 return ret;
173}
174
175
176int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
177 const byte* key, const byte* iv)
178{
179 int ret = 0;
180#ifdef WOLFSSL_SMALL_STACK
181 Des3* des3;
182#else
183 Des3 des3[1];
184#endif
185
186#ifdef WOLFSSL_SMALL_STACK
187 des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
188 if (des3 == NULL)
189 return MEMORY_E;
190#endif
191
192 ret = wc_Des3Init(des3, NULL, INVALID_DEVID);
193 if (ret == 0) {
194 ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION);
195 if (ret == 0)
196 ret = wc_Des3_CbcEncrypt(des3, out, in, sz);
197 wc_Des3Free(des3);
198 }
199
200#ifdef WOLFSSL_SMALL_STACK
201 XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
202#endif
203
204 return ret;
205}
206
207
208int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
209 const byte* key, const byte* iv)
210{
211 int ret = 0;
212#ifdef WOLFSSL_SMALL_STACK
213 Des3* des3;
214#else
215 Des3 des3[1];
216#endif
217
218#ifdef WOLFSSL_SMALL_STACK
219 des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
220 if (des3 == NULL)
221 return MEMORY_E;
222#endif
223
224 ret = wc_Des3Init(des3, NULL, INVALID_DEVID);
225 if (ret == 0) {
226 ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
227 if (ret == 0)
228 ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
229 wc_Des3Free(des3);
230 }
231
232#ifdef WOLFSSL_SMALL_STACK
233 XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
234#endif
235
236 return ret;
237}
238
239#endif /* !NO_DES3 */
240
241
242#if !defined(NO_ASN) && defined(WOLFSSL_ENCRYPTED_KEYS)
243
244int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz,
245 const byte* password, int passwordSz, int hashType)
246{
247 int ret = NOT_COMPILED_IN;
248#ifdef WOLFSSL_SMALL_STACK
249 byte* key = NULL;
250#else
251 byte key[WC_MAX_SYM_KEY_SIZE];
252#endif
253
254 (void)derSz;
255 (void)passwordSz;
256 (void)hashType;
257
258 if (der == NULL || password == NULL || info == NULL || info->keySz == 0) {
259 return BAD_FUNC_ARG;
260 }
261
262 /* use file's salt for key derivation, hex decode first */
263 if (Base16_Decode(info->iv, info->ivSz, info->iv, &info->ivSz) != 0) {
264 return BUFFER_E;
265 }
266 if (info->ivSz < PKCS5_SALT_SZ)
267 return BUFFER_E;
268
269#ifdef WOLFSSL_SMALL_STACK
270 key = (byte*)XMALLOC(WC_MAX_SYM_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY);
271 if (key == NULL) {
272 return MEMORY_E;
273 }
274#endif
275
276 (void)XMEMSET(key, 0, WC_MAX_SYM_KEY_SIZE);
277
278#ifndef NO_PWDBASED
279 if ((ret = wc_PBKDF1(key, password, passwordSz, info->iv, PKCS5_SALT_SZ, 1,
280 info->keySz, hashType)) != 0) {
281#ifdef WOLFSSL_SMALL_STACK
282 XFREE(key, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY);
283#endif
284 return ret;
285 }
286#endif
287
288#ifndef NO_DES3
289 if (info->cipherType == WC_CIPHER_DES)
290 ret = wc_Des_CbcDecryptWithKey(der, der, derSz, key, info->iv);
291 if (info->cipherType == WC_CIPHER_DES3)
292 ret = wc_Des3_CbcDecryptWithKey(der, der, derSz, key, info->iv);
293#endif /* NO_DES3 */
294#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)
295 if (info->cipherType == WC_CIPHER_AES_CBC)
296 ret = wc_AesCbcDecryptWithKey(der, der, derSz, key, info->keySz,
297 info->iv);
298#endif /* !NO_AES && HAVE_AES_CBC && HAVE_AES_DECRYPT */
299
300#ifdef WOLFSSL_SMALL_STACK
301 XFREE(key, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY);
302#endif
303
304 return ret;
305}
306
307int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz,
308 const byte* password, int passwordSz, int hashType)
309{
310 int ret = NOT_COMPILED_IN;
311#ifdef WOLFSSL_SMALL_STACK
312 byte* key = NULL;
313#else
314 byte key[WC_MAX_SYM_KEY_SIZE];
315#endif
316
317 (void)derSz;
318 (void)passwordSz;
319 (void)hashType;
320
321 if (der == NULL || password == NULL || info == NULL || info->keySz == 0 ||
322 info->ivSz < PKCS5_SALT_SZ) {
323 return BAD_FUNC_ARG;
324 }
325
326#ifdef WOLFSSL_SMALL_STACK
327 key = (byte*)XMALLOC(WC_MAX_SYM_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY);
328 if (key == NULL) {
329 return MEMORY_E;
330 }
331#endif /* WOLFSSL_SMALL_STACK */
332
333 (void)XMEMSET(key, 0, WC_MAX_SYM_KEY_SIZE);
334
335#ifndef NO_PWDBASED
336 if ((ret = wc_PBKDF1(key, password, passwordSz, info->iv, PKCS5_SALT_SZ, 1,
337 info->keySz, hashType)) != 0) {
338#ifdef WOLFSSL_SMALL_STACK
339 XFREE(key, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY);
340#endif
341 return ret;
342 }
343#endif
344
345#ifndef NO_DES3
346 if (info->cipherType == WC_CIPHER_DES)
347 ret = wc_Des_CbcEncryptWithKey(der, der, derSz, key, info->iv);
348 if (info->cipherType == WC_CIPHER_DES3)
349 ret = wc_Des3_CbcEncryptWithKey(der, der, derSz, key, info->iv);
350#endif /* NO_DES3 */
351#if !defined(NO_AES) && defined(HAVE_AES_CBC)
352 if (info->cipherType == WC_CIPHER_AES_CBC)
353 ret = wc_AesCbcEncryptWithKey(der, der, derSz, key, info->keySz,
354 info->iv);
355#endif /* !NO_AES && HAVE_AES_CBC */
356
357#ifdef WOLFSSL_SMALL_STACK
358 XFREE(key, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY);
359#endif
360
361 return ret;
362}
363
364#endif /* !NO_ASN && WOLFSSL_ENCRYPTED_KEYS */
365
366
367#if !defined(NO_PWDBASED) && !defined(NO_ASN)
368
369#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
370/* Decrypt/Encrypt input in place from parameters based on id
371 *
372 * returns a negative value on fail case
373 */
374int wc_CryptKey(const char* password, int passwordSz, byte* salt,
375 int saltSz, int iterations, int id, byte* input,
376 int length, int version, byte* cbcIv, int enc, int shaOid)
377{
378 int typeH = WC_HASH_TYPE_NONE;
379 int derivedLen = 0;
380 int ret = 0;
381#ifdef WOLFSSL_SMALL_STACK
382 byte* key;
383#else
384 byte key[MAX_KEY_SIZE];
385#endif
386
387 (void)input;
388 (void)length;
389 (void)enc;
390
391 WOLFSSL_ENTER("wc_CryptKey");
392
393 switch (id) {
394 #ifndef NO_DES3
395 #ifndef NO_MD5
396 case PBE_MD5_DES:
397 typeH = WC_MD5;
398 derivedLen = 16; /* may need iv for v1.5 */
399 break;
400 #endif
401 #ifndef NO_SHA
402 case PBE_SHA1_DES:
403 typeH = WC_SHA;
404 derivedLen = 16; /* may need iv for v1.5 */
405 break;
406
407 case PBE_SHA1_DES3:
408 switch(shaOid) {
409 case HMAC_SHA256_OID:
410 typeH = WC_SHA256;
411 derivedLen = 32;
412 break;
413 default:
414 typeH = WC_SHA;
415 derivedLen = 32; /* may need iv for v1.5 */
416 break;
417 }
418 break;
419 #endif /* !NO_SHA */
420 #endif /* !NO_DES3 */
421 #if !defined(NO_SHA) && !defined(NO_RC4)
422 case PBE_SHA1_RC4_128:
423 typeH = WC_SHA;
424 derivedLen = 16;
425 break;
426 #endif
427 #if defined(WOLFSSL_AES_256)
428 case PBE_AES256_CBC:
429 switch(shaOid) {
430 case HMAC_SHA256_OID:
431 typeH = WC_SHA256;
432 derivedLen = 32;
433 break;
434 #ifndef NO_SHA
435 default:
436 typeH = WC_SHA;
437 derivedLen = 32;
438 break;
439 #endif
440 }
441 break;
442 #endif /* WOLFSSL_AES_256 && !NO_SHA */
443 #if defined(WOLFSSL_AES_128)
444 case PBE_AES128_CBC:
445 switch(shaOid) {
446 case HMAC_SHA256_OID:
447 typeH = WC_SHA256;
448 derivedLen = 16;
449 break;
450 #ifndef NO_SHA
451 default:
452 typeH = WC_SHA;
453 derivedLen = 16;
454 break;
455 #endif
456 }
457 break;
458 #endif /* WOLFSSL_AES_128 && !NO_SHA */
459 #ifdef WC_RC2
460 case PBE_SHA1_40RC2_CBC:
461 typeH = WC_SHA;
462 derivedLen = 5;
463 break;
464 #endif
465 default:
466 WOLFSSL_MSG("Unknown/Unsupported encrypt/decrypt id");
467 (void)shaOid;
468 return ALGO_ID_E;
469 }
470
471#ifdef WOLFSSL_SMALL_STACK
472 key = (byte*)XMALLOC(MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
473 if (key == NULL)
474 return MEMORY_E;
475#endif
476
477 if (version == PKCS5v2)
478 ret = wc_PBKDF2(key, (byte*)password, passwordSz,
479 salt, saltSz, iterations, derivedLen, typeH);
480#ifndef NO_SHA
481 else if (version == PKCS5)
482 ret = wc_PBKDF1(key, (byte*)password, passwordSz,
483 salt, saltSz, iterations, derivedLen, typeH);
484#endif
485#ifdef HAVE_PKCS12
486 else if (version == PKCS12v1) {
487 int i, idx = 0;
488 byte unicodePasswd[MAX_UNICODE_SZ];
489
490 if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
491#ifdef WOLFSSL_SMALL_STACK
492 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
493#endif
494 return UNICODE_SIZE_E;
495 }
496
497 for (i = 0; i < passwordSz; i++) {
498 unicodePasswd[idx++] = 0x00;
499 unicodePasswd[idx++] = (byte)password[i];
500 }
501 /* add trailing NULL */
502 unicodePasswd[idx++] = 0x00;
503 unicodePasswd[idx++] = 0x00;
504
505 ret = wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
506 iterations, derivedLen, typeH, 1);
507 if (id != PBE_SHA1_RC4_128)
508 ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
509 iterations, 8, typeH, 2);
510 }
511#endif /* HAVE_PKCS12 */
512 else {
513#ifdef WOLFSSL_SMALL_STACK
514 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
515#endif
516 WOLFSSL_MSG("Unknown/Unsupported PKCS version");
517 return ALGO_ID_E;
518 }
519
520 if (ret != 0) {
521#ifdef WOLFSSL_SMALL_STACK
522 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
523#endif
524 return ret;
525 }
526
527 switch (id) {
528#ifndef NO_DES3
529 #if !defined(NO_SHA) || !defined(NO_MD5)
530 case PBE_MD5_DES:
531 case PBE_SHA1_DES:
532 {
533 Des des;
534 byte* desIv = key + 8;
535
536 if (version == PKCS5v2 || version == PKCS12v1)
537 desIv = cbcIv;
538
539 if (enc) {
540 ret = wc_Des_SetKey(&des, key, desIv, DES_ENCRYPTION);
541 }
542 else {
543 ret = wc_Des_SetKey(&des, key, desIv, DES_DECRYPTION);
544 }
545 if (ret != 0) {
546#ifdef WOLFSSL_SMALL_STACK
547 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
548#endif
549 return ret;
550 }
551
552 if (enc) {
553 wc_Des_CbcEncrypt(&des, input, input, length);
554 }
555 else {
556 wc_Des_CbcDecrypt(&des, input, input, length);
557 }
558 break;
559 }
560 #endif /* !NO_SHA || !NO_MD5 */
561
562 #ifndef NO_SHA
563 case PBE_SHA1_DES3:
564 {
565 Des3 des;
566 byte* desIv = key + 24;
567
568 if (version == PKCS5v2 || version == PKCS12v1)
569 desIv = cbcIv;
570
571 ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
572 if (ret != 0) {
573#ifdef WOLFSSL_SMALL_STACK
574 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
575#endif
576 return ret;
577 }
578 if (enc) {
579 ret = wc_Des3_SetKey(&des, key, desIv, DES_ENCRYPTION);
580 }
581 else {
582 ret = wc_Des3_SetKey(&des, key, desIv, DES_DECRYPTION);
583 }
584 if (ret != 0) {
585#ifdef WOLFSSL_SMALL_STACK
586 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
587#endif
588 return ret;
589 }
590 if (enc) {
591 ret = wc_Des3_CbcEncrypt(&des, input, input, length);
592 }
593 else {
594 ret = wc_Des3_CbcDecrypt(&des, input, input, length);
595 }
596 if (ret != 0) {
597#ifdef WOLFSSL_SMALL_STACK
598 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
599#endif
600 return ret;
601 }
602 break;
603 }
604 #endif /* !NO_SHA */
605#endif
606#if !defined(NO_RC4) && !defined(NO_SHA)
607 case PBE_SHA1_RC4_128:
608 {
609 Arc4 dec;
610
611 wc_Arc4SetKey(&dec, key, derivedLen);
612 wc_Arc4Process(&dec, input, input, length);
613 break;
614 }
615#endif
616#if !defined(NO_AES) && defined(HAVE_AES_CBC)
617 #ifdef WOLFSSL_AES_256
618 case PBE_AES256_CBC:
619 case PBE_AES128_CBC:
620 {
621#ifdef WOLFSSL_SMALL_STACK
622 Aes *aes;
623 aes = (Aes *)XMALLOC(sizeof *aes, NULL, DYNAMIC_TYPE_AES);
624 if (aes == NULL)
625 return MEMORY_E;
626#else
627 Aes aes[1];
628#endif
629 ret = wc_AesInit(aes, NULL, INVALID_DEVID);
630 if (ret == 0) {
631 if (enc) {
632 ret = wc_AesSetKey(aes, key, derivedLen, cbcIv,
633 AES_ENCRYPTION);
634 }
635 else {
636 ret = wc_AesSetKey(aes, key, derivedLen, cbcIv,
637 AES_DECRYPTION);
638 }
639 }
640 if (ret == 0) {
641 if (enc)
642 ret = wc_AesCbcEncrypt(aes, input, input, length);
643 else
644 ret = wc_AesCbcDecrypt(aes, input, input, length);
645 }
646 ForceZero(aes, sizeof(Aes));
647#ifdef WOLFSSL_SMALL_STACK
648 XFREE(aes, NULL, DYNAMIC_TYPE_AES);
649#endif
650 if (ret != 0) {
651#ifdef WOLFSSL_SMALL_STACK
652 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
653#endif
654 return ret;
655 }
656 break;
657 }
658 #endif /* WOLFSSL_AES_256 */
659#endif /* !NO_AES && HAVE_AES_CBC */
660#ifdef WC_RC2
661 case PBE_SHA1_40RC2_CBC:
662 {
663 Rc2 rc2;
664 /* effective key size for RC2-40-CBC is 40 bits */
665 ret = wc_Rc2SetKey(&rc2, key, derivedLen, cbcIv, 40);
666 if (ret == 0) {
667 if (enc)
668 ret = wc_Rc2CbcEncrypt(&rc2, input, input, length);
669 else
670 ret = wc_Rc2CbcDecrypt(&rc2, input, input, length);
671 }
672 if (ret != 0) {
673#ifdef WOLFSSL_SMALL_STACK
674 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
675#endif
676 return ret;
677 }
678 ForceZero(&rc2, sizeof(Rc2));
679 break;
680 }
681#endif
682
683 default:
684#ifdef WOLFSSL_SMALL_STACK
685 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
686#endif
687 WOLFSSL_MSG("Unknown/Unsupported encrypt/decryption algorithm");
688 return ALGO_ID_E;
689 }
690
691#ifdef WOLFSSL_SMALL_STACK
692 XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
693#endif
694
695 return ret;
696}
697
698#endif /* HAVE_PKCS8 || HAVE_PKCS12 */
699#endif /* !NO_PWDBASED */
Note: See TracBrowser for help on using the repository browser.