WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

conversion warning fixes

pull/8520/head
JacobBarthelmeh 2025-03-07 10:59:10 -07:00
parent 8e98a41401
commit 53fa4ffbaf
3 changed files with 72 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
tests/api.c
View File

@ -39262,8 +39262,12 @@ static int test_wc_PKCS7_DecodeEnvelopedData_stream(void)
ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE); ExpectTrue((f = XFOPEN(testStream, "rb")) != XBADFILE);
do { do {
ExpectIntGT(testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1, testStreamBufferSz = (int)XFREAD(testStreamBuffer, 1,
sizeof(testStreamBuffer), f), 0); sizeof(testStreamBuffer), f);
ExpectIntGE(testStreamBufferSz, 0);
if (testStreamBufferSz < 0) {
break;
}
ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer, ret = wc_PKCS7_DecodeEnvelopedData(pkcs7, testStreamBuffer,
testStreamBufferSz, NULL, 0); testStreamBufferSz, NULL, 0);

127
wolfcrypt/src/pkcs7.c
View File

@ -88,8 +88,8 @@ struct PKCS7State {
byte* content; byte* content;
byte* buffer; /* main internal read buffer */ byte* buffer; /* main internal read buffer */
wc_HashAlg hashAlg; wc_HashAlg hashAlg;
int hashType; enum wc_HashType hashType;
int cntIdfCnt; /* count of in-definite length in content info */ int cntIdfCnt; /* count of in-definite length in content info */
/* stack variables to store for when returning */ /* stack variables to store for when returning */
@ -5596,7 +5596,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
/* store hashType for later hashing */ /* store hashType for later hashing */
pkcs7->stream->hashType = (int)hashType; pkcs7->stream->hashType = hashType;
/* restore idx */ /* restore idx */
idx = localIdx; idx = localIdx;
@ -8448,8 +8448,8 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key,
} }
static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID, static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, word32 encryptOID,
byte* key, int keySz, byte* iv, int ivSz, int devId, void* heap) byte* key, word32 keySz, byte* iv, int ivSz, int devId, void* heap)
{ {
int ret; int ret;
#ifndef NO_AES #ifndef NO_AES
@ -8593,7 +8593,7 @@ static int wc_PKCS7_DecryptContentInit(wc_PKCS7* pkcs7, int encryptOID,
/* Only does decryption of content using encryptOID algo and already set keys /* Only does decryption of content using encryptOID algo and already set keys
* returns 0 on success */ * returns 0 on success */
static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID, static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, word32 encryptOID,
byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag,
word32 authTagSz, byte* in, int inSz, byte* out) word32 authTagSz, byte* in, int inSz, byte* out)
{ {
@ -8708,7 +8708,7 @@ static int wc_PKCS7_DecryptContentEx(wc_PKCS7* pkcs7, int encryptOID,
/* clears up struct for algo used and free's memory */ /* clears up struct for algo used and free's memory */
static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, int encryptOID, static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, word32 encryptOID,
void* heap) void* heap)
{ {
switch (encryptOID) { switch (encryptOID) {
@ -8777,14 +8777,15 @@ static void wc_PKCS7_DecryptContentFree(wc_PKCS7* pkcs7, int encryptOID,
/* decrypts the content in one shot, doing init / decrypt / free /* decrypts the content in one shot, doing init / decrypt / free
* returns 0 on success * returns 0 on success
*/ */
static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, static int wc_PKCS7_DecryptContent(wc_PKCS7* pkcs7, word32 encryptOID,
int keySz, byte* iv, int ivSz, byte* aad, word32 aadSz, byte* authTag, byte* key, word32 keySz, byte* iv, int ivSz, byte* aad, word32 aadSz,
word32 authTagSz, byte* in, int inSz, byte* out, int devId, void* heap) byte* authTag, word32 authTagSz, byte* in, int inSz, byte* out,
int devId, void* heap)
{ {
int ret; int ret;
if (pkcs7->decryptionCb != NULL) { if (pkcs7->decryptionCb != NULL) {
return pkcs7->decryptionCb(pkcs7, encryptOID, iv, ivSz, return pkcs7->decryptionCb(pkcs7, (int)encryptOID, iv, ivSz,
aad, aadSz, authTag, authTagSz, in, aad, aadSz, authTag, authTagSz, in,
inSz, out, pkcs7->decryptionCtx); inSz, out, pkcs7->decryptionCtx);
} }
@ -9139,7 +9140,7 @@ static int wc_PKCS7_PwriKek_KeyWrap(wc_PKCS7* pkcs7, const byte* kek,
static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek, static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek,
word32 kekSz, const byte* in, word32 inSz, word32 kekSz, const byte* in, word32 inSz,
byte* out, word32 outSz, const byte* iv, byte* out, word32 outSz, const byte* iv,
word32 ivSz, int algID) word32 ivSz, word32 algID)
{ {
int blockSz, cekLen, ret; int blockSz, cekLen, ret;
byte* tmpIv = NULL; byte* tmpIv = NULL;
@ -9156,7 +9157,7 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek,
return MEMORY_E; return MEMORY_E;
/* get encryption algorithm block size */ /* get encryption algorithm block size */
blockSz = wc_PKCS7_GetOIDBlockSize(algID); blockSz = wc_PKCS7_GetOIDBlockSize((int)algID);
if (blockSz <= 0) { if (blockSz <= 0) {
XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outTmp, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (blockSz < 0) if (blockSz < 0)
@ -9178,21 +9179,21 @@ static int wc_PKCS7_PwriKek_KeyUnWrap(wc_PKCS7* pkcs7, const byte* kek,
tmpIv = lastBlock - blockSz; tmpIv = lastBlock - blockSz;
/* decrypt last block */ /* decrypt last block */
ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, tmpIv, ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz, tmpIv,
blockSz, NULL, 0, NULL, 0, lastBlock, blockSz, blockSz, NULL, 0, NULL, 0, lastBlock, blockSz,
outTmp + inSz - blockSz, pkcs7->devId, pkcs7->heap); outTmp + inSz - blockSz, pkcs7->devId, pkcs7->heap);
if (ret == 0) { if (ret == 0) {
/* using last decrypted block as IV, decrypt [0 ... n-1] blocks */ /* using last decrypted block as IV, decrypt [0 ... n-1] blocks */
lastBlock = outTmp + inSz - blockSz; lastBlock = outTmp + inSz - blockSz;
ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz,
lastBlock, blockSz, NULL, 0, NULL, 0, (byte*)in, lastBlock, blockSz, NULL, 0, NULL, 0, (byte*)in,
(int)inSz - blockSz, outTmp, pkcs7->devId, pkcs7->heap); (int)inSz - blockSz, outTmp, pkcs7->devId, pkcs7->heap);
} }
if (ret == 0) { if (ret == 0) {
/* decrypt using original kek and iv */ /* decrypt using original kek and iv */
ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, (int)kekSz, ret = wc_PKCS7_DecryptContent(pkcs7, algID, (byte*)kek, kekSz,
(byte*)iv, (int)ivSz, NULL, 0, NULL, 0, outTmp, (int)inSz, (byte*)iv, (int)ivSz, NULL, 0, NULL, 0, outTmp, (int)inSz,
outTmp, pkcs7->devId, pkcs7->heap); outTmp, pkcs7->devId, pkcs7->heap);
} }
@ -11362,7 +11363,7 @@ static int wc_PKCS7_DecryptPwri(wc_PKCS7* pkcs7, byte* in, word32 inSz,
ret = wc_PKCS7_PwriKek_KeyUnWrap(pkcs7, kek, (word32)kekKeySz, ret = wc_PKCS7_PwriKek_KeyUnWrap(pkcs7, kek, (word32)kekKeySz,
pkiMsg + (*idx), (word32)length, pkiMsg + (*idx), (word32)length,
cek, cekSz, tmpIv, (word32)blockSz, cek, cekSz, tmpIv, (word32)blockSz,
(int)pwriEncAlgoId); pwriEncAlgoId);
if (ret < 0) { if (ret < 0) {
XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(salt, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(kek, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
@ -12272,7 +12273,7 @@ static int wc_PKCS7_ParseToRecipientInfoSet(wc_PKCS7* pkcs7, byte* in,
break; break;
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
pkcs7->stream->expected = length; pkcs7->stream->expected = (word32)length;
if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) {
break; break;
} }
@ -12497,7 +12498,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
} }
else { else {
/* revize expected size if known */ /* revize expected size if known */
pkcs7->stream->expected = length + ASN_TAG_SZ; pkcs7->stream->expected = (word32)length + ASN_TAG_SZ;
} }
/* Did we get enough for the expected length? */ /* Did we get enough for the expected length? */
@ -12705,7 +12706,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
if (ret == 0) { if (ret == 0) {
/* always try to get 2 extra bytes to catch indef ending */ /* always try to get 2 extra bytes to catch indef ending */
pkcs7->stream->expected = encryptedContentSz + pkcs7->stream->expected = (word32)encryptedContentSz +
(localIdx - idx) + ASN_INDEF_END_SZ; (localIdx - idx) + ASN_INDEF_END_SZ;
} }
#endif #endif
@ -12718,16 +12719,17 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
DYNAMIC_TYPE_PKCS7); DYNAMIC_TYPE_PKCS7);
} }
pkcs7->cachedEncryptedContent = (byte*)XMALLOC( pkcs7->cachedEncryptedContent = (byte*)XMALLOC(
encryptedContentSz, pkcs7->heap, (word32)encryptedContentSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7); DYNAMIC_TYPE_PKCS7);
if (pkcs7->cachedEncryptedContent == NULL) { if (pkcs7->cachedEncryptedContent == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
} }
} }
pkcs7->cachedEncryptedContentSz = encryptedContentSz; pkcs7->cachedEncryptedContentSz =
(word32)encryptedContentSz;
/* sanity check that the buffer has all of the data */ /* sanity check that the buffer has all of the data */
if (ret == 0 && (localIdx + encryptedContentSz) > if (ret == 0 && (localIdx + (word32)encryptedContentSz) >
pkiMsgSz) { pkiMsgSz) {
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
word32 ofsetIdx = localIdx - idx; word32 ofsetIdx = localIdx - idx;
@ -12745,7 +12747,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
/* Use callback for decryption still, if set */ /* Use callback for decryption still, if set */
if (ret == 0 && pkcs7->decryptionCb != NULL) { if (ret == 0 && pkcs7->decryptionCb != NULL) {
ret = pkcs7->decryptionCb(pkcs7, encOID, tmpIv, ret = pkcs7->decryptionCb(pkcs7, (int)encOID, tmpIv,
expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx], expBlockSz, NULL, 0, NULL, 0, &pkiMsg[localIdx],
encryptedContentSz, pkcs7->cachedEncryptedContent, encryptedContentSz, pkcs7->cachedEncryptedContent,
pkcs7->decryptionCtx); pkcs7->decryptionCtx);
@ -12806,19 +12808,22 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(wc_PKCS7* pkcs7, byte* in,
if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) { if (ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
/* free up in an error case if not looking for more /* free up in an error case if not looking for more
* data */ * data */
wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); wc_PKCS7_DecryptContentFree(pkcs7, encOID,
pkcs7->heap);
} }
break; break;
} }
wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap); wc_PKCS7_DecryptContentFree(pkcs7, encOID, pkcs7->heap);
} else { } else {
pkcs7->cachedEncryptedContent = XMALLOC(encryptedContentTotalSz, pkcs7->cachedEncryptedContentSz =
pkcs7->heap, DYNAMIC_TYPE_PKCS7); (word32)encryptedContentTotalSz;
pkcs7->cachedEncryptedContentSz = encryptedContentTotalSz; pkcs7->cachedEncryptedContent = (byte*)XMALLOC(
pkcs7->cachedEncryptedContentSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
/* decrypt encryptedContent */ /* decrypt encryptedContent */
ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, decryptedKey, ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey,
blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, (word32)blockKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0,
&pkiMsg[idx], encryptedContentTotalSz, &pkiMsg[idx], encryptedContentTotalSz,
pkcs7->cachedEncryptedContent, pkcs7->cachedEncryptedContent,
pkcs7->devId, pkcs7->heap); pkcs7->devId, pkcs7->heap);
@ -13487,14 +13492,14 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
int expBlockSz = 0, blockKeySz = 0; int expBlockSz = 0, blockKeySz = 0;
byte authTag[WC_AES_BLOCK_SIZE]; byte authTag[WC_AES_BLOCK_SIZE];
byte nonce[GCM_NONCE_MID_SZ]; /* GCM nonce is larger than CCM */ byte nonce[GCM_NONCE_MID_SZ]; /* GCM nonce is larger than CCM */
int nonceSz = 0, authTagSz = 0, macSz = 0; int nonceSz = 0, macSz = 0;
word32 authTagSz = 0;
byte* decryptedKey = NULL; byte* decryptedKey = NULL;
int encryptedContentSz = 0; int encryptedContentSz = 0;
int encryptedAllocSz = 0; int encryptedAllocSz = 0;
byte* encryptedContent = NULL; byte* encryptedContent = NULL;
int explicitOctet = 0; int explicitOctet = 0;
byte authAttribSetByte = 0;
byte* encodedAttribs = NULL; byte* encodedAttribs = NULL;
word32 encodedAttribIdx = 0, encodedAttribSz = 0; word32 encodedAttribIdx = 0, encodedAttribSz = 0;
byte* authAttrib = NULL; byte* authAttrib = NULL;
@ -13609,7 +13614,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
if (ret == 0) { if (ret == 0) {
if (length > (int)pkcs7->stream->expected && length > if (length > (int)pkcs7->stream->expected && length >
(int)pkiMsgSz) { (int)pkiMsgSz) {
pkcs7->stream->expected = length + 1; pkcs7->stream->expected = (word32)length + 1;
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
break; break;
@ -13895,15 +13900,16 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(wc_PKCS7* pkcs7, byte* in,
authAttribSz = length; authAttribSz = length;
{ {
int ofst; word32 ofst;
/* From RFC5083, "For the purpose of constructing the /* From RFC5083, "For the purpose of constructing the
* AAD, the IMPLICIT [1] tag in the authAttrs field is * AAD, the IMPLICIT [1] tag in the authAttrs field is
* not used for the DER encoding: rather a universal SET * not used for the DER encoding: rather a universal SET
* OF tag is used. */ * OF tag is used. */
ofst = SetSet(length, encodedAttribs); ofst = SetSet((word32)length, encodedAttribs);
XMEMCPY(encodedAttribs + ofst, authAttrib, authAttribSz); XMEMCPY(encodedAttribs + ofst, authAttrib,
(word32)authAttribSz);
} }
/* ignoring the size returned, we know it is /* ignoring the size returned, we know it is
@ -13955,17 +13961,19 @@ authenv_atrbend:
} }
localIdx++; /* move past ASN_OCTET_STRING */ localIdx++; /* move past ASN_OCTET_STRING */
if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &authTagSz, if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
pkiMsgSz, 0) < 0) { pkiMsgSz, 0) < 0) {
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
authTagSz = (word32)length;
#ifndef NO_PKCS7_STREAM #ifndef NO_PKCS7_STREAM
/* there might not be enough data for the auth tag too */ /* there might not be enough data for the auth tag too */
if (ret == 0) { if (ret == 0) {
if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected && if ((authTagSz + (localIdx - idx)) > pkcs7->stream->expected &&
(authTagSz + (localIdx - idx)) > pkiMsgSz) { (authTagSz + (localIdx - idx)) > pkiMsgSz) {
pkcs7->stream->expected = authTagSz + (localIdx - idx); pkcs7->stream->expected = authTagSz +
(localIdx - idx);
if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz,
pkcs7->stream->expected, &pkiMsg, &idx)) != 0) { pkcs7->stream->expected, &pkiMsg, &idx)) != 0) {
return ret; return ret;
@ -13975,22 +13983,14 @@ authenv_atrbend:
#endif #endif
idx = localIdx; idx = localIdx;
if (ret == 0 && authTagSz > (int)sizeof(authTag)) { if (ret == 0 && authTagSz > (word32)sizeof(authTag)) {
WOLFSSL_MSG("AuthEnvelopedData authTag too large for buffer"); WOLFSSL_MSG("AuthEnvelopedData authTag too large for buffer");
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
if (ret == 0) { if (ret == 0) {
XMEMCPY(authTag, &pkiMsg[idx], (word32)authTagSz); XMEMCPY(authTag, &pkiMsg[idx], authTagSz);
idx += (word32)authTagSz; idx += authTagSz;
}
if (ret == 0 && authAttrib != NULL) {
/* temporarily swap authAttribs byte[0] to SET OF instead of
* IMPLICIT [1], for aad calculation */
authAttribSetByte = encodedAttribs[0];
encodedAttribs[0] = ASN_SET | ASN_CONSTRUCTED;
} }
if (ret < 0) if (ret < 0)
@ -14006,15 +14006,15 @@ authenv_atrbend:
/* store tag for later */ /* store tag for later */
if (authTagSz > 0) { if (authTagSz > 0) {
pkcs7->stream->tagSz = (word32)authTagSz; pkcs7->stream->tagSz = authTagSz;
pkcs7->stream->tag = (byte*)XMALLOC((word32)authTagSz, pkcs7->stream->tag = (byte*)XMALLOC(authTagSz,
pkcs7->heap, DYNAMIC_TYPE_PKCS7); pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (pkcs7->stream->tag == NULL) { if (pkcs7->stream->tag == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
break; break;
} }
else { else {
XMEMCPY(pkcs7->stream->tag, authTag, (word32)authTagSz); XMEMCPY(pkcs7->stream->tag, authTag, authTagSz);
} }
} }
@ -14043,14 +14043,14 @@ authenv_atrbend:
} }
if (pkcs7->stream->tagSz > 0) { if (pkcs7->stream->tagSz > 0) {
authTagSz = (int)pkcs7->stream->tagSz; authTagSz = pkcs7->stream->tagSz;
if (authTagSz > WC_AES_BLOCK_SIZE) { if (authTagSz > WC_AES_BLOCK_SIZE) {
WOLFSSL_MSG("PKCS7 saved tag is too large"); WOLFSSL_MSG("PKCS7 saved tag is too large");
ret = BUFFER_E; ret = BUFFER_E;
break; break;
} }
else { else {
XMEMCPY(authTag, pkcs7->stream->tag, (word32)authTagSz); XMEMCPY(authTag, pkcs7->stream->tag, authTagSz);
} }
} }
@ -14066,21 +14066,16 @@ authenv_atrbend:
#endif #endif
/* decrypt encryptedContent */ /* decrypt encryptedContent */
ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, decryptedKey, ret = wc_PKCS7_DecryptContent(pkcs7, encOID, decryptedKey,
blockKeySz, nonce, nonceSz, encodedAttribs, encodedAttribSz, (word32)blockKeySz, nonce, nonceSz, encodedAttribs,
authTag, (word32)authTagSz, encryptedContent, encodedAttribSz, authTag, authTagSz,
encryptedContentSz, encryptedContent, pkcs7->devId, encryptedContent, encryptedContentSz, encryptedContent,
pkcs7->heap); pkcs7->devId, pkcs7->heap);
if (ret != 0) { if (ret != 0) {
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
return ret; return ret;
} }
if (authAttrib != NULL) {
/* restore authAttrib IMPLICIT [1] */
encodedAttribs[0] = authAttribSetByte;
}
if (encodedAttribs != NULL) { if (encodedAttribs != NULL) {
XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(encodedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
encodedAttribs = NULL; encodedAttribs = NULL;
@ -14753,8 +14748,8 @@ int wc_PKCS7_DecodeEncryptedData(wc_PKCS7* pkcs7, byte* in, word32 inSz,
idx += (word32)encryptedContentSz; idx += (word32)encryptedContentSz;
/* decrypt encryptedContent */ /* decrypt encryptedContent */
ret = wc_PKCS7_DecryptContent(pkcs7, (int)encOID, ret = wc_PKCS7_DecryptContent(pkcs7, encOID,
pkcs7->encryptionKey, (int)pkcs7->encryptionKeySz, pkcs7->encryptionKey, pkcs7->encryptionKeySz,
tmpIv, expBlockSz, NULL, 0, NULL, 0, tmpIv, expBlockSz, NULL, 0, NULL, 0,
encryptedContent, encryptedContentSz, encryptedContent, encryptedContentSz,
encryptedContent, pkcs7->devId, pkcs7->heap); encryptedContent, pkcs7->devId, pkcs7->heap);

8
wolfcrypt/test/test.c
View File

@ -53186,7 +53186,8 @@ static wc_test_ret_t verifyBundle(byte* derBuf, word32 derSz, int keyHint)
#endif /* !NO_SHA */ #endif /* !NO_SHA */
}; };
decoded = (byte *)XMALLOC(decodedSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); decoded = (byte *)XMALLOC((word32)decodedSz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
if (decoded == NULL) { if (decoded == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
goto out; goto out;
@ -53344,7 +53345,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void)
{ {
wc_test_ret_t ret = 0; wc_test_ret_t ret = 0;
int i, testSz; int i, testSz;
int encryptedSz, decodedSz, attribIdx; int encryptedSz, decodedSz;
word32 attribIdx;
wc_PKCS7* pkcs7; wc_PKCS7* pkcs7;
byte *encrypted; byte *encrypted;
byte *decoded; byte *decoded;
@ -54712,7 +54714,7 @@ static wc_test_ret_t pkcs7signed_run_SingleShotVectors(
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
/* compare decrypted to expected */ /* compare decrypted to expected */
if (((word32)ret != testVectors[i].contentSz) || if (((word32)ret != testVectors[i].contentSz) ||
XMEMCMP(out, testVectors[i].content, ret)) XMEMCMP(out, testVectors[i].content, (word32)ret))
ERROR_OUT(WC_TEST_RET_ENC_NC, out); ERROR_OUT(WC_TEST_RET_ENC_NC, out);
} }
#endif #endif