*cipher = lcipher;
return YACA_ERROR_NONE;
}
+static int check_key_bit_length_for_algo(yaca_encrypt_algorithm_e algo, size_t key_bit_len)
+{
+ assert(key_bit_len % 8 == 0);
+ int ret = YACA_ERROR_NONE;
+
+ switch (algo) {
+ case YACA_ENCRYPT_AES:
+ if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT &&
+ key_bit_len != YACA_KEY_LENGTH_192BIT &&
+ key_bit_len != YACA_KEY_LENGTH_256BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ case YACA_ENCRYPT_UNSAFE_DES:
+ if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_64BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ case YACA_ENCRYPT_UNSAFE_3DES_2TDEA:
+ if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ case YACA_ENCRYPT_3DES_3TDEA:
+ if (key_bit_len != YACA_KEY_LENGTH_192BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ case YACA_ENCRYPT_UNSAFE_RC2:
+ if (key_bit_len < YACA_KEY_LENGTH_UNSAFE_8BIT || key_bit_len > YACA_KEY_LENGTH_1024BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ case YACA_ENCRYPT_UNSAFE_RC4:
+ if (key_bit_len < YACA_KEY_LENGTH_UNSAFE_40BIT || key_bit_len > YACA_KEY_LENGTH_2048BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ case YACA_ENCRYPT_CAST5:
+ if (key_bit_len < YACA_KEY_LENGTH_UNSAFE_40BIT || key_bit_len > YACA_KEY_LENGTH_UNSAFE_128BIT)
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ default:
+ ret = YACA_ERROR_INVALID_PARAMETER;
+ break;
+ }
+
+ return ret;
+}
int encrypt_initialize(yaca_context_h *ctx,
const EVP_CIPHER *cipher,
const EVP_CIPHER *cipher;
int ret;
- if(iv_bit_len == NULL)
+ if (iv_bit_len == NULL)
return YACA_ERROR_INVALID_PARAMETER;
ret = encrypt_get_algorithm(algo, bcm, key_bit_len, &cipher);
const yaca_key_h sym_key,
const yaca_key_h iv)
{
+ int ret;
const EVP_CIPHER *cipher;
struct yaca_key_simple_s *key = key_get_simple(sym_key);
if (key == NULL)
return YACA_ERROR_INVALID_PARAMETER;
- int ret = encrypt_get_algorithm(algo, bcm, key->bit_len, &cipher);
+ ret = check_key_bit_length_for_algo(algo, key->bit_len);
+ if (ret != YACA_ERROR_NONE)
+ return ret;
+
+ ret = encrypt_get_algorithm(algo, bcm, key->bit_len, &cipher);
if (ret != YACA_ERROR_NONE)
return ret;
const yaca_key_h sym_key,
const yaca_key_h iv)
{
+ int ret;
const EVP_CIPHER *cipher;
struct yaca_key_simple_s *key = key_get_simple(sym_key);
if (key == NULL)
return YACA_ERROR_INVALID_PARAMETER;
- int ret = encrypt_get_algorithm(algo, bcm, key->bit_len, &cipher);
+ ret = check_key_bit_length_for_algo(algo, key->bit_len);
+ if (ret != YACA_ERROR_NONE)
+ return ret;
+
+ ret = encrypt_get_algorithm(algo, bcm, key->bit_len, &cipher);
if (ret != YACA_ERROR_NONE)
return ret;
projects / platform / core / security / yaca.git / commitdiff