Fix: seal/open sym_key_bit_len must be dividable by 8

Fix documentation.

Change-Id: I8a4ad8bb9bcd91f17c8318cb5a0db744cbed1c34

diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h
index 982855c90e0b164e0acd048091b24ee9f54cc73b..380e55d220e5e12c8f308ad0cc3ac880c5b35883 100755 (executable)
--- a/api/yaca/yaca_seal.h
+++ b/api/yaca/yaca_seal.h
@@ -49,6 +49,8 @@ extern "C" {
  *
  * @remarks  The @a ctx should be released using yaca_context_destroy()
  *
+ * @remarks  The @a pub_key must be #YACA_KEY_TYPE_RSA_PUB
+ *
  * @remarks  The @a sym_key should be released using yaca_key_destroy()
  *
  * @remarks  The @a iv should be released using yaca_key_destroy()
@@ -152,6 +154,8 @@ int yaca_seal_finalize(yaca_context_h ctx,
  *
  * @remarks  The @a ctx should be released using yaca_context_destroy()
  *
+ * @remarks  The @a prv_key must be #YACA_KEY_TYPE_RSA_PRIV
+ *
  * @param[out] ctx              Newly created context
  * @param[in]  prv_key          Private key, part of the pair that was used for the encryption
  * @param[in]  algo             Symmetric algorithm that was used for the encryption

diff --git a/src/seal.c b/src/seal.c
index 504470f3dede687800d192b70b5ff4a5754020e2..7707e6af4ae6f2a9dce6f96fb0b44d4c70428db0 100644 (file)
--- a/src/seal.c
+++ b/src/seal.c
@@ -149,8 +149,8 @@ API int yaca_seal_initialize(yaca_context_h *ctx,
                              const yaca_key_h pub_key,
                              yaca_encrypt_algorithm_e algo,
                              yaca_block_cipher_mode_e bcm,
-                             size_t bit_len,
-                             yaca_key_h *enc_sym_key,
+                             size_t sym_key_bit_len,
+                             yaca_key_h *sym_key,
                              yaca_key_h *iv)
 {
        int ret;
@@ -160,10 +160,10 @@ API int yaca_seal_initialize(yaca_context_h *ctx,
        yaca_key_h lenc_sym_key = YACA_KEY_NULL;
 
        if (pub_key == YACA_KEY_NULL || pub_key->type != YACA_KEY_TYPE_RSA_PUB ||
-           enc_sym_key == NULL || bcm == YACA_BCM_WRAP)
+           sym_key == NULL || bcm == YACA_BCM_WRAP || sym_key_bit_len % 8 != 0)
                return YACA_ERROR_INVALID_PARAMETER;
 
-       ret = encrypt_get_algorithm(algo, bcm, bit_len, &cipher);
+       ret = encrypt_get_algorithm(algo, bcm, sym_key_bit_len, &cipher);
        if (ret != YACA_ERROR_NONE)
                goto exit;
 
@@ -189,7 +189,7 @@ API int yaca_seal_initialize(yaca_context_h *ctx,
        if (ret != YACA_ERROR_NONE)
                goto exit;
 
-       *enc_sym_key = lenc_sym_key;
+       *sym_key = lenc_sym_key;
        lenc_sym_key = YACA_KEY_NULL;
        *iv = liv;
        liv = YACA_KEY_NULL;
@@ -224,8 +224,8 @@ API int yaca_open_initialize(yaca_context_h *ctx,
                              const yaca_key_h prv_key,
                              yaca_encrypt_algorithm_e algo,
                              yaca_block_cipher_mode_e bcm,
-                             size_t bit_len,
-                             const yaca_key_h enc_sym_key,
+                             size_t sym_key_bit_len,
+                             const yaca_key_h sym_key,
                              const yaca_key_h iv)
 {
        int ret;
@@ -233,15 +233,15 @@ API int yaca_open_initialize(yaca_context_h *ctx,
        yaca_key_h lsym_key = YACA_KEY_NULL;
 
        if (prv_key == YACA_KEY_NULL || prv_key->type != YACA_KEY_TYPE_RSA_PRIV ||
-           enc_sym_key == YACA_KEY_NULL || bcm == YACA_BCM_WRAP)
+           sym_key == YACA_KEY_NULL || bcm == YACA_BCM_WRAP || sym_key_bit_len % 8 != 0)
                return YACA_ERROR_INVALID_PARAMETER;
 
-       ret = encrypt_get_algorithm(algo, bcm, bit_len, &cipher);
+       ret = encrypt_get_algorithm(algo, bcm, sym_key_bit_len, &cipher);
        if (ret != YACA_ERROR_NONE)
                goto exit;
 
        /* using private key will make it decrypt the symmetric key */
-       ret = seal_encrypt_decrypt_key(prv_key, enc_sym_key, &lsym_key);
+       ret = seal_encrypt_decrypt_key(prv_key, sym_key, &lsym_key);
        if (ret != YACA_ERROR_NONE)
                goto exit;