#include <dpl/log/log.h>
+// lengths defined as macro to be used independent to type (size_t, unsigned int, int)
+#define SALT_SIZE 32
+#define KEY_SIZE 16
+#define IV_SIZE KEY_SIZE
+
namespace CKM {
namespace {
-const int SALT_SIZE = 32;
-const int KEY_SIZE = 16;
-
RawBuffer _get_key(const std::string &id)
{
unsigned char salt[SALT_SIZE];
RawBuffer _get_iv(const RawBuffer &src)
{
- RawBuffer iv(KEY_SIZE);
- size_t ivlen = iv.size();
+ RawBuffer iv(SHA_DIGEST_LENGTH);
+
+ unsigned int ivlen = 0;
if (::EVP_Digest(src.data(), src.size(), iv.data(), &ivlen, ::EVP_sha1(), nullptr)
!= 1) {
return RawBuffer();
}
+ if (ivlen < IV_SIZE) {
+ LogError("Invalid iv size: " << ivlen);
+ return RawBuffer();
+ }
+
+ iv.resize(IV_SIZE);
+
return iv;
}
auto algo = ::EVP_aes_128_cbc();
int tmp_len = (ciphertext.size() / algo->block_size + 1) * algo->block_size;
+ if (key.size() != KEY_SIZE) {
+ LogError("Invalid key size: " << key.size() << ", expected: " << KEY_SIZE);
+ return RawBuffer();
+ }
+
+ if (iv.size() != IV_SIZE) {
+ LogError("Invalid iv size: " << iv.size() << ", expected: " << IV_SIZE);
+ return RawBuffer();
+ }
+
RawBuffer plaintext(tmp_len, 0);
std::unique_ptr<EVP_CIPHER_CTX, void(*)(EVP_CIPHER_CTX *)> ctxptr(