Padding has to be set before update in case of decryption

When doing encrypt/seal padding can be set before finalize as was
before. But it appears that decrypt behaves differently. In that case
padding has to be set before update or the decryption will be
incorrect.

Change-Id: I86ede38d0d79d401329c25c656e5c6b4c92e02cb

diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h
index a4ae309..65b758a 100644 (file)
--- a/api/yaca/yaca_types.h
+++ b/api/yaca/yaca_types.h
@@ -456,7 +456,9 @@ typedef enum {
         * Padding can be disabled using yaca_context_set_property() and
         * #YACA_PROPERTY_PADDING,#YACA_PADDING_NONE,
         * then the total length of data passed until *_finalize() MUST be a multiple of block size.
-        * #YACA_PROPERTY_PADDING can be set at the latest before the *_finalize() call.
+        * In case of encrypt/seal #YACA_PROPERTY_PADDING can be set at the
+        * latest before the *_finalize() call. In case of decrypt/open
+        * it can be set at the latest before the *_update() call.
         */
        YACA_BCM_ECB,
 
@@ -475,7 +477,9 @@ typedef enum {
         * Padding can be disabled using yaca_context_set_property() and
         * #YACA_PROPERTY_PADDING, #YACA_PADDING_NONE,
         * then the total length of data passed until *_finalize() MUST be a multiple of block size.
-        * #YACA_PROPERTY_PADDING can be set at the latest before the *_finalize() call.
+        * In case of encrypt/seal #YACA_PROPERTY_PADDING can be set at the
+        * latest before the *_finalize() call. In case of decrypt/open
+        * it can be set at the latest before the *_update() call.
         */
        YACA_BCM_CBC,
 

diff --git a/src/encrypt.c b/src/encrypt.c
index 82f5d77..9c6a1a2 100644 (file)
--- a/src/encrypt.c
+++ b/src/encrypt.c
@@ -808,7 +808,8 @@ static int set_encrypt_property(yaca_context_h ctx,
                        value_len != sizeof(yaca_padding_e) ||
                        (*(yaca_padding_e*)value != YACA_PADDING_NONE &&
                        *(yaca_padding_e*)value != YACA_PADDING_PKCS7) ||
-                       c->state == ENC_CTX_FINALIZED)
+                       ((is_encryption_op(c->op_type)) && c->state == ENC_CTX_FINALIZED) ||
+                       (!(is_encryption_op(c->op_type)) && c->state != ENC_CTX_INITIALIZED))
                        return YACA_ERROR_INVALID_PARAMETER;
 
                int padding = *(yaca_padding_e*)value == YACA_PADDING_NONE ? 0 : 1;