From 73cbb13ec5a81e204ed68955b2e63f27b03615cd Mon Sep 17 00:00:00 2001
From: Dariusz Michaluk <d.michaluk@samsung.com>
Date: Tue, 23 Aug 2016 17:13:27 +0200
Subject: [PATCH] Fix symmetric key handling in seal/open.

- generate DES key if algorithm is DES,
- use sym_key_bit_len instead of default key length.

Change-Id: Iab6b16af5e60e932aee1d807cf1edc94c99cffbb
---
 api/yaca/yaca_seal.h |  2 ++
 src/seal.c           | 28 +++++++++++-----------------
 2 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h
index 97f8544..ac7da5c 100755
--- a/api/yaca/yaca_seal.h
+++ b/api/yaca/yaca_seal.h
@@ -53,6 +53,8 @@ extern "C" {
  *
  * @remarks  The @a pub_key must be #YACA_KEY_TYPE_RSA_PUB
  *
+ * @remarks  The @a sym_key_bit_len must be at least 96 bits shorter than the @a pub_key bit length
+ *
  * @remarks  The @a sym_key should be released using yaca_key_destroy()
  *
  * @remarks  The @a iv should be released using yaca_key_destroy()
diff --git a/src/seal.c b/src/seal.c
index 83094ce..f9b16a4 100644
--- a/src/seal.c
+++ b/src/seal.c
@@ -34,23 +34,18 @@
 
 #include "internal.h"
 
-static int seal_generate_sym_key(const EVP_CIPHER *cipher, yaca_key_h *sym_key)
+static int seal_generate_sym_key(yaca_encrypt_algorithm_e algo,
+                                 size_t sym_key_bit_len,
+                                 yaca_key_h *sym_key)
 {
-	int ret;
-	int key_len;
-
 	assert(sym_key != NULL);
-	assert(cipher != NULL);
-
-	ret = EVP_CIPHER_key_length(cipher);
-	if (ret <= 0) {
-		ret = YACA_ERROR_INTERNAL;
-		ERROR_DUMP(ret);
-		return ret;
-	}
-	key_len = ret;
 
-	return yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, key_len * 8, sym_key);
+	if (algo == YACA_ENCRYPT_3DES_3TDEA ||
+	    algo == YACA_ENCRYPT_UNSAFE_3DES_2TDEA ||
+	    algo == YACA_ENCRYPT_UNSAFE_DES)
+		return yaca_key_generate(YACA_KEY_TYPE_DES, sym_key_bit_len, sym_key);
+	else
+		return yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, sym_key_bit_len, sym_key);
 }
 
 static int seal_generate_iv(const EVP_CIPHER *cipher, yaca_key_h *iv)
@@ -127,8 +122,7 @@ static int seal_encrypt_decrypt_key(const yaca_key_h asym_key,
 		                           lasym_key->evp);
 
 	if (ret <= 0) {
-		ret = YACA_ERROR_INTERNAL;
-		ERROR_DUMP(ret);
+		ret = ERROR_HANDLE();
 		goto exit;
 	}
 
@@ -170,7 +164,7 @@ API int yaca_seal_initialize(yaca_context_h *ctx,
 	if (ret != YACA_ERROR_NONE)
 		goto exit;
 
-	ret = seal_generate_sym_key(cipher, &lsym_key);
+	ret = seal_generate_sym_key(algo, sym_key_bit_len, &lsym_key);
 	if (ret != YACA_ERROR_NONE)
 		goto exit;
 
-- 
2.7.4