From 26bb82980ec2a7448e6920936bd308d3ee061661 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Wed, 6 Oct 2021 20:11:25 +0200
Subject: [PATCH] #17

---
 src/ssl.c | 44 ++++++++++++++++++++++++--------------------
 1 file changed, 24 insertions(+), 20 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 82c7988b26e..c4885ffe371 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -19143,37 +19143,41 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
         (void)wc_Des3Init(&des, NULL, INVALID_DEVID);
 
         if (enc) {
-            wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION);
-            ret = wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-            (void)ret; /* ignore return codes for processing */
-            if(lb_sz){
-                XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
-                XMEMCPY(lastblock, input+sz-lb_sz, lb_sz);
-                ret = wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE,
-                    lastblock, (word32)DES_BLOCK_SIZE);
+            if (wc_Des3_SetKey(&des, key, (const byte*)ivec,
+                    DES_ENCRYPTION) == 0) {
+                ret = wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
             #if defined(WOLFSSL_ASYNC_CRYPT)
                 ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
             #endif
                 (void)ret; /* ignore return codes for processing */
+                if(lb_sz){
+                    XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
+                    XMEMCPY(lastblock, input+sz-lb_sz, lb_sz);
+                    ret = wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE,
+                        lastblock, (word32)DES_BLOCK_SIZE);
+                #if defined(WOLFSSL_ASYNC_CRYPT)
+                    ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
+                #endif
+                    (void)ret; /* ignore return codes for processing */
+                }
             }
         }
         else {
-            wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_DECRYPTION);
-            ret = wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-            (void)ret; /* ignore return codes for processing */
-            if(lb_sz){
-                ret = wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE);
+            if (wc_Des3_SetKey(&des, key, (const byte*)ivec,
+                    DES_DECRYPTION) == 0) {
+                ret = wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
             #if defined(WOLFSSL_ASYNC_CRYPT)
                 ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
             #endif
                 (void)ret; /* ignore return codes for processing */
-                XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
+                if(lb_sz){
+                    ret = wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE);
+                #if defined(WOLFSSL_ASYNC_CRYPT)
+                    ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
+                #endif
+                    (void)ret; /* ignore return codes for processing */
+                    XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
+                }
             }
         }
         wc_Des3Free(&des);