/* check input */
return_err_if_para_invalid("SDP_EncryptEx", pucPlainText && pulCTLen && pucCipherText && (pucPlainText != pucCipherText));
WSEC_UNCARE(SDP_GetCipherDataLenEx(ulPTLen,&ulCTMaxLen));
/* construct header, get MK-derived work key */
return_oper_if((*pulCTLen < ulCTMaxLen), WSEC_LOG_E("[SDP] Buffer for cipher text is not enough."), WSEC_ERR_OUTPUT_BUFF_NOT_ENOUGH);
WSEC_MEMSET(pucCipherText, ulCTMaxLen, 0, sizeof(SDP_CIPHER_HEAD_STRUEX));
pstCipherHead = (SDP_CIPHER_HEAD_STRUEX *)pucCipherText;
ulRet = SDP_FillCipherTextHeaderEx(ulAlgId, ulDomain, pstCipherHead, aucKey, &ulKeyLen, &ulIVLen);
return_oper_if((ulRet!= WSEC_SUCCESS), WSEC_LOG_E("[SDP] Fill cipher text header failed."), ulRet);
/* data encryption */
ulTempCTLen = ulCTMaxLen - sizeof(SDP_CIPHER_HEAD_STRUEX);
ulRet = CAC_Encrypt(pstCipherHead->ulEncAlgId, aucKey, ulKeyLen, pstCipherHead->aucIV, ulIVLen,
pucPlainText, ulPTLen, (pucCipherText + sizeof(SDP_CIPHER_HEAD_STRUEX)),
/* suggest INOUT */ &ulTempCTLen);
/* destroy key */
WSEC_DESTROY_KEY(aucKey, ulKeyLen);
return_oper_if((ulRet!= WSEC_SUCCESS), WSEC_LOG_E("[SDP] CAC encrypt failed."), WSEC_ERR_ENCRPT_FAIL);