Skip to content

Commit b6457e0

Browse files
authored
Merge pull request #30 from gasbytes/2026-06-14-findings-fixes
More various fixes (F-*)
2 parents 93bd1df + 02837e0 commit b6457e0

27 files changed

Lines changed: 335 additions & 510 deletions

.github/workflows/macos-build.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ jobs:
4646
cd rustls-wolfcrypt-provider
4747
make build
4848
make test
49+
make test-quic
4950
5051
- name: Check formatting
5152
run: |

.github/workflows/ubuntu-build.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ jobs:
4646
cd rustls-wolfcrypt-provider
4747
make build
4848
make test
49+
make test-quic
4950
5051
- name: Check formatting
5152
run: |

rustls-wolfcrypt-provider/Cargo.toml

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,10 @@ webpki = { package = "rustls-webpki", version = "0.103.13", features = ["alloc"]
1818
foreign-types = { version = "0.5.0", default-features = false }
1919
rustls-pki-types = { version = "1.11.0", default-features = false }
2020
log = { version = "0.4.25", default-features = false }
21-
env_logger = { version = "0.11.6", default-features = false }
2221
wolfcrypt-rs = { path = "../wolfcrypt-rs" }
23-
rustls-pemfile = { version = "2.2.0", default-features = false }
24-
hex = { version = "0.4.3", default-features = false, features = ["alloc"]}
22+
zeroize = { version = "1", default-features = false, features = ["alloc", "derive"] }
23+
24+
[dev-dependencies]
2525
wycheproof = { version = "0.6.0", default-features = false, features = [
2626
"aead",
2727
"hkdf",
@@ -30,11 +30,9 @@ rayon = "1.10.0"
3030
anyhow = "1.0.95"
3131
num_cpus = "1.16.0"
3232
lazy_static = "1.5.0"
33+
hex = { version = "0.4.3", default-features = false, features = ["alloc"]}
3334
hex-literal = "0.4.1"
34-
zeroize = { version = "1", default-features = false, features = ["alloc", "derive"] }
35-
36-
37-
[dev-dependencies]
35+
env_logger = { version = "0.11.6", default-features = false }
3836
rcgen = { version = "0.13" }
3937
serial_test = { version = "3.2.0", default-features = false }
4038
tokio = { version = "1.43", features = ["macros", "rt", "net", "io-util", "io-std"], default-features = false }

rustls-wolfcrypt-provider/Makefile

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,11 @@
11
.PHONY: test
2-
test:
2+
test:
33
@cargo test
44

5+
.PHONY: test-quic
6+
test-quic:
7+
@cargo test --features quic
8+
59
.PHONY: build
610
build:
711
@cargo build --release

rustls-wolfcrypt-provider/src/aead/aes128gcm.rs

Lines changed: 25 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -140,12 +140,15 @@ impl MessageEncrypter for WCTls12Encrypter {
140140
// 8 bytes.
141141
let payload_start = GCM_NONCE_LENGTH - 4;
142142
let payload_end = m.payload.len() + (GCM_NONCE_LENGTH - 4);
143+
let buf = &mut payload.as_mut()[payload_start..payload_end];
144+
let buf_len = buf.len() as word32;
145+
let buf_ptr = buf.as_mut_ptr();
143146
ret = unsafe {
144147
wc_AesGcmEncrypt(
145148
aes_object.as_ptr(),
146-
payload.as_mut()[payload_start..payload_end].as_mut_ptr(),
147-
payload.as_ref()[payload_start..payload_end].as_ptr(),
148-
payload.as_ref()[payload_start..payload_end].len() as word32,
149+
buf_ptr,
150+
buf_ptr as *const u8,
151+
buf_len,
149152
nonce.as_ptr(),
150153
nonce.len() as word32,
151154
auth_tag.as_mut_ptr(),
@@ -173,7 +176,7 @@ impl MessageDecrypter for WCTls12Decrypter {
173176
seq: u64,
174177
) -> Result<InboundPlainMessage<'a>, rustls::Error> {
175178
let payload = &mut m.payload;
176-
if payload.len() < GCM_TAG_LENGTH {
179+
if payload.len() < (GCM_NONCE_LENGTH - 4) + GCM_TAG_LENGTH {
177180
return Err(rustls::Error::DecryptError);
178181
}
179182
let payload_len = payload.len();
@@ -212,15 +215,15 @@ impl MessageDecrypter for WCTls12Decrypter {
212215
// from the payload.
213216
let payload_start = GCM_NONCE_LENGTH - 4;
214217
let payload_end = payload_len - GCM_TAG_LENGTH;
218+
let buf = &mut payload[payload_start..payload_end];
219+
let buf_len = buf.len() as word32;
220+
let buf_ptr = buf.as_mut_ptr();
215221
ret = unsafe {
216222
wc_AesGcmDecrypt(
217223
aes_object.as_ptr(),
218-
payload[payload_start..payload_end].as_mut_ptr(),
219-
payload[payload_start..payload_end].as_ptr(),
220-
payload[payload_start..payload_end]
221-
.len()
222-
.try_into()
223-
.unwrap(),
224+
buf_ptr,
225+
buf_ptr as *const u8,
226+
buf_len,
224227
nonce.as_ptr(),
225228
nonce.len() as word32,
226229
auth_tag.as_ptr(),
@@ -318,12 +321,15 @@ impl MessageEncrypter for WCTls13Cipher {
318321
// authIn, into the authentication tag, authTag.
319322
// Apparently we need to also need to include for the encoding type into the encrypted
320323
// payload, hence the + 1 otherwise the rustls returns EoF.
324+
let buf = &mut payload.as_mut()[..payload_len + 1];
325+
let buf_len = buf.len() as word32;
326+
let buf_ptr = buf.as_mut_ptr();
321327
ret = unsafe {
322328
wc_AesGcmEncrypt(
323329
aes_object.as_ptr(),
324-
payload.as_mut()[..payload_len + 1].as_mut_ptr(),
325-
payload.as_ref()[..payload_len + 1].as_ptr(),
326-
payload.as_ref()[..payload_len + 1].len() as word32,
330+
buf_ptr,
331+
buf_ptr as *const u8,
332+
buf_len,
327333
nonce.0.as_ptr(),
328334
nonce.0.len() as word32,
329335
auth_tag.as_mut_ptr(),
@@ -384,12 +390,15 @@ impl MessageDecrypter for WCTls13Cipher {
384390

385391
// Finally, we have everything to decrypt the message
386392
// from the payload.
393+
let buf = &mut payload[..message_len];
394+
let buf_len = buf.len() as word32;
395+
let buf_ptr = buf.as_mut_ptr();
387396
ret = unsafe {
388397
wc_AesGcmDecrypt(
389398
aes_object.as_ptr(),
390-
payload[..message_len].as_mut_ptr(),
391-
payload[..message_len].as_ptr(),
392-
payload[..message_len].len().try_into().unwrap(),
399+
buf_ptr,
400+
buf_ptr as *const u8,
401+
buf_len,
393402
nonce.0.as_ptr(),
394403
nonce.0.len() as word32,
395404
auth_tag.as_ptr(),

rustls-wolfcrypt-provider/src/aead/aes256gcm.rs

Lines changed: 25 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -140,12 +140,15 @@ impl MessageEncrypter for WCTls12Encrypter {
140140
// 8 bytes.
141141
let payload_start = GCM_NONCE_LENGTH - 4;
142142
let payload_end = m.payload.len() + (GCM_NONCE_LENGTH - 4);
143+
let buf = &mut payload.as_mut()[payload_start..payload_end];
144+
let buf_len = buf.len() as word32;
145+
let buf_ptr = buf.as_mut_ptr();
143146
ret = unsafe {
144147
wc_AesGcmEncrypt(
145148
aes_object.as_ptr(),
146-
payload.as_mut()[payload_start..payload_end].as_mut_ptr(),
147-
payload.as_ref()[payload_start..payload_end].as_ptr(),
148-
payload.as_ref()[payload_start..payload_end].len() as word32,
149+
buf_ptr,
150+
buf_ptr as *const u8,
151+
buf_len,
149152
nonce.as_ptr(),
150153
nonce.len() as word32,
151154
auth_tag.as_mut_ptr(),
@@ -173,7 +176,7 @@ impl MessageDecrypter for WCTls12Decrypter {
173176
seq: u64,
174177
) -> Result<InboundPlainMessage<'a>, rustls::Error> {
175178
let payload = &mut m.payload;
176-
if payload.len() < GCM_TAG_LENGTH {
179+
if payload.len() < (GCM_NONCE_LENGTH - 4) + GCM_TAG_LENGTH {
177180
return Err(rustls::Error::DecryptError);
178181
}
179182
let payload_len = payload.len();
@@ -212,15 +215,15 @@ impl MessageDecrypter for WCTls12Decrypter {
212215
// from the payload.
213216
let payload_start = GCM_NONCE_LENGTH - 4;
214217
let payload_end = payload_len - GCM_TAG_LENGTH;
218+
let buf = &mut payload[payload_start..payload_end];
219+
let buf_len = buf.len() as word32;
220+
let buf_ptr = buf.as_mut_ptr();
215221
ret = unsafe {
216222
wc_AesGcmDecrypt(
217223
aes_object.as_ptr(),
218-
payload[payload_start..payload_end].as_mut_ptr(),
219-
payload[payload_start..payload_end].as_ptr(),
220-
payload[payload_start..payload_end]
221-
.len()
222-
.try_into()
223-
.unwrap(),
224+
buf_ptr,
225+
buf_ptr as *const u8,
226+
buf_len,
224227
nonce.as_ptr(),
225228
nonce.len() as word32,
226229
auth_tag.as_ptr(),
@@ -318,12 +321,15 @@ impl MessageEncrypter for WCTls13Cipher {
318321
// authIn, into the authentication tag, authTag.
319322
// Apparently we need to also need to include for the encoding type into the encrypted
320323
// payload, hence the + 1 otherwise the rustls returns EoF.
324+
let buf = &mut payload.as_mut()[..payload_len + 1];
325+
let buf_len = buf.len() as word32;
326+
let buf_ptr = buf.as_mut_ptr();
321327
ret = unsafe {
322328
wc_AesGcmEncrypt(
323329
aes_object.as_ptr(),
324-
payload.as_mut()[..payload_len + 1].as_mut_ptr(),
325-
payload.as_ref()[..payload_len + 1].as_ptr(),
326-
payload.as_ref()[..payload_len + 1].len() as word32,
330+
buf_ptr,
331+
buf_ptr as *const u8,
332+
buf_len,
327333
nonce.0.as_ptr(),
328334
nonce.0.len() as word32,
329335
auth_tag.as_mut_ptr(),
@@ -385,12 +391,15 @@ impl MessageDecrypter for WCTls13Cipher {
385391

386392
// Finally, we have everything to decrypt the message
387393
// from the payload.
394+
let buf = &mut payload[..message_len];
395+
let buf_len = buf.len() as word32;
396+
let buf_ptr = buf.as_mut_ptr();
388397
ret = unsafe {
389398
wc_AesGcmDecrypt(
390399
aes_object.as_ptr(),
391-
payload[..message_len].as_mut_ptr(),
392-
payload[..message_len].as_ptr(),
393-
payload[..message_len].len().try_into().unwrap(),
400+
buf_ptr,
401+
buf_ptr as *const u8,
402+
buf_len,
394403
nonce.0.as_ptr(),
395404
nonce.0.len() as word32,
396405
auth_tag.as_ptr(),

rustls-wolfcrypt-provider/src/aead/chacha20.rs

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -153,16 +153,17 @@ impl MessageDecrypter for WCTls12Cipher {
153153
// to an authentication generated with the inAAD (arbitrary length additional authentication data).
154154
// Note: If the generated authentication tag does not match the supplied
155155
// authentication tag, the text is not decrypted.
156+
let buf_ptr = payload[..message_len].as_mut_ptr();
156157
let ret = unsafe {
157158
wc_ChaCha20Poly1305_Decrypt(
158159
self.key.as_ptr(),
159160
nonce.0.as_ptr(),
160161
aad.as_ptr(),
161162
aad.len() as word32,
162-
payload[..message_len].as_ptr(), // we decrypt only the payload, we don't include the tag.
163+
buf_ptr as *const u8, // we decrypt only the payload, we don't include the tag.
163164
message_len as word32,
164165
auth_tag.as_ptr(),
165-
payload[..message_len].as_mut_ptr(),
166+
buf_ptr,
166167
)
167168
};
168169

@@ -245,15 +246,16 @@ impl MessageEncrypter for WCTls13Cipher {
245246
// and stores the generated authentication tag in the output buffer, outAuthTag.
246247
// We need to also need to include for the encoding type, apparently, hence the + 1
247248
// otherwise the rustls returns EoF.
249+
let buf_ptr = payload.as_mut()[..m.payload.len() + 1].as_mut_ptr();
248250
let ret = unsafe {
249251
wc_ChaCha20Poly1305_Encrypt(
250252
self.key.as_ptr(),
251253
nonce.0.as_ptr(),
252254
aad.as_ptr(),
253255
aad.len() as word32,
254-
payload.as_ref()[..m.payload.len() + 1].as_ptr(),
256+
buf_ptr as *const u8,
255257
(m.payload.len() + 1) as word32,
256-
payload.as_mut()[..m.payload.len() + 1].as_mut_ptr(),
258+
buf_ptr,
257259
auth_tag.as_mut_ptr(),
258260
)
259261
};
@@ -298,6 +300,7 @@ impl MessageDecrypter for WCTls13Cipher {
298300
// to an authentication generated with the inAAD (arbitrary length additional authentication data).
299301
// Note: If the generated authentication tag does not match the supplied
300302
// authentication tag, the text is not decrypted.
303+
let buf_ptr = payload[..message_len].as_mut_ptr();
301304
let ret = unsafe {
302305
wc_ChaCha20Poly1305_Decrypt(
303306
self.key.as_ptr(),
@@ -306,10 +309,10 @@ impl MessageDecrypter for WCTls13Cipher {
306309
aad.len() as word32,
307310
// [..message_len] since we want to exclude the
308311
// the auth_tag.
309-
payload[..message_len].as_ptr(),
312+
buf_ptr as *const u8,
310313
message_len as word32,
311314
auth_tag.as_ptr(),
312-
payload[..message_len].as_mut_ptr(),
315+
buf_ptr,
313316
)
314317
};
315318

0 commit comments

Comments
 (0)