Skip to content

Time-Stamp Protocol (RFC 3161)#10778

Open
SparkiDev wants to merge 1 commit into
wolfSSL:masterfrom
SparkiDev:time_stamp_protocol
Open

Time-Stamp Protocol (RFC 3161)#10778
SparkiDev wants to merge 1 commit into
wolfSSL:masterfrom
SparkiDev:time_stamp_protocol

Conversation

@SparkiDev

Copy link
Copy Markdown
Contributor

Description

Implementation in wolfCrypt
OpenSSL compatibility layer in wolfSSL
Added tests, certificates, examples.

Testing

Different configuration with --enable-tsp.

@SparkiDev SparkiDev self-assigned this Jun 25, 2026
@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch from 76af38a to dc97de1 Compare June 25, 2026 12:23
@github-actions

github-actions Bot commented Jun 25, 2026

Copy link
Copy Markdown

MemBrowse Memory Report

gcc-arm-cortex-m0plus

  • FLASH: .text +40 B (+0.1%, 64,131 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m3

  • FLASH: .text +28 B (+0.0%, 122,137 B / 262,144 B, total: 47% used)

gcc-arm-cortex-m4

  • FLASH: .rodata.CSWTCH.1 +4 B, .rodata.str1.1 +58 B, .text +64 B (+0.1%, 199,882 B / 262,144 B, total: 76% used)

gcc-arm-cortex-m4-baremetal

  • FLASH: .text +64 B (+0.1%, 66,763 B / 262,144 B, total: 25% used)

gcc-arm-cortex-m4-crypto-only

  • FLASH: .rodata.CSWTCH.1 +4 B, .rodata.str1.1 +58 B, .text +64 B (+0.1%, 174,440 B / 262,144 B, total: 67% used)

gcc-arm-cortex-m4-openssl-compat

  • FLASH: .rodata +56 B, .text +64 B (+0.0%, 769,020 B / 1,048,576 B, total: 73% used)

gcc-arm-cortex-m4-pkcs7

  • FLASH: .rodata.CSWTCH.1 +4 B, .rodata.str1.1 +58 B, .text +64 B (+0.1%, 212,203 B / 262,144 B, total: 81% used)

gcc-arm-cortex-m4-pq

  • FLASH: .rodata +68 B (+0.0%, 278,708 B / 1,048,576 B, total: 27% used)

gcc-arm-cortex-m4-rsa-only

  • FLASH: .rodata +64 B (+0.0%, 324,240 B / 1,048,576 B, total: 31% used)

gcc-arm-cortex-m4-tls13

  • FLASH: .rodata.CSWTCH.1 +4 B, .rodata.str1.1 +58 B (+0.0%, 235,452 B / 262,144 B, total: 90% used)

gcc-arm-cortex-m7

  • FLASH: .rodata.CSWTCH.1 +4 B, .rodata.str1.1 +58 B (+0.0%, 199,818 B / 262,144 B, total: 76% used)

gcc-arm-cortex-m7-pq

  • FLASH: .rodata +68 B (+0.0%, 279,284 B / 1,048,576 B, total: 27% used)

gcc-arm-cortex-m7-tls13

  • FLASH: .rodata.CSWTCH.1 +4 B, .rodata.str1.1 +58 B, .text +64 B (+0.1%, 235,516 B / 262,144 B, total: 90% used)

linuxkm-standard

  • Data: __patchable_function_entries +8 B (+0.0%, 47,864 B)

stm32-sim-stm32h753

@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch 3 times, most recently from 2a0657a to 0d3affa Compare June 25, 2026 21:51
@SparkiDev

Copy link
Copy Markdown
Contributor Author

Jenkins: retest this please

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #10778

Scan targets checked: wolfcrypt-bugs, wolfcrypt-port-bugs, wolfcrypt-rs-bugs, wolfcrypt-src, wolfssl-bugs, wolfssl-src
Findings: 2
1 finding(s) posted as inline comments (see file-level comments below)

Low (1)

asn_orig.c DecodeExtKeyUsage skips counting unrecognized OIDs

File: wolfcrypt/src/asn_orig.c:3959
Function: DecodeExtKeyUsage
Category: Copy-paste errors

The original-parser DecodeExtKeyUsage does continue on ASN_UNKNOWN_OID_E, bypassing the extExtKeyUsageOidCnt increment, so unknown KeyPurposeIds are not counted — contradicting its own comment and diverging from the template version in asn.c which does count them. A cert with timeStamping plus an extra unknown EKU would report count 1 and wrongly pass Tsp_CheckSignerCert's extExtKeyUsageOidCnt != 1 gate.

Recommendation: Count the OID before continue (or increment in the unknown-OID branch) so the original parser matches the template version's count semantics.

Referenced code: wolfcrypt/src/asn_orig.c:3959-3965 (7 lines)


This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread wolfcrypt/src/tsp.c
@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch from 0d3affa to 0b151dc Compare June 26, 2026 07:21
Comment thread wolfcrypt/src/tsp.c
@SparkiDev

Copy link
Copy Markdown
Contributor Author

DecodeExtKeyUsage fixed

@SparkiDev

Copy link
Copy Markdown
Contributor Author

Jenkins: retest this please

Visual Studio Build: CRL script
generic aborted

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #10778

Scan targets checked: wolfcrypt-bugs, wolfcrypt-port-bugs, wolfcrypt-rs-bugs, wolfcrypt-src, wolfssl-bugs, wolfssl-src

No new issues found in the changed files. ✅

@dgarske dgarske self-requested a review June 29, 2026 18:43

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Multi-Scan Review

Modes: review + review-securityOverall recommendation: COMMENT
Findings: 4 total — 4 posted, 0 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Low] [review-security] wolfssl_asn1_integer_new_buf() builds a negative-looking DER INTEGER when the value's MSB is setsrc/ssl_asn1.c:1186-1206
  • [Low] [review] Possible shift-by-32 (undefined behavior) when decoding an empty PKIFailureInfo BIT STRINGwolfcrypt/src/asn_tsp.c:wc_TspResponse_Decode
  • [Low] [review] ssl_tsp.c depends on ssl_asn1.c but the latter is conditionally excluded by OPENSSL_EXTRA_NO_ASN1src/ssl.c:453-459
  • [Low] [review+review-security] Large 2048-byte on-stack request buffer in new responder path does not use WOLFSSL_SMALL_STACK patternsrc/ssl_tsp.c:2243

Review generated by Skoll

Comment thread src/ssl_asn1.c
Comment thread wolfcrypt/src/asn_tsp.c
Comment thread src/ssl.c
Comment thread src/ssl_tsp.c Outdated
Comment thread src/ssl_tsp.c
@dgarske dgarske removed the request for review from wolfSSL-Bot June 29, 2026 21:01
@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch 2 times, most recently from 151e6c8 to 6cec72d Compare June 30, 2026 00:57
@SparkiDev

Copy link
Copy Markdown
Contributor Author

Jenkins: retest this please

@SparkiDev SparkiDev assigned dgarske and unassigned SparkiDev Jun 30, 2026
@dgarske dgarske self-requested a review June 30, 2026 22:23

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Multi-Scan Review

Modes: review + review-securityOverall recommendation: COMMENT
Findings: 3 total — 2 posted, 1 skipped
2 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Low] [review] TS_REQ_to_TS_VERIFY_CTX leaves imprintSz set when imprint allocation fails on a reused ctxsrc/ssl_tsp.c:1645-1653
  • [Low] [review] Stale 'not supported' comment for TS_VFY_DATA contradicts the implemented behaviorsrc/ssl_tsp.c:1751-1807

Skipped findings

  • [Low] TSA responder private key DER freed without zeroization

Review generated by Skoll

Comment thread src/ssl_tsp.c
Comment thread src/ssl_tsp.c
@dgarske dgarske removed their assignment Jun 30, 2026
@dgarske dgarske requested a review from Frauschi June 30, 2026 22:57
@SparkiDev

SparkiDev commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Jenkins: retest this please

FIPS fails
fips-ready fail x2

@Frauschi Frauschi left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some smaller issues only

Comment thread gencertbuf.pl Outdated
Comment thread src/ssl_tsp.c
Comment thread tests/api/test_ossl_tsp.c
@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch from f9fd6dc to 2e8168b Compare July 1, 2026 23:13
@SparkiDev SparkiDev assigned Frauschi and unassigned SparkiDev Jul 1, 2026
@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch from 2e8168b to c90d41e Compare July 2, 2026 01:53
Frauschi
Frauschi previously approved these changes Jul 2, 2026

@Frauschi Frauschi left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@SparkiDev

SparkiDev commented Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

Jenkins: retest this please

Tiny TLS1.3 Tests

@Frauschi

Frauschi commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

the tiny-tls failures are unrelated and will be fixed by #10835

@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch from c90d41e to 9b5df72 Compare July 2, 2026 10:26
@SparkiDev

Copy link
Copy Markdown
Contributor Author

I rebased and it went crazy.

@Frauschi

Frauschi commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Jenkins retest this please.

Frauschi
Frauschi previously approved these changes Jul 2, 2026
@dgarske dgarske self-requested a review July 2, 2026 18:02

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skoll Multi-Scan Review

Modes: review + review-securityOverall recommendation: COMMENT
Findings: 5 total — 4 posted, 1 skipped
4 finding(s) posted as inline comments (see file-level comments below)

Posted findings

  • [Low] [review] TS_REQ_set_policy_id accepts empty OID and reports success (inconsistent with set_def_policy)src/ssl_tsp.c:~830-865
  • [Info] [review-security] wc_TspResponse_Verify with NULL cert and no CM establishes no trustwolfcrypt/src/tsp.c:2162
  • [Info] [review] TSP_RESP_REQ_DER_SZ macro defined between the doxygen comment and the function signaturesrc/ssl_tsp.c:2238-2254
  • [Info] [review] wolfssl_asn1_integer_new_buf relies solely on len0 guard, no defensive val NULL checksrc/ssl_asn1.c:1187-1216

Skipped findings

  • [Low] TSA private key DER not zeroized before free in responder context

Review generated by Skoll

Comment thread src/ssl_tsp.c
Comment thread wolfcrypt/src/tsp.c
Comment thread src/ssl_tsp.c
Comment thread src/ssl_asn1.c

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implementation in wolfCrypt
OpenSSL compatibility layer in wolfSSL
Added tests, certificates, examples.
@SparkiDev SparkiDev force-pushed the time_stamp_protocol branch from f4971f4 to 4889089 Compare July 3, 2026 01:01
@SparkiDev SparkiDev assigned dgarske and unassigned SparkiDev Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants