wolfcrypt/src/hpke.c, wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c: implement RFC 9180 overflow checks on context->seq in wc_HpkeContextSealBase() and wc_HpkeContextOpenBase(), and add SEQ_OVERFLOW_E to wolfCrypt_ErrorCodes (Fenrir M-70).

This commit is contained in:
Daniel Pouzzner
2026-02-27 23:40:37 -06:00
parent 4110887871
commit 76bc6e337b
3 changed files with 16 additions and 2 deletions
+3
View File
@@ -665,6 +665,9 @@ const char* wc_GetErrorString(int error)
case ALREADY_E:
return "Operation was redundant or preempted";
case SEQ_OVERFLOW_E:
return "Sequence counter would overflow";
case MAX_CODE_E:
case WC_SPAN1_MIN_CODE_E:
case MIN_CODE_E:
+10
View File
@@ -865,6 +865,11 @@ int wc_HpkeContextSealBase(Hpke* hpke, HpkeBaseContext* context,
plaintext == NULL || out == NULL) {
return BAD_FUNC_ARG;
}
/* RFC 9180 requires error on sequence overflow. */
if (context->seq == WC_MAX_SINT_OF(int))
return SEQ_OVERFLOW_E;
WC_ALLOC_VAR_EX(aes, Aes, 1, hpke->heap, DYNAMIC_TYPE_AES,
return MEMORY_E);
ret = wc_AesInit(aes, hpke->heap, INVALID_DEVID);
@@ -1097,6 +1102,11 @@ int wc_HpkeContextOpenBase(Hpke* hpke, HpkeBaseContext* context, byte* aad,
if (hpke == NULL) {
return BAD_FUNC_ARG;
}
/* RFC 9180 requires error on sequence overflow. */
if (context->seq == WC_MAX_SINT_OF(int))
return SEQ_OVERFLOW_E;
XMEMSET(nonce, 0, sizeof(nonce));
WC_ALLOC_VAR_EX(aes, Aes, 1, hpke->heap, DYNAMIC_TYPE_AES,
return MEMORY_E);
+3 -2
View File
@@ -312,8 +312,9 @@ enum wolfCrypt_ErrorCodes {
BUSY_E = -1006, /* Object is busy */
ALREADY_E = -1007, /* Operation was redundant or preempted */
WC_SPAN2_LAST_E = -1007, /* Update to indicate last used error code */
WC_LAST_E = -1007, /* the last code used either here or in
SEQ_OVERFLOW_E = -1008, /* Sequence counter would overflow */
WC_SPAN2_LAST_E = -1008, /* Update to indicate last used error code */
WC_LAST_E = -1008, /* the last code used either here or in
* error-ssl.h */
WC_SPAN2_MIN_CODE_E = -1999, /* Last usable code in span 2 */