From c56ea55f8982a7cad85836e6450ec5240e67be9c Mon Sep 17 00:00:00 2001
From: jackctj117 <jackctj117@gmail.com>
Date: Wed, 12 Nov 2025 17:03:06 -0700
Subject: [PATCH 1/4] Fix TLS 1.3 cipher suite selection when TLS 1.2 ciphers
 precede TLS 1.3 ciphers

---
 src/internal.c | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 1bbd98d8c..aed071c33 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -37166,6 +37166,30 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
 #endif /* !WOLFSSL_NO_TLS12 */
 
+#ifdef WOLFSSL_TLS13
+    /* Check if a cipher suite is a TLS 1.3 cipher suite
+     * Returns 1 if TLS 1.3 cipher suite, 0 otherwise
+     */
+    static WC_INLINE int IsTls13CipherSuite(byte first, byte second)
+    {
+        /* TLS 1.3 cipher suites use TLS13_BYTE (0x13) as first byte */
+        if (first == TLS13_BYTE)
+            return 1;
+
+        /* Special cases for integrity-only cipher suites */
+        if (first == ECC_BYTE && (second == TLS_SHA256_SHA256 ||
+                                  second == TLS_SHA384_SHA384))
+            return 1;
+
+        /* SM4 cipher suites for TLS 1.3 */
+        if (first == CIPHER_BYTE && (second == TLS_SM4_GCM_SM3 ||
+                                     second == TLS_SM4_CCM_SM3))
+            return 1;
+
+        return 0;
+    }
+#endif /* WOLFSSL_TLS13 */
+
     /* Make sure server cert/key are valid for this suite, true on success
      * Returns 1 for valid server suite or 0 if not found
      * For asynchronous this can return WC_PENDING_E
@@ -37192,6 +37216,17 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         first   = suites->suites[idx];
         second  = suites->suites[idx+1];
 
+#ifdef WOLFSSL_TLS13
+        /* When negotiating TLS 1.3, reject non-TLS 1.3 cipher suites */
+        if (IsAtLeastTLSv1_3(ssl->version) &&
+            ssl->options.side == WOLFSSL_SERVER_END) {
+            if (!IsTls13CipherSuite(first, second)) {
+                WOLFSSL_MSG("TLS 1.2 cipher suite not valid for TLS 1.3");
+                return 0;
+            }
+        }
+#endif /* WOLFSSL_TLS13 */
+
         if (CipherRequires(first, second, REQUIRES_RSA)) {
             WOLFSSL_MSG("Requires RSA");
             if (ssl->options.haveRSA == 0) {

From 29c2f15a8fd55522bb37be528fdec8f54fc486b9 Mon Sep 17 00:00:00 2001
From: jackctj117 <jackctj117@gmail.com>
Date: Thu, 13 Nov 2025 10:06:07 -0700
Subject: [PATCH 2/4] Add #ifdef guards to cipher suite checks

---
 src/internal.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index aed071c33..97e126b45 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -37176,15 +37176,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         if (first == TLS13_BYTE)
             return 1;
 
+#ifdef HAVE_NULL_CIPHER
         /* Special cases for integrity-only cipher suites */
         if (first == ECC_BYTE && (second == TLS_SHA256_SHA256 ||
                                   second == TLS_SHA384_SHA384))
             return 1;
+#endif
 
+#if (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+     defined(WOLFSSL_SM3)
         /* SM4 cipher suites for TLS 1.3 */
         if (first == CIPHER_BYTE && (second == TLS_SM4_GCM_SM3 ||
                                      second == TLS_SM4_CCM_SM3))
             return 1;
+#endif
 
         return 0;
     }

From 5e2fd781132ef2ae100e6d9a2c7f351a90034707 Mon Sep 17 00:00:00 2001
From: jackctj117 <jackctj117@gmail.com>
Date: Thu, 13 Nov 2025 18:32:00 -0700
Subject: [PATCH 3/4] Suppress unused parameter warning

---
 src/internal.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 97e126b45..4b4e8449c 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -37172,6 +37172,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
      */
     static WC_INLINE int IsTls13CipherSuite(byte first, byte second)
     {
+        (void)second;  /* Suppress unused parameter warning */
+        
         /* TLS 1.3 cipher suites use TLS13_BYTE (0x13) as first byte */
         if (first == TLS13_BYTE)
             return 1;

From 0767cb84bf637c11fdeb9af5cb590d593697134b Mon Sep 17 00:00:00 2001
From: jackctj117 <jackctj117@gmail.com>
Date: Fri, 14 Nov 2025 09:03:51 -0700
Subject: [PATCH 4/4] Removed trailing white space

---
 src/internal.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index 4b4e8449c..b9ce10fb3 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -37173,7 +37173,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     static WC_INLINE int IsTls13CipherSuite(byte first, byte second)
     {
         (void)second;  /* Suppress unused parameter warning */
-        
+
         /* TLS 1.3 cipher suites use TLS13_BYTE (0x13) as first byte */
         if (first == TLS13_BYTE)
             return 1;