Files
wolfssl/tests
Sameeh Jubran ba51fbd30b Zero TLS 1.3 traffic keys after AES SE offload
When WOLF_CRYPTO_CB_AES_SETKEY is enabled and a CryptoCB callback
imports the AES key into a Secure Element (aes->devCtx != NULL), the
TLS-layer copy in keys->{client,server}_write_key has no further
consumer: the software key schedule is not populated on offload.
ForceZero it in SetKeysSide() per provisioned side.

The static IVs (keys->{client,server}_write_IV and
keys->aead_{enc,dec}_imp_IV) are left intact because BuildTls13Nonce()
reads aead_{enc,dec}_imp_IV on every record (RFC 8446 Section 5.3).

Scope: TLS 1.3, non-DTLS, non-QUIC.  DTLS 1.3 needs the write keys
in Dtls13EpochCopyKeys; TLS 1.2 needs them for rehandshake; QUIC is
untouched pending audit.

Add two memio tests (test_wc_CryptoCb_Tls13_Key_{Zero_After_Offload,
No_Zero_Without_Offload}) that pin AES-GCM and check key / IV state
after the handshake and a KeyUpdate round.

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-04-20 10:45:23 +03:00
..
2026-03-18 10:48:16 +01:00
2020-12-17 14:26:49 +01:00
2026-02-18 09:52:21 -07:00
2026-03-18 10:48:16 +01:00
2022-01-31 15:29:25 -05:00
2022-01-31 15:29:25 -05:00
2024-01-16 15:18:05 -08:00
2026-01-28 07:37:29 +10:00
2026-02-25 15:19:13 +01:00
2026-02-25 15:19:13 +01:00
2020-07-20 15:03:48 -07:00
2022-01-31 15:29:25 -05:00
2022-06-01 10:36:01 +10:00
2022-02-23 09:47:34 +01:00
2024-01-16 15:18:05 -08:00
2020-12-17 14:26:49 +01:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00
2026-02-18 09:52:21 -07:00

Before creating any new configure files (.conf) read the CONF_FILES_README.md