From ad115fa4e589fa37cd97b7060ab3ec3c6fc953ae Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Wed, 25 Mar 2026 07:33:04 +0900 Subject: [PATCH 1/5] fix compile and unit test failure --- src/x509/clu_x509_sign.c | 24 +++++++++++++++--------- tests/ocsp/ocsp-interop-test.sh | 2 +- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/src/x509/clu_x509_sign.c b/src/x509/clu_x509_sign.c index 7d5625cd..ab409042 100644 --- a/src/x509/clu_x509_sign.c +++ b/src/x509/clu_x509_sign.c @@ -257,7 +257,7 @@ int wolfCLU_GenChimeraCertSign(WOLFSSL_BIO *bioCaKey, WOLFSSL_BIO *bioAltCaKey, const char *altSigAlgOid = "2.5.29.73"; const char *altSigValOid = "2.5.29.74"; - /* + /* * LARGE_TEMO_SZ defines the size of temporary buffers used for signature key, * verification key and signature value buffers. * The value 11264 is enough for P-521 and ML-DSA-87 PEM certs. @@ -397,7 +397,7 @@ int wolfCLU_GenChimeraCertSign(WOLFSSL_BIO *bioCaKey, WOLFSSL_BIO *bioAltCaKey, ret = WOLFCLU_FATAL_ERROR; } } - + if (ret == 0) { XMEMSET(caKeyBuf, 0, caKeySz); /* clear original buffer */ caKeySz = derObj->length; @@ -667,13 +667,13 @@ int wolfCLU_GenChimeraCertSign(WOLFSSL_BIO *bioCaKey, WOLFSSL_BIO *bioAltCaKey, if (ret == WOLFCLU_SUCCESS) { switch (level) { - case 2: + case 2: newCert.sigType = CTC_SHA256wECDSA; break; - case 3: + case 3: newCert.sigType = CTC_SHA384wECDSA; break; - case 5: + case 5: newCert.sigType = CTC_SHA512wECDSA; break; } @@ -691,7 +691,7 @@ int wolfCLU_GenChimeraCertSign(WOLFSSL_BIO *bioCaKey, WOLFSSL_BIO *bioAltCaKey, else { ret = WOLFCLU_SUCCESS; } - } + } } if (ret == WOLFCLU_SUCCESS) { @@ -715,7 +715,7 @@ int wolfCLU_GenChimeraCertSign(WOLFSSL_BIO *bioCaKey, WOLFSSL_BIO *bioAltCaKey, } if (ret == WOLFCLU_SUCCESS && isCA) { - ret = wc_MakeCert(&newCert, scratchBuf, + ret = wc_MakeCert(&newCert, scratchBuf, scratchSz, NULL, &caKey, &rng); if (ret <= 0) { wolfCLU_LogError("Error making certificate"); @@ -732,7 +732,7 @@ int wolfCLU_GenChimeraCertSign(WOLFSSL_BIO *bioCaKey, WOLFSSL_BIO *bioAltCaKey, scratchSz = ret; ret = WOLFCLU_SUCCESS; } - } + } } else if (ret == WOLFCLU_SUCCESS && !isCA) { ret = wc_MakeCert(&newCert, scratchBuf, scratchSz, @@ -1274,7 +1274,13 @@ int wolfCLU_CertSign(WOLFCLU_CERT_SIGN* csign, WOLFSSL_X509* x509) case WC_HASH_TYPE_BLAKE2B: case WC_HASH_TYPE_BLAKE2S: - #if LIBWOLFSSL_VERSION_HEX > 0x05001000 + #if LIBWOLFSSL_VERSION_HEX >= 0x05009000 + case WC_HASH_TYPE_SHA512_224: + case WC_HASH_TYPE_SHA512_256: + case WC_HASH_TYPE_SHAKE128: + case WC_HASH_TYPE_SHAKE256: + case WC_HASH_TYPE_SM3: + #elif LIBWOLFSSL_VERSION_HEX > 0x05001000 #ifndef WOLFSSL_NOSHA512_224 case WC_HASH_TYPE_SHA512_224: #endif diff --git a/tests/ocsp/ocsp-interop-test.sh b/tests/ocsp/ocsp-interop-test.sh index 49c8a75a..2ceda899 100755 --- a/tests/ocsp/ocsp-interop-test.sh +++ b/tests/ocsp/ocsp-interop-test.sh @@ -293,7 +293,7 @@ if [ $RESULT = 0 ]; then fi # Check for error message -grep -qi "fail\|error\|not found\|unable" "$TEST_DIR/test6.log" +grep -qi "fail\|error\|not found\|unable\|no such\|could not" "$TEST_DIR/test6.log" if [ $? != 0 ]; then echo "Test 6 failed: expected error message about invalid file" exit 99 From d487464353e1ab5eba3dc06eeaf10fa30b330180 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Fri, 27 Mar 2026 07:02:25 +0900 Subject: [PATCH 2/5] fix stack buffer overflow in encryption setup --- src/crypto/clu_crypto_setup.c | 17 +++++++++++--- tests/encrypt/enc-test.sh | 42 +++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 3 deletions(-) diff --git a/src/crypto/clu_crypto_setup.c b/src/crypto/clu_crypto_setup.c index 95cf8ac6..02fe4c84 100644 --- a/src/crypto/clu_crypto_setup.c +++ b/src/crypto/clu_crypto_setup.c @@ -347,7 +347,10 @@ int wolfCLU_setup(int argc, char** argv, char action) WOLFCLU_LOG(WOLFCLU_L0, "-in flag was not set, please enter a string or" "file name to be encrypted: "); - ret = (int) scanf("%s", inName); + ret = (fgets(inName, sizeof(inName), stdin) != NULL) ? 1 : 0; + if (ret > 0) { + inName[strcspn(inName, "\n")] = '\0'; + } } in = inName; WOLFCLU_LOG(WOLFCLU_L0, "Encrypting :\"%s\"", inName); @@ -397,7 +400,11 @@ int wolfCLU_setup(int argc, char** argv, char action) while (ret == 0) { WOLFCLU_LOG(WOLFCLU_L0, "Please enter a name for the output file: "); - ret = (int) scanf("%s", outNameEnc); + ret = (fgets(outNameEnc, sizeof(outNameEnc), stdin) != NULL) + ? 1 : 0; + if (ret > 0) { + outNameEnc[strcspn(outNameEnc, "\n")] = '\0'; + } out = (ret > 0) ? outNameEnc : '\0'; } } @@ -419,7 +426,11 @@ int wolfCLU_setup(int argc, char** argv, char action) while (ret == 0) { WOLFCLU_LOG(WOLFCLU_L0, "Please enter a name for the output file: "); - ret = (int) scanf("%s", outNameDec); + ret = (fgets(outNameDec, sizeof(outNameDec), stdin) != NULL) + ? 1 : 0; + if (ret > 0) { + outNameDec[strcspn(outNameDec, "\n")] = '\0'; + } out = (ret > 0) ? outNameDec : '\0'; } } diff --git a/tests/encrypt/enc-test.sh b/tests/encrypt/enc-test.sh index 31b7754f..d877ab5c 100755 --- a/tests/encrypt/enc-test.sh +++ b/tests/encrypt/enc-test.sh @@ -185,5 +185,47 @@ fi rm -f test-dec.der rm -f test-enc.der +# Regression tests for stack buffer overflow fix (scanf -> fgets) + +# Test: -in not provided, filename supplied via stdin (inName path, L344) +printf "certs/crl.der\n" | ./wolfssl enc -aes-128-cbc -out test-stdin-in.enc -k "testpass" > /dev/null 2>&1 +if [ $? != 0 ]; then + echo "Failed: enc with stdin input (no -in flag)" + exit 99 +fi +./wolfssl enc -d -aes-128-cbc -in test-stdin-in.enc -out test-stdin-in.dec -k "testpass" > /dev/null 2>&1 +diff certs/crl.der test-stdin-in.dec > /dev/null 2>&1 +if [ $? != 0 ]; then + echo "Failed: stdin enc/dec roundtrip mismatch" + exit 99 +fi +rm -f test-stdin-in.enc test-stdin-in.dec + + +# Test: outNameEnc/outNameDec via stdin (non-EVP path, Camellia) +./wolfssl enc -camellia-128-cbc -in certs/crl.der -out test-cam-probe.enc -k "testpass" > /dev/null 2>&1 +if [ $? -eq 0 ]; then + # outNameEnc: -out omitted, filename supplied via stdin + printf "test-cam-stdin.enc\n" | ./wolfssl enc -camellia-128-cbc -in certs/crl.der -k "testpass" > /dev/null 2>&1 + if [ $? != 0 ]; then + echo "Failed: Camellia enc with stdin output name (no -out flag)" + exit 99 + fi + + # outNameDec: -out omitted, filename supplied via stdin + printf "test-cam-stdin.dec\n" | ./wolfssl enc -d -camellia-128-cbc -in test-cam-stdin.enc -k "testpass" > /dev/null 2>&1 + if [ $? != 0 ]; then + echo "Failed: Camellia dec with stdin output name (no -out flag)" + exit 99 + fi + diff certs/crl.der test-cam-stdin.dec > /dev/null 2>&1 + if [ $? != 0 ]; then + echo "Failed: Camellia stdin outName enc/dec roundtrip mismatch" + exit 99 + fi + + rm -f test-cam-probe.enc test-cam-stdin.enc test-cam-stdin.dec +fi + echo "Done" exit 0 From eeecdfd4cbaf6c663aa81a665e5c93c32189b3ac Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Fri, 27 Mar 2026 08:37:41 +0900 Subject: [PATCH 3/5] addressed copilot comments --- src/crypto/clu_crypto_setup.c | 56 ++++++++++++++++++++++++++++------- tests/encrypt/enc-test.sh | 40 +++++++++++++++++++++++++ 2 files changed, 85 insertions(+), 11 deletions(-) diff --git a/src/crypto/clu_crypto_setup.c b/src/crypto/clu_crypto_setup.c index 02fe4c84..4c34423b 100644 --- a/src/crypto/clu_crypto_setup.c +++ b/src/crypto/clu_crypto_setup.c @@ -346,11 +346,25 @@ int wolfCLU_setup(int argc, char** argv, char action) while (ret == 0) { WOLFCLU_LOG(WOLFCLU_L0, "-in flag was not set, please enter a string or" - "file name to be encrypted: "); - ret = (fgets(inName, sizeof(inName), stdin) != NULL) ? 1 : 0; - if (ret > 0) { + " file name to be encrypted: "); + if (fgets(inName, sizeof(inName), stdin) == NULL) { + /* Failed to read input, continue */ + continue; + } + /* If no newline is present, the line was too long. */ + if (strchr(inName, '\n') == NULL) { + int ch; + do { + ch = getchar(); + } while (ch != '\n' && ch != EOF); + } else { inName[strcspn(inName, "\n")] = '\0'; } + /* Do not accept an empty string as valid input */ + if (inName[0] == '\0') { + continue; + } + ret = 1; } in = inName; WOLFCLU_LOG(WOLFCLU_L0, "Encrypting :\"%s\"", inName); @@ -400,12 +414,22 @@ int wolfCLU_setup(int argc, char** argv, char action) while (ret == 0) { WOLFCLU_LOG(WOLFCLU_L0, "Please enter a name for the output file: "); - ret = (fgets(outNameEnc, sizeof(outNameEnc), stdin) != NULL) - ? 1 : 0; - if (ret > 0) { + if (fgets(outNameEnc, sizeof(outNameEnc), stdin) == NULL) { + continue; + } + if (strchr(outNameEnc, '\n') == NULL) { + int ch; + do { + ch = getchar(); + } while (ch != '\n' && ch != EOF); + } else { outNameEnc[strcspn(outNameEnc, "\n")] = '\0'; } - out = (ret > 0) ? outNameEnc : '\0'; + if (outNameEnc[0] == '\0') { + continue; + } + out = outNameEnc; + ret = 1; } } ret = wolfCLU_encrypt(alg, mode, pwdKey, key, keySize, in, out, @@ -426,12 +450,22 @@ int wolfCLU_setup(int argc, char** argv, char action) while (ret == 0) { WOLFCLU_LOG(WOLFCLU_L0, "Please enter a name for the output file: "); - ret = (fgets(outNameDec, sizeof(outNameDec), stdin) != NULL) - ? 1 : 0; - if (ret > 0) { + if (fgets(outNameDec, sizeof(outNameDec), stdin) == NULL) { + continue; + } + if (strchr(outNameDec, '\n') == NULL) { + int ch; + do { + ch = getchar(); + } while (ch != '\n' && ch != EOF); + } else { outNameDec[strcspn(outNameDec, "\n")] = '\0'; } - out = (ret > 0) ? outNameDec : '\0'; + if (outNameDec[0] == '\0') { + continue; + } + out = outNameDec; + ret = 1; } } ret = wolfCLU_decrypt(alg, mode, pwdKey, key, keySize, in, out, diff --git a/tests/encrypt/enc-test.sh b/tests/encrypt/enc-test.sh index d877ab5c..36a115ee 100755 --- a/tests/encrypt/enc-test.sh +++ b/tests/encrypt/enc-test.sh @@ -227,5 +227,45 @@ if [ $? -eq 0 ]; then rm -f test-cam-probe.enc test-cam-stdin.enc test-cam-stdin.dec fi +# Test: inName empty line is rejected, re-prompt accepts valid filename +printf "\ncerts/crl.der\n" | ./wolfssl enc -aes-128-cbc -out test-empty-in.enc -k "testpass" > /dev/null 2>&1 +if [ $? != 0 ]; then + echo "Failed: enc should accept filename after empty line on stdin (-in path)" + exit 99 +fi +./wolfssl enc -d -aes-128-cbc -in test-empty-in.enc -out test-empty-in.dec -k "testpass" > /dev/null 2>&1 +diff certs/crl.der test-empty-in.dec > /dev/null 2>&1 +if [ $? != 0 ]; then + echo "Failed: enc/dec roundtrip mismatch after empty-line re-prompt (-in path)" + exit 99 +fi +rm -f test-empty-in.enc test-empty-in.dec + +# Test: outNameEnc/outNameDec empty line is rejected (non-EVP path, Camellia) +./wolfssl enc -camellia-128-cbc -in certs/crl.der -out test-cam-probe2.enc -k "testpass" > /dev/null 2>&1 +if [ $? -eq 0 ]; then + rm -f test-cam-probe2.enc + + # outNameEnc: empty line rejected, then valid output name accepted + printf "\ntest-cam-empty.enc\n" | ./wolfssl enc -camellia-128-cbc -in certs/crl.der -k "testpass" > /dev/null 2>&1 + if [ $? != 0 ]; then + echo "Failed: Camellia enc should accept output name after empty line (outNameEnc)" + exit 99 + fi + + # outNameDec: empty line rejected, then valid output name accepted + printf "\ntest-cam-empty.dec\n" | ./wolfssl enc -d -camellia-128-cbc -in test-cam-empty.enc -k "testpass" > /dev/null 2>&1 + if [ $? != 0 ]; then + echo "Failed: Camellia dec should accept output name after empty line (outNameDec)" + exit 99 + fi + diff certs/crl.der test-cam-empty.dec > /dev/null 2>&1 + if [ $? != 0 ]; then + echo "Failed: enc/dec roundtrip mismatch after empty-line re-prompt (outNameEnc/Dec)" + exit 99 + fi + rm -f test-cam-empty.enc test-cam-empty.dec +fi + echo "Done" exit 0 From 165e7d5777a7b8b773d1a12417e6261425e8b174 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Fri, 27 Mar 2026 09:12:04 +0900 Subject: [PATCH 4/5] addressed copilot comment --- tests/encrypt/enc-test.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/encrypt/enc-test.sh b/tests/encrypt/enc-test.sh index 36a115ee..25c9ae2b 100755 --- a/tests/encrypt/enc-test.sh +++ b/tests/encrypt/enc-test.sh @@ -224,9 +224,11 @@ if [ $? -eq 0 ]; then exit 99 fi - rm -f test-cam-probe.enc test-cam-stdin.enc test-cam-stdin.dec + rm -f test-cam-stdin.enc test-cam-stdin.dec fi +rm -f test-cam-probe.enc + # Test: inName empty line is rejected, re-prompt accepts valid filename printf "\ncerts/crl.der\n" | ./wolfssl enc -aes-128-cbc -out test-empty-in.enc -k "testpass" > /dev/null 2>&1 if [ $? != 0 ]; then From 9b1c8c5ca7524c2e4c3598c9fd811a84292f5688 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Fri, 27 Mar 2026 09:33:53 +0900 Subject: [PATCH 5/5] addressed copilot comments --- src/crypto/clu_crypto_setup.c | 40 +++++++++++++++++++++++++---------- tests/encrypt/enc-test.sh | 2 +- 2 files changed, 30 insertions(+), 12 deletions(-) diff --git a/src/crypto/clu_crypto_setup.c b/src/crypto/clu_crypto_setup.c index 4c34423b..d5af5f50 100644 --- a/src/crypto/clu_crypto_setup.c +++ b/src/crypto/clu_crypto_setup.c @@ -348,18 +348,24 @@ int wolfCLU_setup(int argc, char** argv, char action) "-in flag was not set, please enter a string or" " file name to be encrypted: "); if (fgets(inName, sizeof(inName), stdin) == NULL) { - /* Failed to read input, continue */ - continue; + /* EOF or read error: cannot prompt further */ + wolfCLU_LogError("failed to read input file name"); + wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); + if (mode != NULL) + XFREE(mode, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return WOLFCLU_FATAL_ERROR; } - /* If no newline is present, the line was too long. */ + /* If no newline is present, the line was too long: flush and + * re-prompt rather than proceeding with a truncated filename. */ if (strchr(inName, '\n') == NULL) { int ch; do { ch = getchar(); } while (ch != '\n' && ch != EOF); - } else { - inName[strcspn(inName, "\n")] = '\0'; + wolfCLU_LogError("input too long, please try again"); + continue; } + inName[strcspn(inName, "\n")] = '\0'; /* Do not accept an empty string as valid input */ if (inName[0] == '\0') { continue; @@ -415,16 +421,22 @@ int wolfCLU_setup(int argc, char** argv, char action) WOLFCLU_LOG(WOLFCLU_L0, "Please enter a name for the output file: "); if (fgets(outNameEnc, sizeof(outNameEnc), stdin) == NULL) { - continue; + /* EOF or read error: cannot prompt further */ + wolfCLU_LogError("failed to read output file name"); + wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); + if (mode != NULL) + XFREE(mode, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return WOLFCLU_FATAL_ERROR; } if (strchr(outNameEnc, '\n') == NULL) { int ch; do { ch = getchar(); } while (ch != '\n' && ch != EOF); - } else { - outNameEnc[strcspn(outNameEnc, "\n")] = '\0'; + wolfCLU_LogError("input too long, please try again"); + continue; } + outNameEnc[strcspn(outNameEnc, "\n")] = '\0'; if (outNameEnc[0] == '\0') { continue; } @@ -451,16 +463,22 @@ int wolfCLU_setup(int argc, char** argv, char action) WOLFCLU_LOG(WOLFCLU_L0, "Please enter a name for the output file: "); if (fgets(outNameDec, sizeof(outNameDec), stdin) == NULL) { - continue; + /* EOF or read error: cannot prompt further */ + wolfCLU_LogError("failed to read output file name"); + wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); + if (mode != NULL) + XFREE(mode, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return WOLFCLU_FATAL_ERROR; } if (strchr(outNameDec, '\n') == NULL) { int ch; do { ch = getchar(); } while (ch != '\n' && ch != EOF); - } else { - outNameDec[strcspn(outNameDec, "\n")] = '\0'; + wolfCLU_LogError("input too long, please try again"); + continue; } + outNameDec[strcspn(outNameDec, "\n")] = '\0'; if (outNameDec[0] == '\0') { continue; } diff --git a/tests/encrypt/enc-test.sh b/tests/encrypt/enc-test.sh index 25c9ae2b..7d9c4d91 100755 --- a/tests/encrypt/enc-test.sh +++ b/tests/encrypt/enc-test.sh @@ -187,7 +187,7 @@ rm -f test-enc.der # Regression tests for stack buffer overflow fix (scanf -> fgets) -# Test: -in not provided, filename supplied via stdin (inName path, L344) +# Test: -in not provided, filename supplied via stdin to exercise the inName Path printf "certs/crl.der\n" | ./wolfssl enc -aes-128-cbc -out test-stdin-in.enc -k "testpass" > /dev/null 2>&1 if [ $? != 0 ]; then echo "Failed: enc with stdin input (no -in flag)"