wolfcrypt/src/wc_slhdsa.c:
* refactor SAVE_VECTOR_REGISTERS2() in slhdsakey_fors_sign() as
CAN_SAVE_VECTOR_REGISTERS(), with local save-restore wrappers around the
rest of the vector calls deeper in the call stack, to avoid failing
GFP_ATOMIC allocations and long spans with interrupts disabled.
* fix numerous bugprone-macro-parentheses and bugprone-signed-char-misuses.
* use readUnalignedWord64() in SHAKE256_SET_SEED_HA_X4_*() and
slhdsakey_shake256_set_seed_ha_x4() to avoid benign unaligned access warnings
from sanitizers.
wolfcrypt/test/test.c:
* in TestDumpData(), use WOLFSSL_DEBUG_PRINTF(), not fprintf(stderr, ...), for
portability.
* in slhdsa_test_param() and slhdsa_test(), use WC_DECLARE_VAR() and friends
for SlhDsaKey allocations, and use ERROR_OUT() and single-return-point
refactors to fix error path memory leaks.
ML-DSA: check pointer to the y parameter has not be faulted.
ML-KEM: to harden against faultiong, use a different buffer for private
seed, sigma, and add a check that the buffer was copied correctly.
SHA-3: fix size of check variables.
ToTraditionalInline_ex2 original ASN code:
- Now return 0 when no OCTECT_STRING data found.
- Change callers to accept 0 as a valid returnb value.
SizeASN_Items:
- Change encoded size to word32 as won't be negative.
- Change callers to supply a pointer to a word32 instead of integer.
Fix casting due to change of parameter type.
ASN_LEN_ENC_LEN: Function to calculate the length of the encoded ASN.1
length.
GetLength_ex:
- Change minLen to word32
- Change length to word32 and change negative check appropriately for
different type.
GetASNHeader_ex:
- If not checking lengths in GetLength_ex, check it here.
DecodeObjectId:
- Ensure no overflow in calculation.
_RsaPrivateKeyDecode (original)
- Clear RSA integers on failure (will be done in free anyway).
wc_CreatePKCS8Key (original):
- safe check of overflow.
DecryptContent (templare):
- Parse will fail if OID not recognized, and recognized OIDs are 9/10
bytes long - but check idx is 9/10 anyway so we know we can read 2 end
bytes of data.
wc_RsaPublicKeyDecode_ex (original):
- Fix calculation of seqEndIdx and use it to bound modulus and
exponent.
DecodePolicyOID
- enusre inSz is not too long.
- Ensure no overflow in calculation.
SetOidValue (orginal):
- Safe check of inSz and oidSz.
SetAltNames (original):
- Improve length checks
FlattenAltNames:
- Check for overflow.
- Better length check.
ParseCRL_CertList (original):
- overflow check