sebastian-carpenter
47a24d7b90
minor coverity fixes for tls ech
2026-03-13 11:04:44 -06:00
sebastian-carpenter
bb7c6a13c8
ECH tidying
2026-03-11 12:07:20 -06:00
Daniel Pouzzner
cd2386c87e
Merge pull request #9894 from philljj/fix_f_280
...
hpke: add missing ForceZero for eae_prk, key_schedule_context, secret.
2026-03-09 23:38:37 -05:00
jordan
1d3a0ca53a
hpke: add missing ForceZero for eae_prk, key_schedule_context, secret.
2026-03-05 15:30:39 -06:00
Daniel Pouzzner
b2913d27dd
Merge pull request #9842 from rlm2002/coverity
...
20260227 Coverity changes
2026-03-05 14:53:14 -06:00
Ruby Martin
682901e32e
return MP_VAL if n < 0. remove check for max int value
...
remove comment
2026-03-03 09:50:16 -07:00
Daniel Pouzzner
76bc6e337b
wolfcrypt/src/hpke.c, wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c: implement RFC 9180 overflow checks on context->seq in wc_HpkeContextSealBase() and wc_HpkeContextOpenBase(), and add SEQ_OVERFLOW_E to wolfCrypt_ErrorCodes (Fenrir M-70).
2026-02-27 23:40:37 -06:00
aidan garske
3295a6521c
Fix Fenrir issues in wolfcrypt
2026-02-24 18:51:58 -08:00
JacobBarthelmeh
a156ed7bc7
update Copyright year
2026-02-18 09:52:21 -07:00
effbiae
7a3db09ddd
automated small stack compress
2025-10-11 11:40:30 +11:00
JacobBarthelmeh
629c5b4cf6
updating license from GPLv2 to GPLv3
2025-07-10 16:11:36 -06:00
JacobBarthelmeh
3f9fe491cc
adjust C# test and set rng with hpke case
2025-05-07 14:33:15 -06:00
JacobBarthelmeh
69a4607f84
null sanity check on arguments in wc_HpkeContextComputeNonce, CID 515543
2025-04-18 16:47:36 -06:00
Daniel Pouzzner
c401f5caf2
move the newly added wolfcrypt/src/wolfssl_sources.h to wolfssl/wolfcrypt/libwolfssl_sources.h, and likewise for wolfssl_sources_asm.h; revert changes to IDE/ project files.
2025-04-04 18:44:12 -05:00
Daniel Pouzzner
217440c885
Add wolfcrypt/src/wolfssl_sources.h and wolfcrypt/src/wolfssl_sources_asm.h,
...
which force on BUILDING_WOLFSSL and do boilerplate includes, and update library
sources to include them at the top.
wolfssl_sources.h includes types.h, error-crypt.h, and logging.h, and
conditionally, config.h. settings.h and wc_port.h are unconditionally
included at the top of types.h.
wolfssl_sources_asm.h includes settings.h, and conditionally, config.h.
Add wolfssl_sources*.h to wolfcrypt/src/include.am, and to several IDE/ project
files.
Also added a TEST_WOLFSSL_SOURCES_INCLUSION_SEQUENCE clause in
wolfssl/wolfcrypt/settings.h to allow coverage testing.
In wolfcrypt/src/misc.c, retain existing ad hoc boilerplate includes, and use
them if WOLFSSL_VIS_FOR_TESTS, otherwise include the new wolfssl_sources.h.
Define WOLFSSL_VIS_FOR_TESTS at top of wolfcrypt/test/test.c.
Also renamed WOLFSSL_NEED_LINUX_CURRENT to WOLFSSL_LINUXKM_NEED_LINUX_CURRENT,
for clarity.
2025-04-04 16:51:04 -05:00
John Bland
8ff08740f8
Merge branch 'master' into ech-hello-retry
2025-03-10 03:37:27 -04:00
JacobBarthelmeh
2c24291ed5
update copyright date
2025-01-21 09:55:03 -07:00
Daniel Pouzzner
7cd2fd3617
numerous fixes for memory errors reported by clang-tidy, most of them true positives, unmasked by CPPFLAGS=-DNO_WOLFSSL_MEMORY: clang-analyzer-unix.Malloc, clang-analyzer-core.NullDereference, clang-analyzer-core.uninitialized.Assign, clang-analyzer-core.UndefinedBinaryOperatorResult, and clang-analyzer-optin.portability.UnixAPI (re malloc(0)).
...
several fixes for defects reported by cppcheck:
wolfcrypt/src/ecc.c: fix for cppcheck oppositeInnerCondition from cppcheck-2.16.0 in _ecc_make_key_ex(), and fixes for related unhandled errors discovered by manual inspection;
wolfcrypt/test/test.c: fix XREALLOC call in memcb_test() to resolve cppcheck-detected memleak.
2025-01-10 14:30:42 -06:00
Daniel Pouzzner
bfeb0ad48e
expand opensslcoexist to all low level crypto APIs.
2024-11-22 19:27:56 -06:00
JacobBarthelmeh
31a6a2bf59
update copyright to 2024
2024-07-19 13:15:05 -06:00
John Bland
34d7229d4e
add functions for using an hpke context multiple times
2023-12-29 16:15:54 -05:00
JacobBarthelmeh
21f34ef028
Merge pull request #6905 from bandi13/moreCodeSonarFixes
...
Don't nag about leaked resources
2023-11-01 14:46:02 -06:00
Andras Fekete
42c241dbbf
Avoid use of uninitialized array
2023-10-27 15:38:46 -04:00
JacobBarthelmeh
16b842992d
fix for CID 330416 memory leak
2023-10-27 13:27:30 -06:00
Sean Parkinson
2c9609039d
Type conversion fixes: make explicit
...
Changed to types and casting so that there are no implcit conversion
warnings (gcc -Wconversion) in these files.
2023-07-13 08:36:02 +10:00
Juliusz Sosinowicz
bed99401a0
hpke.c: use xorbufout in wc_HpkeContextComputeNonce
2023-04-19 17:06:25 +02:00
Daniel Pouzzner
f776371874
wolfcrypt/src/hpke.c: add PRIVATE_KEY_{UNLOCK,LOCK}() wrappers in wc_HpkeSealBase() and wc_HpkeOpenBase();
...
wolfcrypt/test/test.c: remove PRIVATE_KEY_{UNLOCK,LOCK}() wrappers from hpke_test_single(), and do a smallstack refactor.
2023-01-26 15:00:56 -06:00
John Bland
44ca98f5b3
add missing NULL checks and remove rng pointer when not needed
2023-01-23 16:03:58 -05:00
John Bland
a36276ca3a
update hpke to not use rng with ecc when hardening is off
2023-01-23 11:27:23 -05:00
Daniel Pouzzner
aa776057ff
fixes: shellcheck gripes on Docker/OpenWrt/runTests.sh; null pointer derefs and duplicate tests and assigns in src/tls.c and wolfcrypt/src/hpke.c found by cppcheck (nullPointerRedundantCheck, identicalInnerCondition, duplicateAssignExpression).
2023-01-21 00:51:57 -06:00
John Bland
d14d29e32a
stop ech from using a recursive function call
...
update bad return value for when retry_configs is returned, add locks around hkdf functions for private key use
2023-01-20 18:37:19 -05:00
David Garske
6b6ad38e4f
Adds support for TLS v1.3 Encrypted Client Hello (ECH) draft-ietf-tls-esni) and HPKE (Hybrid Public Key Encryption) RFC9180.
2023-01-18 11:37:27 -08:00