Commit Graph

4270 Commits

Author SHA1 Message Date
JacobBarthelmeh b5738236d9 Merge pull request #10187 from embhorn/zd21587
Fixes in TLS ECH, handle empty records, and ASN len check
2026-04-22 14:44:15 -06:00
Sean Parkinson 967780f1b7 Merge pull request #10239 from gasbytes/crl-idp-extension-fix
reject crls with unrecognized critical extensions
2026-04-21 10:21:31 +10:00
JacobBarthelmeh ad8b6dbc32 Merge pull request #10217 from ColtonWilley/null-checks-evp-ocsp-x509
Fix NULL derefs, buffer overflow, and i2d contract in EVP/OCSP/X509
2026-04-20 17:27:19 -06:00
Sean Parkinson fa9f24ff27 Merge pull request #10223 from rlm2002/zd21611
CN constraints fix
2026-04-19 21:28:29 +10:00
Ruby Martin 797ba3f03b test DNS name constraints on CA are applied against Subject CN name when SAN name is unavailable
test correct CN with no SAN available is accepted
2026-04-17 12:10:25 -06:00
Reda Chouk 857141da35 reject crls with unrecognized critical extensions per rfc 5280 section 5.2 2026-04-17 19:36:55 +02:00
Tobias Frauenschläger 0de3925207 Add RFC8773bis cert_with_extern_psk support
Implement RFC8773bis (draft-ietf-tls-8773bis-13)
cert_with_extern_psk for TLS 1.3, including protocol checks
and API support.

Includes unit tests for API and handshake behavior as well
as tests in the testsuite using extended examples.
2026-04-17 15:12:04 +02:00
Sean Parkinson 318cd62d44 Merge pull request #10231 from JeremiahM37/fenrir-issues-3
Fix PEM input validation and zeroize sensitive key buffers
2026-04-17 10:44:55 +10:00
Sean Parkinson 460463aa8f Merge pull request #10166 from JeremiahM37/test-coverage
Add negative tests for TLS handshake verification paths
2026-04-17 10:41:53 +10:00
Sean Parkinson 9d1fe652b1 Merge pull request #10224 from embhorn/zd21594
Various fixes in internal.c
2026-04-17 09:44:33 +10:00
Brett Nicholas 4bf334c299 Merge pull request #10009 from night1rider/SHE-update
Add SHE (Secure Hardware Extension) support to wolfCrypt
2026-04-16 16:49:00 -06:00
Daniel Pouzzner 801c412ad2 src/tls.c, wolfssl/ssl.h, tests/api.c: followup to ff7a32d022 (#10182):
* Fix OOB heap reads via TLSX_ExtractEch() by preemptively rejecting oversized
  SNI names in TLSX_UseSNI().

* In TLSX_EchChangeSNI(), don't attempt to truncate if an oversized name is
  seen, just return error.

* Move definition of WOLFSSL_HOST_NAME_MAX to an ungated context in ssl.h, and
  use it consistently in tls.c, eliminating the duplicative
  WOLFSSL_HOST_NAME_MAX.
2026-04-16 11:12:02 -05:00
Jeremiah Mackey a0614dd3c0 add negative tests for TLS handshake verification paths 2026-04-16 14:37:07 +00:00
Daniel Pouzzner 4cd7126092 tests/api/test_aes.c: fix gating for test_wc_AesGcm_MonteCarlo() to exclude WOLFSSL_AFALG and WOLFSSL_DEVCRYPTO. 2026-04-15 21:29:17 -05:00
night1rider 64a1ac8dd2 wc_SHE_ImportM1M2M3: fix guard from || to && so it gates on WOLF_CRYPTO_CB 2026-04-15 18:03:39 -06:00
Sean Parkinson cd6b062847 Merge pull request #10136 from JeremiahM37/fenrir-issues-2
Fenrir fixes
2026-04-16 08:51:17 +10:00
Sean Parkinson d2175f3b42 Merge pull request #10222 from embhorn/zd21597
Report cert verify failure with MD5
2026-04-16 08:45:15 +10:00
Sean Parkinson f286f62cb3 Merge pull request #10201 from gasbytes/quic_record_cap
add missing WOLFSSL_QUIC_MAX_RECORD_CAPACITY check on the early-data
2026-04-16 08:42:35 +10:00
Sean Parkinson 6be03a5dab Merge pull request #10182 from embhorn/zd21576
Fix TLSX_EchChangeSNI to check hostname termination
2026-04-16 08:37:42 +10:00
Sean Parkinson 1fab25301f Merge pull request #10221 from julek-wolfssl/gh/10197
TLS 1.3: evict session from cache after accepted 0-RTT resumption
2026-04-16 08:16:31 +10:00
David Garske 26a7d594e3 Merge pull request #10232 from douzzer/20260415-confusing_globals
20260415-confusing_globals
2026-04-15 15:02:40 -07:00
David Garske faa6e985a5 Merge pull request #10226 from SparkiDev/api_test_cipher_algs_3
API tests: more cipher tests
2026-04-15 14:32:11 -07:00
Eric Blankenhorn c429a41121 Fix from review 2026-04-15 15:26:46 -05:00
night1rider 1078e797f8 Fix CMake SHE deps, const-correctness in CryptoCb uid, stale comment, XSTRLEN double call, configure.ac AES-CBC guard, and add LoadKey/LoadKey_Verify test coverage 2026-04-15 11:28:03 -06:00
night1rider f081a08c5c Address comments from bigbrett and Fenrir bot. Rename she.{c,h} to wc_she.{c,h}, fix naming consistency, auto-enable CMAC/AES dependencies, add WC_SHE_SW_DEFAULT opt-inAddress PR #10009 review comments from bigbrett and Fenrir 2026-04-15 11:28:03 -06:00
night1rider 802c34018c Add more in depth comments in header file for she.h 2026-04-15 11:28:03 -06:00
night1rider ee7fe9e1b1 SHE API: remove key storage from context, add direct output params 2026-04-15 11:28:03 -06:00
night1rider 8c0999a352 fix macro guarding in tests/api.c 2026-04-15 11:28:03 -06:00
night1rider eeedc470e9 Add SHE (Secure Hardware Extension) support to wolfCrypt 2026-04-15 11:27:44 -06:00
David Garske 1a67eb7223 Merge pull request #9851 from night1rider/setkey-callbacks
Setkey/Export callbacks
2026-04-15 10:17:38 -07:00
Daniel Pouzzner d8085cc427 src/ssl_load.c, wolfssl/ssl.h, tests/api.c: rename wolfSSL*PrivateKey_id() to wolfSSL*PrivateKey_Id_ex(), and add missing WOLF_PRIVATE_KEY_ID gating. 2026-04-15 11:53:06 -05:00
Jeremiah Mackey bdebcfc5a0 reject negative pemSz in PEM-to-DER APIs 2026-04-15 16:46:32 +00:00
Reda Chouk 1576cf9edc add exact-boundary tests at wolfssl_quic_max_record_capacity and cap+1 to catch off-by-onee mutations in the early data capacity check 2026-04-15 14:36:35 +02:00
Sean Parkinson b44d8c66d7 Merge pull request #10192 from mattia-moffa/20260409-fixes
Various fixes
2026-04-15 20:35:04 +10:00
Sean Parkinson c905033acf API tests: more cipher tests
1. Unaligned Buffer Tests
Verify correct output when input/output buffers are byte-offset by 1,
2, and 3 bytes.
  - AES-CBC, AES-CTS, AES-CTR, AES-GCM, AES-CCM, AES-XTS
- ChaCha20, ChaCha20-Poly1305

2. In-Place (Overlapping) Buffer Tests
Verify correct output when out == in (same pointer for input and
output).
  - AES-CTS, AES-GCM, AES-CCM, AES-XTS
- ChaCha20, ChaCha20-Poly1305

3. Cross-Cipher Verification Tests
Verify that a higher-level mode produces identical output when
manually reconstructed from a lower-level primitive (typically AES-ECB +
XOR).
- AES-CBC (= ECB + XOR chaining)
- AES-CFB (= ECB(ciphertext feedback) + XOR)
  - AES-OFB (= ECB(output feedback) + XOR)
- AES-CTR (= ECB(counter) + XOR with big-endian increment)
  - AES-GCM (ciphertext portion = CTR starting at counter J0+1)
- ChaCha20-Poly1305 (ciphertext = raw ChaCha20 keystream XOR; tag =
independent Poly1305)

4. Counter Overflow Tests
Verify correct carry propagation when the internal block counter wraps
around.
  - AES-CTR (32-bit big-endian carry across 4 bytes: 0xFFFFFFFE → wrap)
- ChaCha20 (32-bit counter: 0xFFFFFFFF → 0x00000000)

5. AEAD Edge Case Tests
Verify correct behavior for empty inputs, empty AAD, and invalid auth
tag rejection.
  - Ascon-AEAD128
  - AES-CCM
  - ChaCha20-Poly1305

6. Non-Standard Parameter Tests
  Verify behavior outside the common fast path.
- AES-GCM: non-96-bit nonce lengths (1-byte, 60-byte, variable-length
loop, zero-length rejection)

7. Streaming API State Tests
Verify mid-stream state behavior and re-initialization after a final
call.
  - AES-GCM stream, AES-XTS stream
  - ChaCha20-Poly1305 stream
2026-04-15 17:05:32 +10:00
Sean Parkinson 6ac0f82b85 Merge pull request #10204 from mattia-moffa/20260413-fixes
SetSuitesHashSigAlgo fix
2026-04-15 11:39:26 +10:00
Mattia Moffa 6b535a4bd3 Initialize ctTampered in test 2026-04-15 03:09:11 +02:00
Mattia Moffa 41e54ba4f0 Initialize fullMac in test 2026-04-15 03:09:11 +02:00
Mattia Moffa 7bd2c3c946 Fix clang-tidy complaints 2026-04-15 03:09:11 +02:00
Mattia Moffa 1d4c5f7022 Fix codespell false positive 2026-04-15 03:09:11 +02:00
Mattia Moffa 0749f20c33 Require exact tag length in EVP_DigestVerifyFinal HMAC path
ZD#21457 (31)
2026-04-15 03:09:11 +02:00
Mattia Moffa 0a00b47c75 Fix ML-KEM ARM64 NEON ciphertext comparison reduction
ZD#21457 (30)
2026-04-15 03:09:11 +02:00
Mattia Moffa 9c304bdc09 PKCS12: check mismatch between hash algo and hash size
ZD#21457 (27)
2026-04-15 03:08:50 +02:00
Sean Parkinson 5ad6097f15 Merge pull request #10168 from night1rider/zd-21534
Address bug fixes sent in by ZD 21534
2026-04-15 09:11:04 +10:00
Sean Parkinson 0b88017e20 Merge pull request #10181 from embhorn/zd21567
Fix ReqCertFromX509 to check bounds
2026-04-15 09:01:25 +10:00
Sean Parkinson 409b5fcf38 Merge pull request #10172 from embhorn/zd21568
Fix pkcs12 parse issue
2026-04-15 09:00:12 +10:00
Sean Parkinson 14ebd3d649 Merge pull request #10170 from embhorn/zd21566
Fix partial chain verification
2026-04-15 08:58:28 +10:00
night1rider 642a65a34d Add export hooks for ecc 2026-04-14 16:21:50 -06:00
night1rider 79b0d9f9f5 Add setkey/exportkey/eccgetsize test coverage in api.c 2026-04-14 16:21:50 -06:00
night1rider 1295f4fe0e Add WOLF_CRYPTO_CB_SETKEY and WOLF_CRYPTO_CB_EXPORT_KEY crypto callback
utilities for generic SetKey and ExportKey operations on HMAC, RSA, ECC,
  and AES. Add wc_ecc_size/wc_ecc_sig_size callback hooks for hardware-only
  keys. Integrate into configure.ac as --enable-cryptocbutils=setkey,export
  options with CI test configurations in os-check.yml.

  Add test handlers in test.c and api.c with export/import delegation
  pattern, small-stack-safe allocations, custom curve support, and
  DEBUG_CRYPTOCB helpers.
2026-04-14 16:21:50 -06:00