Commit Graph

28499 Commits

Author SHA1 Message Date
Daniel Pouzzner 4228bedbcf wolfcrypt/src/integer.c and wolfssl/wolfcrypt/integer.h: constify args to mp_cmp() and mp_cmp_mag(). 2026-04-01 16:32:15 -05:00
Daniel Pouzzner faf2ff26de move WC_BARRIER() definition from wolfssl/wolfcrypt/types.h to wolfssl/wolfcrypt/wc_port.h, and strengthen it. 2026-04-01 16:20:10 -05:00
Daniel Pouzzner e6713372ee fixes from CI testing and peer review:
wolfcrypt/src/tfm.c and wolfssl/wolfcrypt/tfm.h: fix for -Wdiscarded-qualifiers in ecc_check_order_minus_1().

wolfssl/wolfcrypt/types.h: in WC_BARRIER(), use XFENCE() too, for best possible barrier.  fixes an ARM32 -Ofast -Wmaybe-uninitialized in blake2s_init_key().

wolfcrypt/src/asn_orig.c: set Stored flag after each allocation of a member that needs it.

wolfcrypt/src/signature.c: in wc_SignatureGetSize(), provide for legacy FIPS non-const-arg wc_ecc_sig_size() and wc_RsaEncryptSize().
2026-04-01 15:28:35 -05:00
Daniel Pouzzner 21c6568883 Fixes for -Wcast-qual hygiene in wolfCrypt.
.github/workflows/wolfCrypt-Wconversion.yml: Add -Wcast-qual to all scenarios.

wolfssl/wolfcrypt/signature.h, wolfcrypt/src/signature.c, doc/dox_comments/header_files/signature.h:

  Remove incorrect const qualifier on the key argument in

  * wc_SignatureVerifyHash()
  * wc_SignatureVerify()
  * wc_SignatureGenerateHash()
  * wc_SignatureGenerateHash_ex()
  * wc_SignatureGenerate()
  * wc_SignatureGenerate_ex()

  This fixes UB code patterns throughout signature.c.  key is inherently
  accessed readwrite by the underlying low level crypto.  Fortunately, wolfCrypt
  has no APIs/methods to allow actual const MPI key objects, therefore these
  seeming breaking API changes can't actually break any users.

globally:

  * Add const qualifiers to all struct pointer members that are assigned values
    computed from const pointers.

  * Add const qualifiers to intermediate casts for accessors and read-only
    dereference constructs, as needed for -Wcast-qual hygiene, e.g. for a macro
    GET_U16(a), use (*(const word16*)(a)) rather than (*(word16*)(a)).

  * Add const qualifiers to internal declarations, and remove illegal casts, as
    needed for -Wcast-qual hygiene.

  * Add missing const qualifiers to all casts for argument, operand, and
    assignment type agreement, as needed for -Wcast-qual hygiene, e.g.
    "*data = (const byte*)dataASN->data.ref.data" rather than
    "*data = (byte*)dataASN->data.ref.data".

wolfssl/wolfcrypt/asn.h, wolfssl/wolfcrypt/asn_public.h, wolfcrypt/src/asn.c, wolfcrypt/src/asn_orig.c:

  * Add additional lifecycle management for object members that are only sometimes locally allocated:

    DNS_entry.nameStored
    DNS_entry.ipStringStored
    DNS_entry.ridStringStored

wolfssl/wolfcrypt/types.h: add WC_BARRIER() macro -- a portable construct that
   prevents compiler optimizers from reordering operations across the barrier.

wolfssl/wolfcrypt/blake2-impl.h, wolfcrypt/src/blake2s.c, wolfcrypt/src/blake2b.c:

  * In blake2b_init(), blake2b_init_key(), blake2s_init(), and
    blake2s_init_key(), refactor blake2b_param initialization using WC_BARRIER()
    (fixes volatile abuse that triggered -Wcast-qual).

  * Remove the residual and unused WOLFSSL_BLAKE2[BS]_INIT_EACH_FIELD code.

wolfcrypt/src/ecc.c and wolfssl/wolfcrypt/ecc.h:

  Remove incorrect const qualifier on curve arg to wc_ecc_free_curve() (internal function).
2026-04-01 14:12:02 -05:00
Daniel Pouzzner 6fc93ac412 Merge pull request #10107 from danielinux/vde-license-exception
Added approved license exception for vde
2026-03-31 12:27:15 -05:00
Daniel Pouzzner ef3ba4906b Merge pull request #10109 from julek-wolfssl/openvpn-master
Fix GetLength return value check in ASN1_INTEGER functions
2026-03-31 11:23:11 -05:00
Juliusz Sosinowicz 4c2a90c8ef Fix GetLength return value check in ASN1_INTEGER functions
Change GetLength() return check from > 0 to >= 0 in wolfSSL_ASN1_INTEGER_get_length
and wolfSSL_ASN1_INTEGER_get0_data. GetLength returns the decoded length (≥ 0) on
success and negative error codes on failure, so checking > 0 incorrectly excluded
zero-length values, making the DER-stripping logic dead code.
2026-03-31 12:44:30 +02:00
Daniele Lacamera 18332faa05 Added approved license exception for vde 2026-03-31 08:49:29 +02:00
Daniel Pouzzner b36a9ca80e Merge pull request #10032 from JacobBarthelmeh/changelog
minor formatting fixes to changelog
2026-03-30 23:01:35 -05:00
Daniel Pouzzner a2298dde9c Merge pull request #10105 from padelsbach/lms-sign-external
Add buffer size and callback checks to external wc_LmsKey_Sign
2026-03-30 23:01:00 -05:00
Daniel Pouzzner 5f54de0577 Merge pull request #10076 from rizlik/dtls13_ack_improvements
Dtls13: ack management improvements
2026-03-30 22:59:54 -05:00
Daniel Pouzzner 1a3daf0148 Merge pull request #10087 from padelsbach/crl-num-negative
Reject negative CRL numbers when decoding
2026-03-30 22:58:34 -05:00
Daniel Pouzzner adf70b1629 Merge pull request #10089 from julek-wolfssl/openvpn-master
openssl compat: fix ASN1_STRING_{length,get0_data} for ASN1_INTEGER
2026-03-30 22:52:36 -05:00
Daniel Pouzzner 8e54eb9364 Merge pull request #10048 from anhu/constraints
Enforce URI name constraints in ConfirmNameConstraints
2026-03-30 22:51:52 -05:00
Daniel Pouzzner 74a407939b Merge pull request #10093 from lealem47/ocsp_hang
Fix hang in OCSP Stapling test
2026-03-30 22:50:44 -05:00
Daniel Pouzzner c8415c407f Merge pull request #10100 from Frauschi/zd21464
Zeroize sensitive buffers for ML-DSA
2026-03-30 22:34:53 -05:00
Daniel Pouzzner b5a835abed Merge pull request #10054 from kojo1/Csharp
fix for Csharp user_settings.h
2026-03-30 18:32:19 -05:00
Paul Adelsbach 18494e154f Reject negative CRL numbers when decoding 2026-03-30 16:09:32 -07:00
Paul Adelsbach 2ac3020bb6 Add buffer size and callback checks to external wc_LmsKey_Sign 2026-03-30 15:02:13 -07:00
Daniel Pouzzner 0a61997059 Merge pull request #10045 from embhorn/zd21385
Fix IAR warning about volatile access
2026-03-30 13:42:14 -05:00
Daniel Pouzzner 5b2e8b1376 Merge pull request #10065 from dgarske/async_nb_leak
Fix possible leak for ecc non-blocking crypto
2026-03-30 11:40:02 -05:00
Daniel Pouzzner edb4b2828f Merge pull request #10091 from rlm2002/gi10063Xchacha
GI issue fix use `size_t` instead of `long int`
2026-03-30 11:38:32 -05:00
Daniel Pouzzner 18111b1252 Merge pull request #10092 from anhu/hkex-ticket
Fix PQC hybrid KeyShare pointer sanity.
2026-03-30 11:36:11 -05:00
Daniel Pouzzner df055976ed Merge pull request #10079 from rlm2002/ghi10063
Various GI and ZD fixes
2026-03-30 11:34:05 -05:00
Daniel Pouzzner 9c0a9a6ceb Merge pull request #10084 from holtrop-wolfssl/zd21439
Add buffer size and callback checks to wc_LmsKey_Sign
2026-03-30 11:32:38 -05:00
JacobBarthelmeh 348d75b749 Merge pull request #10098 from douzzer/20260328-test_wolfSSL_dtls_fragments-race-mitigation
20260328-test_wolfSSL_dtls_fragments-race-mitigation
2026-03-30 10:29:31 -06:00
Marco Oliverio 1496614579 internal.h: clarify DTLS13_ACK_MAX_RECORDS comment 2026-03-30 17:34:36 +02:00
Marco Oliverio d1d6e587c0 test_dtls: remove bad char 2026-03-30 16:53:07 +02:00
Tobias Frauenschläger 7bdf13a3a3 Zeroize sensitive buffers for ML-DSA
Make sure stack-allocated buffers containing potentially senstive
material are zeroized before function exit.

Identified by: Abhinav Agarwal (GitHub: @abhinavagarwal07)
2026-03-30 11:21:32 +02:00
Daniel Pouzzner 20d9ea0022 tests/api.c: in test_wolfSSL_dtls_fragments(), accommodate races between threads. 2026-03-28 16:25:41 -05:00
lealem47 b7e7e7555f Merge pull request #10095 from douzzer/20260327-sanitizer-and-fixes-and-tls12_kdf_test-gating
20260327-sanitizer-and-tls12_kdf_test-gating-fixes
2026-03-27 17:52:37 -06:00
Lealem Amedie 22717a4672 Address copilot feedback 2026-03-27 16:35:42 -06:00
Daniel Pouzzner 76a498f7ea wolfcrypt/src/asn.c: fix invalid-pointer-pair "wild pointer" in CheckCertSignature_ex(). 2026-03-27 17:07:53 -05:00
Daniel Pouzzner 8b84b1fd1b wolfssl/wolfcrypt/coding.h and wolfssl/wolfcrypt/settings.h: fix feature activation for WOLFSSL_BASE16 (move from coding.h to settings.h). 2026-03-27 16:42:25 -05:00
Daniel Pouzzner e3d4d220c3 src/conf.c, src/ssl.c, wolfcrypt/src/asn.c, wolfssl/wolfcrypt/asn.h: fixes for invalid-pointer-pair memory errors reported by clang sanitizer with detect_invalid_pointer_pairs=2 in ASAN_OPTIONS. 2026-03-27 16:40:05 -05:00
Lealem Amedie 49003f8e54 Fix hang in OCSP test 2026-03-27 14:41:24 -06:00
Anthony Hu 46f6320380 Fix PQC hybrid KeyShare pointer sanity.
Also add tests for it and SetTicket
2026-03-27 14:33:41 -04:00
Ruby Martin 88fdc3d92a remove casts that would cause truncation if long int is 32-bit but size_t is 64-bit 2026-03-27 12:09:53 -06:00
Juliusz Sosinowicz 0f30790c9b openssl compat: fix ASN1_STRING_{length,get0_data} for ASN1_INTEGER
In OpenSSL, ASN1_INTEGER is typedef'd to ASN1_STRING (same struct), so
calling ASN1_STRING_length() / ASN1_STRING_get0_data() on an
ASN1_INTEGER* is valid and well-defined. wolfSSL has them as distinct,
incompatible structs. This fixes the openvpn master failures introduced in
https://github.com/OpenVPN/openvpn/pull/1003
2026-03-27 17:20:45 +01:00
Josh Holtrop 048a03e8bf Add buffer size and callback checks to wc_LmsKey_Sign
Fixes ZD#21439
2026-03-27 08:49:43 -04:00
Paul Adelsbach 5b1d2d795c Merge pull request #10086 from douzzer/20260326-various-fixes
20260326-various-fixes
2026-03-26 20:28:46 -07:00
Ruby Martin 8b2fd34e95 free authInPadded if alloc'd on early return 2026-03-26 16:11:19 -06:00
Ruby Martin a827a82ed3 return null if len<=0 2026-03-26 16:11:19 -06:00
Daniel Pouzzner 53f3ce635e wolfcrypt/src/asn.c: fix flub in wc_EccPublicKeyDecode() -- restore FREE_ASNGETDATA(dataASN, key->heap). 2026-03-26 16:54:19 -05:00
Daniel Pouzzner f0b711045c wolfssl/wolfcrypt/types.h: restore WC_ALLOC_DO_ON_FAILURE fallback definition from 760178c7dc -- reversion in part of 5f4d499df0. fixes optest build failures in all-crypto-only-intelasm-fips-v5-linuxkm-next-insmod-optest, all-crypto-only-intelasm-fips-v6-linuxkm-next-insmod-optest, and all-crypto-only-intelasm-fips-dev-linuxkm-next-insmod-optest. 2026-03-26 16:28:18 -05:00
Daniel Pouzzner 292ea549cc wolfcrypt/src/asn.c: fixes for invalid memory access in wc_DsaPublicKeyDecode() and wc_EccPublicKeyDecode(), detected by cppcheck-force-source, lms-xmss-wolfssl-all-clang-sanitizer, and sanitizer-clang-all-noasm. 2026-03-26 16:07:37 -05:00
Daniel Pouzzner 52d5d0a940 linuxkm/, wolfcrypt/src/dh.c, wolfcrypt/test/test.c, wolfcrypt/test/test.h, wolfssl/wolfcrypt/wc_port.h:
fixes and workarounds for clang-tidy complaints:
  * clang-diagnostic-unknown-warning-option
  * bugprone-sizeof-expression
  * clang-diagnostic-error "address argument to atomic operation must be a pointer to a trivially-copyable type"
  * bugprone-macro-parentheses
  * clang-diagnostic-unused-but-set-variable
  * readability-redundant-declaration
2026-03-26 15:41:47 -05:00
Ruby Martin ce7b81b6ee break when idx greater than MAX_CHAIN_DEPTH 2026-03-26 11:28:36 -06:00
Ruby Martin a963c5fc47 add check to prevent integer underflow 2026-03-26 11:28:36 -06:00
Ruby Martin a696d11519 if len is 0, do not subtract 1 when calling XMALLOC 2026-03-26 11:28:36 -06:00