Commit Graph

9433 Commits

Author SHA1 Message Date
JacobBarthelmeh 424af6eb5b Merge pull request #9956 from rlm2002/coverity
20260311 Coverity changes
2026-03-12 16:53:39 -06:00
JacobBarthelmeh 80ba723e16 Merge pull request #9943 from philljj/fix_evp_set_iv_length
evp: check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length.
2026-03-12 14:47:32 -06:00
JacobBarthelmeh c1f71fcf33 Merge pull request #9959 from philljj/fix_wolfboot_build
asn: add HAVE_OCSP_RESPONDER guard, to fix wolfboot build.
2026-03-12 14:44:29 -06:00
JacobBarthelmeh 351d2594ac Merge pull request #9938 from SparkiDev/regression_fixes_23
Fixes from regression testing
2026-03-12 14:41:18 -06:00
Ruby Martin d359f420ab set *inLen = outLen if output == NULL, if != NULL, check that outLen <= *inLen before assigning *inLen = outLen 2026-03-12 10:25:14 -06:00
Ruby Martin d432759fdd verify algoSz is <= MAX_ALGO_SZ 2026-03-12 09:53:34 -06:00
Ruby Martin 8314aa56ae catch MEMORY_E from CALLOC_ASNSETDATA() 2026-03-12 09:53:34 -06:00
jordan d67c034b14 asn: add HAVE_OCSP_RESPONDER guard, to fix wolfboot build. 2026-03-12 10:50:18 -05:00
Juliusz Sosinowicz 4fbc81916c Address final comments from #9761
- Fix line length
- Remove duplicate comment
- Check return of `wc_HashGetDigestSize`
- Use constant instead of magic number
2026-03-12 12:30:13 +01:00
JacobBarthelmeh a8dfa59bbe Merge pull request #9761 from julek-wolfssl/ocsp-responder
Implement OCSP responder
2026-03-11 17:27:33 -06:00
Sean Parkinson bbd2f6f898 Fixes from regression testing
CRL APIs not usable when NO_ASN_TIME defined.
WOLFSSL_TLS13 needs to be defined with HAVE_ECH.
When session ticket encrypted with CBC, must be a multiple of block
size.
Fix test define protection.
Fix ML-DSA protection of reduction functions.
Need !NO_RSA with WC_RSA_PSS.
Connection ID is not a DTLS 1.3 only extension.
2026-03-12 08:19:39 +10:00
sebastian-carpenter bb7c6a13c8 ECH tidying 2026-03-11 12:07:20 -06:00
Juliusz Sosinowicz 5a4c63423b Address code review 2026-03-11 12:28:11 +01:00
Juliusz Sosinowicz 6bb122d29f Address copilot review 2026-03-11 11:08:44 +01:00
Juliusz Sosinowicz 6fc83e292b Address code review 2026-03-11 10:21:17 +01:00
Juliusz Sosinowicz 7ae2ecc686 fixup! Implement OCSP responder 2026-03-11 10:21:17 +01:00
Juliusz Sosinowicz 10be06d747 Address copilot feedback 2026-03-11 10:21:17 +01:00
Juliusz Sosinowicz 9a9eb2bf1d Add ocsp responder test to testsuite.c and tested on windows 2026-03-11 10:21:16 +01:00
Juliusz Sosinowicz a795b19db2 Implement copilot suggestions 2026-03-11 10:21:16 +01:00
Juliusz Sosinowicz 4578e1390f Implement OCSP responder
OCSP Responder Core API:

- Add new public API for creating and managing an OCSP responder
- Add public wrappers for internal OCSP request/response functions
- OcspRespCheck: fix check when authorized responder is loaded into CM

Header Cleanup:

- Remove circular dependency when including `#include <wolfssl/wolfcrypt/asn.h>` from wolfssl/wolfcrypt/ecc.h and wolfssl/wolfcrypt/rsa.h

OCSP Responder Example (examples/ocsp_responder/):

- Add a command-line OCSP responder for interoperability testing with OpenSSL's `openssl ocsp` client

Test Scripts (scripts/):

- ocsp-responder-openssl-interop.test: Tests wolfSSL OCSP responder with `openssl ocsp` client
- ocsp-stapling-with-wolfssl-responder.test: Tests wolfSSL OCSP responder when doing OCSP stapling

Certificate Infrastructure (certs/ocsp/):

- Add DER-format certificates and keys for OCSP testing
- Update renewcerts.sh to generate DER versions

Known Limitations (documented in src/ocsp.c header comment):

  - Single request/response per OCSP exchange only
  - Key-hash responder ID only (no name-based responder ID)
  - No singleExtensions support
2026-03-11 10:21:16 +01:00
Daniel Pouzzner 3540d89c0d Merge pull request #9945 from holtrop-wolfssl/zd21327
Avoid one-byte read outside of allocated encrypted content buffer in wc_PKCS7_DecodeEnvelopedData()
2026-03-10 22:39:24 -05:00
Daniel Pouzzner a5bc0cd929 Merge pull request #9887 from rlm2002/static_analysis
20260305 Coverity fixes
2026-03-10 22:34:57 -05:00
Daniel Pouzzner bfe0b21829 Merge pull request #9765 from night1rider/zephyr-4_3_0-posix-fix
Add Zephyr 4.1+ build compatibility for wolfssl_tls_sock sample.
2026-03-10 22:28:43 -05:00
Daniel Pouzzner 51693156fe Merge pull request #9939 from SparkiDev/mlkem_comments_fixes
ML-KEM: Fixes for comments plus bug fixes
2026-03-10 19:34:39 -05:00
Daniel Pouzzner 4e84c7e05a Merge pull request #9931 from aidangarske/fix-wolfcrypt-fenrir-1
Fix Fenrir 376
2026-03-10 19:33:32 -05:00
Daniel Pouzzner f1508c910a Merge pull request #9930 from julek-wolfssl/fenrir/260903
Fenrir fixes
2026-03-10 19:32:56 -05:00
Daniel Pouzzner 7af6decbf3 Merge pull request #9856 from anhu/rsa_guard
Macro guard parameter null check.
2026-03-10 19:32:19 -05:00
Daniel Pouzzner f18d5ba359 Merge pull request #9928 from philljj/fix_f_451
ascon: don't skip wc_AsconAEAD128_Clear on auth error.
2026-03-10 19:31:20 -05:00
Daniel Pouzzner 65092ab5eb Merge pull request #9838 from SparkiDev/slhdsa_1
FIPS 205, SLH-DSA: implementation
2026-03-10 19:28:59 -05:00
Daniel Pouzzner 2ad5afaf4d wolfcrypt/src/wc_slhdsa.c: fixes for uninited data reads in slhdsakey_wots_sign_chain_x4_*() and slhdsakey_wots_pk_from_sig_x4;
CMakeLists.txt, cmake/functions.cmake, cmake/options.h.in: fixes for -DWOLFSSL_SLHDSA.
2026-03-10 17:51:18 -05:00
Josh Holtrop d37b51c3ce Avoid one-byte read outside of allocated encrypted content buffer in wc_PKCS7_DecodeEnvelopedData() 2026-03-10 17:26:28 -04:00
jordan 77b6f531fb evp: check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length. 2026-03-10 15:27:37 -05:00
night1rider 0442918391 Add Zephyr 4.1+ build compatibility for wolfssl_tls_sock sample. Replace removed Kconfig options (PTHREAD_IPC, POSIX_CLOCK, NET_SOCKETS_POSIX_NAMES) with version-conditional config fragments and fix min/max macro collision with Zephyr's sys/util.h. 2026-03-10 14:23:47 -06:00
Sean Parkinson b180a279b0 ML-KEM: Fixes for comments plus bug fixes
wc_MlKemKey_SharedSecretSize: Check len is not NULL before use.
wc_MlKemKey_DecodePrivateKey:
  Don't set flags when public key hash fails.
  ForceZero the private key on failure if copied.
2026-03-10 21:09:08 +10:00
Juliusz Sosinowicz 7a264162b8 wc_ChaCha20Poly1305_Decrypt: clear unauthed plaintext
F-452
2026-03-10 09:52:05 +01:00
Juliusz Sosinowicz 0b03d56127 wc_GetKeyOID: Clean up logging in mldsa case
F-449
2026-03-10 09:52:05 +01:00
Daniel Pouzzner b02ddde4f2 Merge pull request #9886 from philljj/fix_f_193
wc_encrypt: add missing ForceZero for Des, Arc4, Rc2.
2026-03-09 23:43:26 -05:00
Daniel Pouzzner 2cb1781b9a Merge pull request #9922 from Frauschi/f-450
Fix memory leak in error case within RsaMGF1
2026-03-09 23:39:30 -05:00
Daniel Pouzzner cd2386c87e Merge pull request #9894 from philljj/fix_f_280
hpke: add missing ForceZero for eae_prk, key_schedule_context, secret.
2026-03-09 23:38:37 -05:00
Daniel Pouzzner 3386e40453 Merge pull request #9890 from philljj/fix_f_hmac
hmac: add missing ForceZero for tmp, prk.
2026-03-09 23:38:04 -05:00
Daniel Pouzzner 3736352b24 Merge pull request #9888 from philljj/fix_f_383
pwdbased: add missing ForceZero for blocks, v, y.
2026-03-09 23:37:24 -05:00
Daniel Pouzzner 23f62bceb5 linuxkm/module_exports.c.template: add wolfssl/wolfcrypt/wc_slhdsa.h.
wolfcrypt/src/wc_slhdsa.c:

  * refactor SAVE_VECTOR_REGISTERS2() in slhdsakey_fors_sign() as
    CAN_SAVE_VECTOR_REGISTERS(), with local save-restore wrappers around the
    rest of the vector calls deeper in the call stack, to avoid failing
    GFP_ATOMIC allocations and long spans with interrupts disabled.

  * fix numerous bugprone-macro-parentheses and bugprone-signed-char-misuses.

  * use readUnalignedWord64() in SHAKE256_SET_SEED_HA_X4_*() and
    slhdsakey_shake256_set_seed_ha_x4() to avoid benign unaligned access warnings
    from sanitizers.

wolfcrypt/test/test.c:

  * in TestDumpData(), use WOLFSSL_DEBUG_PRINTF(), not fprintf(stderr, ...), for
    portability.

  * in slhdsa_test_param() and slhdsa_test(), use WC_DECLARE_VAR() and friends
    for SlhDsaKey allocations, and use ERROR_OUT() and single-return-point
    refactors to fix error path memory leaks.
2026-03-09 23:08:42 -05:00
aidan garske 832af2164b Fix copy-paste error in EncodeCertReq guard check where falconKey was checked twice instead of including dilithiumKey and sphincsKey 2026-03-09 11:43:41 -07:00
Daniel Pouzzner aa4b84f9a2 wolfcrypt/src/evp_pk.c: fix benign nullPointer in d2i_make_pkey() reported by cppcheck-2.20.0. 2026-03-09 10:58:36 -05:00
jordan f7127ca729 ascon: don't skip wc_AsconAEAD128_Clear on auth error. 2026-03-09 09:33:34 -05:00
Tobias Frauenschläger 9c2bb3d10d Fix memory leak in error case within RsaMGF1 2026-03-09 11:17:31 +01:00
Sean Parkinson 39b34333d6 FIPS 205, SLH-DSA: implementation
Adding implementation of SLH-DSA.
Included optimizations for Intel x64.
Some tests added.
2026-03-09 19:06:34 +10:00
Daniel Pouzzner b3f08f33b8 Merge pull request #9873 from miyazakh/fix_larger_crlnum
fix lareger(>57 octets) CRL number
2026-03-06 22:49:03 -06:00
Daniel Pouzzner 04e2adc799 Merge pull request #9916 from julek-wolfssl/fenrir/286
ecc.c: clear priv key with forcezero
2026-03-06 22:38:27 -06:00
Daniel Pouzzner 031c87407d Merge pull request #9892 from embhorn/f380-381-382
Hardening in wc_MakeDsaKey and wc_FreeDsaKey
2026-03-06 22:37:44 -06:00