Commit Graph

29160 Commits

Author SHA1 Message Date
Tobias Frauenschläger 97b82b5087 Add nonce length validation for PKCS#7 2026-04-23 11:03:19 +02:00
Tobias Frauenschläger b7f6e77a95 Reject PKCS#7 SignedData signer-identity forgery 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 589feabc0c Harden PKCS#7 EnvelopedData key unwrap 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 3fd4060458 Add more PKCS#7 tests 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 4e423fde17 More PKCS#7 bounds checks 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 46f3ebb0c6 Add missing ForceZero calls in PKCS#7 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 16e1d33f24 Fix invalid preprocessor guard in PKCS7 with SHA224
Also add missing ForceZero for ECDH shared secret on the heap.
2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 5634cfd67c Fix PKCS#7 regression with --enable-all and NO_PKCS7_STREAM 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger e2167e4bbd add length check in PKCS#7 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 84fb0f694c Fix various range and size bugs in PKCS#7 code 2026-04-23 09:36:32 +02:00
Andrew Hutchings 8810160da7 ci: add PR commit message sanity check workflow
Adds a GitHub Actions workflow that scans every commit in a pull
request and fails if any commit message carries a Co-authored-by
or Signed-off-by trailer pointing at noreply@anthropic.com.
2026-04-23 07:08:36 +01:00
night1rider d673b62143 Fix double-free of she2 in she_test 2026-04-22 17:33:21 -06:00
Kareem c69d9693f0 Fix code review feedback and test failure. 2026-04-22 16:33:07 -07:00
Kareem 9fef016106 Fix W560 "possible truncation at implicit conversion to type unsigned char" warnings raised by Tasking compiler. 2026-04-22 15:47:48 -07:00
Kareem b3c2877a14 Add additional checks for encryptedContentSz exceeding pkiMsgSz. 2026-04-22 15:22:36 -07:00
Kareem 3e04475875 Fix unused variable error 2026-04-22 15:22:36 -07:00
Kareem ebdcc03b71 Code review feedback 2026-04-22 15:22:36 -07:00
Kareem 1397268aa1 In wc_PKCS7_DecodeEnvelopedData, confirm encryptedContentTotalSz does not exceed the total message size before using it in the non-streaming case.
Thanks to Zou Dikai for the report.
2026-04-22 15:22:36 -07:00
Kareem 7f218574c4 Ensure esd->signedAttribsCount contains the correct count in case some are skipped by using the current idx rather than the total array size.
Thanks to Zou Dikai for the report.
2026-04-22 15:22:36 -07:00
JacobBarthelmeh b5738236d9 Merge pull request #10187 from embhorn/zd21587
Fixes in TLS ECH, handle empty records, and ASN len check
2026-04-22 14:44:15 -06:00
JacobBarthelmeh bc4bec63fc Merge pull request #10094 from sebastian-carpenter/GH-10068
Fixes: for GH #10068
2026-04-22 14:24:25 -06:00
Paul Adelsbach ea6af18bc1 Set hashType in ports 2026-04-22 13:17:28 -07:00
jordan 6aa3cd653e wc_port: guard stddef header include. 2026-04-22 15:16:19 -05:00
David Garske e05ce26fc9 wolfCrypt SRAM PUF Support
Add SRAM PUF (Physically Unclonable Function) support to wolfCrypt. Derives device-unique cryptographic keys from the power-on state of SRAM memory using a BCH(127,64,t=10) fuzzy extractor with HKDF key derivation.

- **wolfCrypt PUF API** (`wolfcrypt/src/puf.c`, `wolfssl/wolfcrypt/puf.h`)
  - `wc_PufInit`, `wc_PufReadSram`, `wc_PufEnroll`, `wc_PufReconstruct`
  - `wc_PufDeriveKey` (HKDF-SHA256), `wc_PufGetIdentity` (SHA-256 device fingerprint)
  - `wc_PufZeroize` (secure context cleanup)
  - `wc_PufSetTestData` (synthetic SRAM for testing without hardware)
- **BCH(127,64,t=10) error-correcting codec** - corrects up to 10 bit flips per 127-bit codeword across 16 codewords
- **`WC_PUF_SHA3` build option** - select SHA3-256 instead of SHA-256 for identity hash and HKDF (default: SHA-256)
- **Precomputed GF(2^7) tables** - `const` arrays in `.rodata` (no runtime init, thread-safe, flash-resident on embedded)
- `./configure --enable-puf` (auto-enables HKDF dependency)
- CMake: `WOLFSSL_PUF=yes`
- `WOLFSSL_USER_SETTINGS`: define `WOLFSSL_PUF` and `WOLFSSL_PUF_SRAM`
- See wolfssl-examples/puf for example implementation on STM32 NUCLEO-H563ZI (Cortex-M33, STM32H563ZI)
- Supports test mode (synthetic SRAM)
- Builds to ~13KB `.elf`
- Tested on NUCLEO-H563ZI: enrollment, noisy reconstruction, key derivation all pass
- `.github/workflows/puf.yml`: host build + test workflow for PUF feature
- Doxygen API docs for all 8 public functions
- PUF group added to `doxygen_groups.h`
2026-04-22 11:39:39 -07:00
Josh Holtrop 9c506896c6 Rust wrapper: add doc comment for MAX_E_LEN 2026-04-22 00:23:02 -04:00
Josh Holtrop d5957e6247 Rust wrapper: tweak wc_RsaFlattenPublicKey error message in RSA SigningKey::verifying_key() 2026-04-22 00:19:59 -04:00
JacobBarthelmeh c098e53948 Merge pull request #10247 from julek-wolfssl/fenrir/20260417
Fenrir fixes
2026-04-21 16:26:38 -06:00
JacobBarthelmeh c6f8e845ee Merge pull request #10267 from holtrop-wolfssl/rust-chacha20_poly1305-oneshot-buffer-length-check
Rust wrapper: add buffer size checks in Rust wrapper for ChaCha20_Poly1305 one-shot encrypt/decrypt wrappers
2026-04-21 16:19:29 -06:00
JacobBarthelmeh 98cd7fe404 Merge pull request #10265 from ejohnstown/qnx-fix
Tasking Warning
2026-04-21 16:18:38 -06:00
Roy Carter 6353ad3683 Feat: support openssl compatibility layer functionality for libevent integration
Cosmetic: remove empty whitespace
2026-04-21 19:05:26 +03:00
S-P Chan 0dbb6d28ef Update RPM spec for changes in examples and cmake
- copy wolfssl/options to -devel package
2026-04-21 13:45:47 +08:00
Andrew Hutchings ddacd6b822 Move SE050 simulator under wolfSSL
The simulator is now in the simulators repo instead of LinuxJedi's
private repo.
2026-04-21 06:31:42 +01:00
Mattia Moffa 389d15fa45 Fix compile error 2026-04-21 03:30:39 +02:00
Mattia Moffa 6f37b17757 Address Copilot suggestions 2026-04-21 02:56:36 +02:00
Mattia Moffa c3e5f19643 Address Copilot suggestions 2026-04-21 02:35:57 +02:00
Sean Parkinson 353a379bd7 Merge pull request #10262 from douzzer/20260420-test-fixes
20260420-test-fixes
2026-04-21 10:23:46 +10:00
Sean Parkinson 967780f1b7 Merge pull request #10239 from gasbytes/crl-idp-extension-fix
reject crls with unrecognized critical extensions
2026-04-21 10:21:31 +10:00
Eric Blankenhorn 2dc007678d Fix latent test issue found with the PR 2026-04-20 19:06:40 -05:00
JacobBarthelmeh ad8b6dbc32 Merge pull request #10217 from ColtonWilley/null-checks-evp-ocsp-x509
Fix NULL derefs, buffer overflow, and i2d contract in EVP/OCSP/X509
2026-04-20 17:27:19 -06:00
Sean Parkinson a0bfcbba54 Merge pull request #10245 from Frauschi/small_stack
Make sure large buffers are on the heap with SMALL_STACK
2026-04-21 08:47:59 +10:00
Daniel Pouzzner 956f057e73 scripts/pem.test: correctly compute and use SRC_DIR, and fix whitespace. 2026-04-20 17:42:29 -05:00
Daniel Pouzzner 7e67274ebe scripts/pem.test: add more missing feature sensing and conditions. 2026-04-20 15:24:28 -05:00
Colton Willey c950a6aa46 zephyr: changes needed for Zephyr 4.3 default TLS support
Follow-up to #7731 ("Changes needed for default TLS support in zephyr
kernel"). Zephyr 4.3's TLS socket integration uses three additional
wolfSSL features that were not needed by the 3.7 integration, plus an
extension to the native_sim time-source gates introduced in #7731.

native_sim timer gates (src/internal.c, wolfcrypt/src/wc_port.c):
  Extend the !CONFIG_BOARD_NATIVE_POSIX gate in LowResTimer() and the
  CONFIG_BOARD_NATIVE_POSIX RTC path in z_time() to also cover
  CONFIG_BOARD_NATIVE_SIM. Zephyr 4.3 renamed the simulator board from
  native_posix to native_sim; without this, k_cpu_idle() on native_sim
  advances simulated time during DTLS retransmit loops and the RTC path
  falls through to uptime-since-boot. Behavior on native_posix is
  unchanged.

New Kconfig options (zephyr/Kconfig, zephyr/user_settings.h):
  CONFIG_WOLFSSL_SESSION_EXPORT   -> HAVE_EXT_CACHE
    Required by consumers that serialize TLS session state across
    connections via wolfSSL_i2d_SSL_SESSION / wolfSSL_d2i_SSL_SESSION.
  CONFIG_WOLFSSL_KEEP_PEER_CERT   -> KEEP_PEER_CERT
    Retain the peer certificate after handshake so the application
    layer can inspect it via wolfSSL_get_peer_certificate.
  CONFIG_WOLFSSL_ALWAYS_VERIFY_CB -> WOLFSSL_ALWAYS_VERIFY_CB
    Invoke an application-set verify callback on successful chain
    validation in addition to validation failures.

All three are default-off; customers opt in the same way they do for
the existing CONFIG_WOLFSSL_DTLS / ALPN / PSK feature options.

.wolfssl_known_macro_extras: register HAVE_EXT_CACHE.
2026-04-20 12:29:26 -07:00
Daniel Pouzzner eff2fcd513 scripts/pem.test: refactor to eliminate dependence on bash [[ -v foo ]] construct. 2026-04-20 13:49:53 -05:00
Josh Holtrop a2b1f580c6 Rust wrapper: add buffer size checks in Rust wrapper for ChaCha20_Poly1305 one-shot encrypt/decrypt wrappers 2026-04-20 13:58:36 -04:00
Daniel Pouzzner 8b6739296c examples/pem/pem.c: don't wolfCrypt_Cleanup() unless wolfcrypt_inited;
scripts/pem.test:
* add setup for WOLFSSL_NO_DER_TO_PEM,
* exit early with skip code if executable dependencies are missing or WOLFSSL_NO_PEM or NO_CODING, and
* add clean skip clauses to convert_to_pem(), compare_pem(), and pem_der_exp(), if WOLFSSL_NO_DER_TO_PEM.
2026-04-20 12:47:36 -05:00
Jeremiah Mackey d5312ba350 wc_MakeDsaKey: match tmpQ alloc and free 2026-04-20 17:20:54 +00:00
Jeremiah Mackey 9c1b8cf4f1 wc_rng_bank_init: fall through on size error 2026-04-20 17:20:54 +00:00
Jeremiah Mackey c417a1ce1e zero sensitive state before free 2026-04-20 17:20:54 +00:00
Jeremiah Mackey 4a103a1b4e AES: tighten AEAD input validation 2026-04-20 17:20:54 +00:00