Commit Graph

2031 Commits

Author SHA1 Message Date
kaleb-himes 08fd7bde58 PQ FIPS v7.0.0 Phase 2 & 3: All changes
Implement peer review feedback
2026-04-24 06:52:49 -06:00
JacobBarthelmeh 72c7d12cfb exclude the trust anchor from prospective certification path with pathlen check 2026-04-23 16:23:07 -06:00
JacobBarthelmeh b5738236d9 Merge pull request #10187 from embhorn/zd21587
Fixes in TLS ECH, handle empty records, and ASN len check
2026-04-22 14:44:15 -06:00
Sean Parkinson 967780f1b7 Merge pull request #10239 from gasbytes/crl-idp-extension-fix
reject crls with unrecognized critical extensions
2026-04-21 10:21:31 +10:00
Sean Parkinson fa9f24ff27 Merge pull request #10223 from rlm2002/zd21611
CN constraints fix
2026-04-19 21:28:29 +10:00
Reda Chouk 857141da35 reject crls with unrecognized critical extensions per rfc 5280 section 5.2 2026-04-17 19:36:55 +02:00
Sean Parkinson 318cd62d44 Merge pull request #10231 from JeremiahM37/fenrir-issues-3
Fix PEM input validation and zeroize sensitive key buffers
2026-04-17 10:44:55 +10:00
Sean Parkinson d2175f3b42 Merge pull request #10222 from embhorn/zd21597
Report cert verify failure with MD5
2026-04-16 08:45:15 +10:00
Jeremiah Mackey bdebcfc5a0 reject negative pemSz in PEM-to-DER APIs 2026-04-15 16:46:32 +00:00
night1rider a99a72029c narrow ecc_size/sig_size guards to SETKEY||EXPORT_KEY, update _WC_PK_TYPE_MAX, const-qualify export_key.obj, call _ecc_import_x963_ex2 directly, fix GetSetKeyTypeStr, fix NULL deref in wc_RsaPrivateKeyDecode with WOLF_CRYPTO_CB_FIND, add FIND CI config. 2026-04-14 16:21:50 -06:00
night1rider bf1013bfd4 Address feedback from Fenrir 2026-04-14 16:21:50 -06:00
night1rider 1295f4fe0e Add WOLF_CRYPTO_CB_SETKEY and WOLF_CRYPTO_CB_EXPORT_KEY crypto callback
utilities for generic SetKey and ExportKey operations on HMAC, RSA, ECC,
  and AES. Add wc_ecc_size/wc_ecc_sig_size callback hooks for hardware-only
  keys. Integrate into configure.ac as --enable-cryptocbutils=setkey,export
  options with CI test configurations in os-check.yml.

  Add test handlers in test.c and api.c with export/import delegation
  pattern, small-stack-safe allocations, custom curve support, and
  DEBUG_CRYPTOCB helpers.
2026-04-14 16:21:50 -06:00
Ruby Martin e7b7fddacb Apply DNS constraints to subject CN when SAN is not available. 2026-04-14 14:47:48 -06:00
Eric Blankenhorn 4a13896b2e Report cert verify failure with MD5 2026-04-14 12:31:01 -05:00
Eric Blankenhorn 8f73ae460d Fix TLSX_Parse to check dup ECH 2026-04-14 07:37:21 -05:00
David Garske a143369522 Merge pull request #10138 from padelsbach/cobalt-fixes-2026-04-06
Use size_t in wolfSSL_strnstr and reject negative indices in mp_get_digit
2026-04-13 12:37:59 -07:00
David Garske 3d4e929869 Merge pull request #10173 from SparkiDev/init_cert_sha1
Initialize certificate: default to SHA-1 when necessary
2026-04-12 14:46:53 -07:00
Paul Adelsbach 6f7e5d030b Use size_t in wolfSSL_strnstr and reject negative indices in mp_get_digit 2026-04-10 10:48:17 -07:00
Sean Parkinson ecd925f10e Initialize certificate: default to SHA-1 when necessary
Make SHA-1 with RSA signature type the last option.
SHA-1 signatures are deprecated as weak.
2026-04-10 07:58:37 +10:00
Juliusz Sosinowicz 8d54e2213f Guard OCSP signature params with WC_RSA_PSS ifdef
OCSPBASICRESPASN_IDX_SIGNATURE_PARAMS is only defined when WC_RSA_PSS
is enabled but was used unconditionally in EncodeBasicOcspResponse,
causing a build error when WC_RSA_PSS is not defined.
2026-04-07 17:30:30 +02:00
Daniel Pouzzner abce5be989 wolfcrypt: add additional enforcement of correct digest sizes in signature gen and verify ops:
* add WC_FIPS_186_4, WC_FIPS_186_4_PLUS, WC_FIPS_186_5, and WC_FIPS_186_5_PLUS feature macros.
* add support for WC_HASH_CUSTOM_MIN_DIGEST_SIZE, WC_HASH_CUSTOM_MAX_DIGEST_SIZE, and
  WC_HASH_CUSTOM_MAX_BLOCK_SIZE, for use with custom digest algorithms.
* add SigOidMatchesKeyOid() helper function and WC_MIN_DIGEST_SIZE macro.
* add additional size and OID agreement checks for sig gen and verify ops.
* update ecc_test_vector() with FIPS 186-5 vectors.

Co-authored-by: Tobias Frauenschläger <tobias@wolfssl.com>
2026-04-06 00:53:57 -05:00
Daniel Pouzzner 7a6e37d697 Merge pull request #10064 from julek-wolfssl/master
Fixes for wolfclu
2026-04-02 22:54:10 -05:00
Daniel Pouzzner 24f9981877 Merge pull request #10120 from douzzer/20260331-wolfcrypt-Wcast-qual
20260331-wolfcrypt-Wcast-qual

approved by @padelsbach
2026-04-02 00:25:13 -05:00
Daniel Pouzzner 21c6568883 Fixes for -Wcast-qual hygiene in wolfCrypt.
.github/workflows/wolfCrypt-Wconversion.yml: Add -Wcast-qual to all scenarios.

wolfssl/wolfcrypt/signature.h, wolfcrypt/src/signature.c, doc/dox_comments/header_files/signature.h:

  Remove incorrect const qualifier on the key argument in

  * wc_SignatureVerifyHash()
  * wc_SignatureVerify()
  * wc_SignatureGenerateHash()
  * wc_SignatureGenerateHash_ex()
  * wc_SignatureGenerate()
  * wc_SignatureGenerate_ex()

  This fixes UB code patterns throughout signature.c.  key is inherently
  accessed readwrite by the underlying low level crypto.  Fortunately, wolfCrypt
  has no APIs/methods to allow actual const MPI key objects, therefore these
  seeming breaking API changes can't actually break any users.

globally:

  * Add const qualifiers to all struct pointer members that are assigned values
    computed from const pointers.

  * Add const qualifiers to intermediate casts for accessors and read-only
    dereference constructs, as needed for -Wcast-qual hygiene, e.g. for a macro
    GET_U16(a), use (*(const word16*)(a)) rather than (*(word16*)(a)).

  * Add const qualifiers to internal declarations, and remove illegal casts, as
    needed for -Wcast-qual hygiene.

  * Add missing const qualifiers to all casts for argument, operand, and
    assignment type agreement, as needed for -Wcast-qual hygiene, e.g.
    "*data = (const byte*)dataASN->data.ref.data" rather than
    "*data = (byte*)dataASN->data.ref.data".

wolfssl/wolfcrypt/asn.h, wolfssl/wolfcrypt/asn_public.h, wolfcrypt/src/asn.c, wolfcrypt/src/asn_orig.c:

  * Add additional lifecycle management for object members that are only sometimes locally allocated:

    DNS_entry.nameStored
    DNS_entry.ipStringStored
    DNS_entry.ridStringStored

wolfssl/wolfcrypt/types.h: add WC_BARRIER() macro -- a portable construct that
   prevents compiler optimizers from reordering operations across the barrier.

wolfssl/wolfcrypt/blake2-impl.h, wolfcrypt/src/blake2s.c, wolfcrypt/src/blake2b.c:

  * In blake2b_init(), blake2b_init_key(), blake2s_init(), and
    blake2s_init_key(), refactor blake2b_param initialization using WC_BARRIER()
    (fixes volatile abuse that triggered -Wcast-qual).

  * Remove the residual and unused WOLFSSL_BLAKE2[BS]_INIT_EACH_FIELD code.

wolfcrypt/src/ecc.c and wolfssl/wolfcrypt/ecc.h:

  Remove incorrect const qualifier on curve arg to wc_ecc_free_curve() (internal function).
2026-04-01 14:12:02 -05:00
Paul Adelsbach 2d8e853c74 Fix compile issue with --enable-crl and --disable-ecc 2026-04-01 10:10:35 -07:00
Juliusz Sosinowicz ed5eac1c7d wc_EncryptedInfoGet: add AES-CTR support 2026-04-01 14:00:27 +02:00
Daniel Pouzzner 1a3daf0148 Merge pull request #10087 from padelsbach/crl-num-negative
Reject negative CRL numbers when decoding
2026-03-30 22:58:34 -05:00
Daniel Pouzzner 8e54eb9364 Merge pull request #10048 from anhu/constraints
Enforce URI name constraints in ConfirmNameConstraints
2026-03-30 22:51:52 -05:00
Paul Adelsbach 18494e154f Reject negative CRL numbers when decoding 2026-03-30 16:09:32 -07:00
Daniel Pouzzner df055976ed Merge pull request #10079 from rlm2002/ghi10063
Various GI and ZD fixes
2026-03-30 11:34:05 -05:00
Daniel Pouzzner 76a498f7ea wolfcrypt/src/asn.c: fix invalid-pointer-pair "wild pointer" in CheckCertSignature_ex(). 2026-03-27 17:07:53 -05:00
Daniel Pouzzner e3d4d220c3 src/conf.c, src/ssl.c, wolfcrypt/src/asn.c, wolfssl/wolfcrypt/asn.h: fixes for invalid-pointer-pair memory errors reported by clang sanitizer with detect_invalid_pointer_pairs=2 in ASAN_OPTIONS. 2026-03-27 16:40:05 -05:00
Daniel Pouzzner 53f3ce635e wolfcrypt/src/asn.c: fix flub in wc_EccPublicKeyDecode() -- restore FREE_ASNGETDATA(dataASN, key->heap). 2026-03-26 16:54:19 -05:00
Daniel Pouzzner 292ea549cc wolfcrypt/src/asn.c: fixes for invalid memory access in wc_DsaPublicKeyDecode() and wc_EccPublicKeyDecode(), detected by cppcheck-force-source, lms-xmss-wolfssl-all-clang-sanitizer, and sanitizer-clang-all-noasm. 2026-03-26 16:07:37 -05:00
Ruby Martin 75e6406cd3 upper bounds check for DSA signature 2026-03-26 11:28:36 -06:00
Ruby Martin d4b25d0ebc guard against heap buffer overflow 2026-03-26 11:28:36 -06:00
David Garske cf6c1722ae Merge pull request #10027 from embhorn/zd21394
Remove FIPS guards in GetASN_BitString length check
2026-03-24 14:06:40 -07:00
David Garske 3cf4aeab5c Merge pull request #10025 from embhorn/zd21392
Fix DecodeObjectId unknown ext parse
2026-03-24 09:17:10 -07:00
David Garske 03beeae44e Merge pull request #10033 from embhorn/gh10028
Fix FillSigner to clear pubkeystored
2026-03-24 09:15:05 -07:00
Eric Blankenhorn 1d1d8ff41e Fix OCSP tests to use Alloc/FreeDer 2026-03-24 07:41:40 -05:00
Eric Blankenhorn 3a6ccc13a1 Fix FillSigner to clear pubkeystored 2026-03-24 07:05:43 -05:00
David Garske 8cd9af3036 Peer review fixes 2026-03-23 15:27:47 -07:00
David Garske 99c089411c Fix memory leak after refactor 2026-03-23 15:27:47 -07:00
David Garske 44af0ab3c5 Group forward declarations by guard context
Forward declarations in asn.c and asn_orig.c now use guard transitions
(same mechanism as the function bodies) so consecutive declarations with
the same feature guard are grouped in a single #ifdef/#endif block rather
than each having its own open/close pair.

Also removed the now-redundant _find_func_outer_guards calls from
_emit_split_body_orig; outer feature guard context is emitted at the
generate_asn_orig loop level, not inside the per-block emitters.

Both modes still build and pass tests (5 PASS, 0 FAIL each).
2026-03-23 15:27:47 -07:00
David Garske 653aac2cd3 Fix guard context for forward declarations in asn split
Three fixes for guard-context correctness in the ASN.1 code split:

1. Strip WOLFSSL_ASN_ORIG_INCLUDED from forward declaration wrappers.
   The file-guard was being applied to fwd decls in asn.c, but at the
   fwd-decl site that macro is not yet defined, so #ifndef ... #else
   inverted the condition and hid all declarations.

2. Add outer feature guard tracking. Large feature sections (HAVE_OCSP,
   HAVE_CRL, WOLFSSL_CERT_GEN, etc.) that span many functions in asn.c
   are now tracked and re-emitted around the corresponding blocks in
   asn_orig.c, fixing 'unknown type name' errors in minimal builds.

3. Collect multi-line #if continuations in the outer guard map so that
   full guard conditions (e.g. #if !defined(NO_RSA) && \ continued
   across lines) are stored and compared as complete strings, preventing
   duplicate guard emission.

Both modes build and pass tests (5 PASS, 0 FAIL each):
  ./configure --enable-asn=original && make check
  ./configure && make check
2026-03-23 15:27:47 -07:00
David Garske 6b1f5ddb92 Split original ASN.1 code from asn.c into asn_orig.c
Move non-template (WOLFSSL_ASN_ORIGINAL) code into asn_orig.c and include from asn.c.
2026-03-23 15:27:47 -07:00
Anthony Hu ce74def877 Enforce URI name constraints in ConfirmNameConstraints 2026-03-23 14:00:39 -04:00
Daniel Pouzzner 6cd001800c Merge pull request #10022 from dgarske/nb_leak
Fix to make sure a double free cannot occur with non-blocking async
2026-03-23 12:21:26 -05:00
Eric Blankenhorn 1a5090a582 Rebase conflicts 2026-03-20 16:16:21 -05:00
Eric Blankenhorn 42bbaa1869 Fix DecodeObjectId unknown ext parse 2026-03-20 09:30:09 -05:00