Commit Graph

149 Commits

Author SHA1 Message Date
Josh Holtrop 93db87e4ed Rust wrapper: remove outdated set_rng safety contract comments 2026-05-18 12:27:45 -07:00
Josh Holtrop 5a45fabb0d Rust wrapper: add blake2_digest module 2026-05-18 12:27:45 -07:00
Josh Holtrop cfc600977a Rust wrapper: add blake2_mac module 2026-05-18 12:27:45 -07:00
Josh Holtrop d88d5702e5 Rust wrapper: implement Clone for HMAC types 2026-05-18 12:27:45 -07:00
Josh Holtrop b3aa7ef260 Rust wrapper: add Aes192Ccm and Aes192Gcm 2026-05-18 12:27:45 -07:00
Josh Holtrop 4ed0a0a90d Rust wrapper: store pointer to C ECC key struct instead of instance
This fixes internal pointers breaking if Rust moves the ECC struct (with
some build configurations).
2026-05-18 12:27:45 -07:00
Josh Holtrop 54cb1d8d38 Rust wrapper: ensure memory safety for C RNG struct
- store pointer to WC_RNG instead of full struct
- enforce RNG is not dropped before consumer structs

The C library stores a pointer via the set_rng() methods on a few
structs (e.g. RSA). This change holds a reference (or instance) of RNG
within the consumer structs to ensure it is kept alive if set_rng (or
now set_shared_rng) is used.
2026-05-18 12:27:44 -07:00
Sean Parkinson 69027c2445 LMS: fixes and improvements
Remove WC_LMS_PARM_NONE as it serves no purpose.
Change sig_len from a 16-bit value to a 32-bit value in the parameters.
Added wc_LmsKey_SetParameters_ex() and wc_LmsKey_GetParameters_ex() to
handle hash algorithm.
Change mass ForceZeros to smaller amounts with XMEMSET and setting to
NULL or default valus.
Allow signing of empty message.
Other minor fixes.

Fix API tests to work when WOLFSSL_LMS_MAX_HEIGHT/WOLFSSL_LMS_MAX_LEVELS
are/is defined.
2026-05-11 16:18:12 +10:00
David Garske 63bda771fe Merge pull request #10305 from holtrop-wolfssl/rust-crate-updates
Rust wrapper: add password-hash, kem, mac traits; fix a few Fenrir findings
2026-05-05 12:05:29 -07:00
Tobias Frauenschläger 7a2cf5b655 Remove liboqs for ML-KEM and ML-DSA, update for Falcon 2026-04-30 11:03:06 +02:00
Josh Holtrop b38d7bf630 Rust wrapper: guard sha384 pbkdf2 unit test 2026-04-28 13:49:16 -04:00
Josh Holtrop 1e35f94f04 Rust wrapper: guard a couple unit tests that require sha512 2026-04-28 11:08:09 -04:00
Josh Holtrop 81435c8a01 Rust wrapper: restrict RNG generic type parameters to be integers
Fixes F-3350
2026-04-28 11:08:09 -04:00
Josh Holtrop 6bb8f8f5cd Rust wrapper: address Copilot review comments 2026-04-28 11:08:09 -04:00
Josh Holtrop ca3c779182 Rust wrapper: use consistent rc check in ECC::shared_secret
Fixes F-2676
2026-04-28 11:08:09 -04:00
Josh Holtrop cf199c9ab8 Rust wrapper: replace Lms::sigs_left() with Lms::has_sigs_left()
Fixes F-3094
2026-04-28 11:08:08 -04:00
Josh Holtrop 135110232f Rust wrapper: make ECC::verify_hash C result check more strict
Fixes F-1989
2026-04-28 11:08:08 -04:00
Josh Holtrop 40bc5d09f7 Rust wrapper: remove return value from MlKem::encode_{public,private}_key()
Fixes F-3093
2026-04-28 11:08:08 -04:00
Josh Holtrop 0cddbb25b2 Rust wrapper: check for NUL-terminated slice in ECC::rs_hex_to_sig
Fixes F-3092
2026-04-28 11:08:08 -04:00
Josh Holtrop 79358fea80 Rust wrapper: add mac feature and implement digest/mac traits 2026-04-28 11:08:08 -04:00
Josh Holtrop 84f8b5fa13 Rust wrapper: implement kem traits 2026-04-28 11:08:08 -04:00
Josh Holtrop c08c16ee8f Rust wrapper: implement password-hash traits 2026-04-28 11:08:08 -04:00
JacobBarthelmeh 1da353b516 Merge pull request #10248 from holtrop-wolfssl/rust-digest-signature
Rust wrapper: add digest and signature crate trait implementations
2026-04-24 11:15:40 -06:00
Josh Holtrop 9c506896c6 Rust wrapper: add doc comment for MAX_E_LEN 2026-04-22 00:23:02 -04:00
Josh Holtrop d5957e6247 Rust wrapper: tweak wc_RsaFlattenPublicKey error message in RSA SigningKey::verifying_key() 2026-04-22 00:19:59 -04:00
Josh Holtrop a2b1f580c6 Rust wrapper: add buffer size checks in Rust wrapper for ChaCha20_Poly1305 one-shot encrypt/decrypt wrappers 2026-04-20 13:58:36 -04:00
Josh Holtrop e8ae1536af Mark sha_digest module public 2026-04-20 08:58:21 -04:00
Josh Holtrop fccced4935 Rust wrapper: verify RSA lengths in verifying_key() 2026-04-20 08:57:41 -04:00
Josh Holtrop 3ca90b1904 Rust wrapper: add signature implementations 2026-04-17 15:52:07 -04:00
Josh Holtrop 7f33de0882 Rust wrapper: add digest implementations 2026-04-17 15:52:07 -04:00
Josh Holtrop 4f31ff95f7 Rust wrapper: require fixed length index buffers for SRTP/SRTCP 2026-04-15 11:36:02 -04:00
Josh Holtrop 4fb4b3c0c8 Rust wrapper: test BLAKE2 finalize() returns error for empty output buffer 2026-04-14 20:50:08 -04:00
Josh Holtrop ca362a4e8f Rust wrapper: also check usize to u32 conversions for digest_size 2026-04-14 20:50:08 -04:00
Josh Holtrop e1a01926bc Rust wrapper: check length returned by Lms.get_kid() in unit test 2026-04-14 20:50:08 -04:00
Josh Holtrop 15ac0718a3 Rust wrapper: make zeroize functions private 2026-04-14 20:50:08 -04:00
Josh Holtrop 2f94121078 Rust wrapper: require caller supplied buffer for Lms.get_kid()
Fixes F-1073.
2026-04-14 20:50:08 -04:00
Josh Holtrop 10fbc95241 Rust wrapper: add comment to MlKem about not implementing Send/Sync
Fixes F-1072.
2026-04-14 20:50:08 -04:00
Josh Holtrop 85ad08a50a Rust wrapper: avoid as_ptr() to *mut u8 casts
Fixes F-1065.
2026-04-14 20:50:08 -04:00
Josh Holtrop 884b882afe Rust wrapper: remove generic types for AES buffers
Fixes F-1071.
This is an API-breaking change, so will lead to a new crate major
version.
2026-04-14 20:50:08 -04:00
Josh Holtrop db1aab959c Rust wrapper: zeroize structs on drop 2026-04-14 20:50:08 -04:00
Josh Holtrop f1a041a216 Rust wrapper: add zeroizing Drop impl for ChaCha20Poly1305
Fix F-1069
2026-04-14 20:50:08 -04:00
Josh Holtrop 2c981d67e6 Rust wrapper: check all buffer lengths when converting to u32/i32
Fix F-1068
2026-04-14 20:50:08 -04:00
Josh Holtrop f00636919e Rust wrapper: check kdr_index range in srtp_kdf() and srtcp_kdf()
Fix F-1257
2026-04-14 20:50:08 -04:00
Josh Holtrop 5c10fe9a58 Rust wrapper: BLAKE2: check for non-empty hash buffer in finalize()
This is related to F-1070 but not the same. We do not need to check
that hash_size being passed in matches the initialized digest size
because the C function will use the passed-in size as long as it is
non-zero.
2026-04-14 20:50:08 -04:00
Josh Holtrop 56c20aeda0 Rust wrapper: dilithium: remove unnecessary size define presence checks
Fix F-1256
2026-04-14 20:50:08 -04:00
Josh Holtrop 5959aa2b58 Rust wrapper: ed448: add check for context buffers too long
Fix F-1064
2026-04-14 20:50:08 -04:00
Josh Holtrop 4f42ba9aa7 Rust wrapper: ed25519: add check for context buffers too long
Fix F-1063
2026-04-14 20:50:08 -04:00
Josh Holtrop 337dfc323e Rust wrapper: avoid uninitialized sys::XtsAesStreamData
Fix F-1066
2026-04-14 20:50:08 -04:00
Josh Holtrop 9843f0365a Rust wrapper: avoid creating a MaybeUninit<RNG>
Fix F-1067
2026-04-14 20:50:08 -04:00
Josh Holtrop a8fa845fa9 Rust wrapper: ecc: fix possible resource leak in some error cases
Fix F-1062.

If wolfSSL returns an error after initializing ECC struct with
wc_ecc_init_ex(), wc_ecc_free() might not have been called in all cases.

Move construction of the ECC struct earlier ahead of further wolfSSL
calls after wc_ecc_init_ex() so if those subsequent wolfSSL calls return
an error the Drop impl for ECC will be called to deinitialize.
2026-04-14 20:50:07 -04:00