Commit Graph

11717 Commits

Author SHA1 Message Date
jordan c78fb5f41b dh: fix subgroup check in wc_DhAgree. 2026-06-10 01:28:12 -05:00
jordan 2648a84f46 hmac: appease multi-test for unused ret value. 2026-06-10 01:11:35 -05:00
Ruby Martin b167c2687e verify i >= 0 before continuing loop. clears coverity false positive 2026-06-09 15:40:16 -06:00
Ruby Martin 1786cebf8c add negative value check after wc_HashGetDigestSize 2026-06-09 15:40:16 -06:00
Ruby Martin 6bfb53f084 Add pubKeySize check for SM3-with-SM2 2026-06-09 14:45:26 -06:00
Thomas Cook 4114712571 Fix new copilot findings 2026-06-09 14:09:07 -04:00
David Garske 52681591fe Merge pull request #10640 from douzzer/20260608-atomic-fixes
20260608-atomic-fixes
2026-06-09 10:41:01 -07:00
jordan f063721fac dsa: check that key was created before export. 2026-06-09 12:27:08 -05:00
jordan 8b8603c702 pwdbased: add missing force zero. 2026-06-09 11:20:28 -05:00
jordan 04e57d7fd7 evp: fix dangling pkey pointer. 2026-06-09 10:51:58 -05:00
jordan 132079d2a1 hmac: err on update if key not set. 2026-06-09 10:02:51 -05:00
Thomas Cook edda2d3a47 Address pr comments, skoll, etc. 2026-06-09 04:33:23 -04:00
Colton Willey 1cdf37f321 Address review feedback on chain-depth and parser hardening
- ProcessUserChain: enforce MAX_CHAIN_DEPTH after a cert is parsed, so a
  full-depth chain followed by trailing data still loads instead of failing
  with MAX_CHAIN_ERROR.
- SendCertificateStatus: error on an over-long OCSP chain instead of silently
  truncating the stapled response; keep the chainOcspRequest[] index bound.
- wc_PKCS7_DecodeAuthEnvelopedData: bounds-check the authTag tag read under
  NO_PKCS7_STREAM.
- Tests: chain-depth test now pins the boundary (exactly MAX_CHAIN_DEPTH loads,
  one more rejected).
2026-06-08 17:27:26 -07:00
David Garske bbace5a1cc Merge pull request #10494 from LinuxJedi/STM32MP13-SHAKE
Fix SHAKE with STM32MP13 and add simulator
2026-06-08 15:45:30 -07:00
David Garske e2d3b63139 Merge pull request #10207 from ColtonWilley/d2i_pem_negative_length
Add signed-length validation to d2i, PEM, and buffer-load APIs
2026-06-08 15:42:00 -07:00
David Garske dbf72c4f00 Merge pull request #10601 from kareem-wolfssl/f3772
Fenrir fixes
2026-06-08 15:23:05 -07:00
Daniel Pouzzner 68144a81da fixes from AI review:
wolfcrypt/src/wc_port.c: fix several missed refactors to WC_ATOMIC_[U]INT_ARG.

wolfssl/wolfcrypt/wc_port.h:
* harmonize the return type of WOLFSSL_ATOMIC_STORE() (always void).
* fix MSVC WOLFSSL_ATOMIC_LOAD() and _STORE() with correct atomic semantics, and add gating on USE_WINDOWS_API.
2026-06-08 16:52:06 -05:00
David Garske da1de8a9fc Merge pull request #10472 from douzzer/20260512-wc_init_state
20260512-wc_init_state
2026-06-08 13:44:17 -07:00
Daniel Pouzzner 51bbb74b74 Merge pull request #10629 from yosuke-wolfssl/fix/f_4637
Fix the error handling on wc_PKCS7_DecodeAuthEnvelopedData
2026-06-08 15:20:36 -05:00
Daniel Pouzzner 1943a6f33a Merge pull request #10550 from rizlik/sha512_only
add support for WOLF_CRYPTO_CB_ONLY_SHA512
2026-06-08 15:20:08 -05:00
Kareem 8e268dee13 Avoid suppressing error from Cy_Crypto_Core_Sha_Finish in wc_Sha512_224Final.
Fixes F-4002.
2026-06-08 10:29:10 -07:00
Kareem b2d5cbf6f1 Reject auth tags below WOLFSSL_MIN_AUTH_TAG_SZ in the AES-EAX encrypt path. This matches AES-EAX decrypt behavior as well as other AES modes.
Fixes F-3759.
2026-06-08 10:29:10 -07:00
Kareem 00c84ced25 Confirm keys-params is not NULL before dereferencing in wc_XmssKey_GetPubLen.
Fixes F-3980.
2026-06-08 10:29:10 -07:00
Kareem 47bebc6441 Fix wc_tsip_MakeRsaKey ignoring errors and not freeing buffers in some error cases.
Fixes F-4005.
2026-06-08 10:29:09 -07:00
Kareem 8c4ad8d573 Confirm rng pointer is not NULL before dereferencing it in wc_rng_new_ex.
Fixes F-3979.
2026-06-08 10:29:09 -07:00
Kareem edf1439151 Properly set ret and error out when tsip_RsakeyImport fails.
Fixes F-3772.
2026-06-08 10:29:09 -07:00
Daniel Pouzzner a36ada8d53 wolfcrypt/src/wc_port.c and wolfssl/wolfcrypt/wc_port.h: add
* wc_local_InitUp()
* wc_local_InitUpDone()
* wc_local_InitDown()
* wc_local_InitDownDone()
* wc_init_state_t
* WC_DECLARE_INIT_STATE()
* WC_INIT_STATE_*
* union wc_init_state_bitfields
* WC_INIT_STATE_RAISE_BAD_STATE()
* WC_ATOMIC_INT_ARG and WC_ATOMIC_UINT_ARG, pivoting on WC_16BIT_CPU, used to assure operands to atomic operators are 32 bits, and that wc_init_state_t is 32 bits, even on 16 bit targets like Arduino.

fix&refactor thread safety mechanisms in wolfCrypt_Init() and wolfCrypt_Cleanup(), and fix a few preexisting error-handling flubs in wolfCrypt_Init().
2026-06-08 11:01:10 -05:00
Eric Blankenhorn 8eaebaa7e8 Fix from review 2026-06-08 09:48:16 -05:00
Eric Blankenhorn 9f7c536e23 Harden PKCS#7 FlattenEncodedAttribs 2026-06-08 09:26:29 -05:00
Yosuke Shimizu ef5c5f8ecb Fix the error handling on wc_PKCS7_DecodeAuthEnvelopedData 2026-06-08 10:11:42 +09:00
Daniel Pouzzner 8fca95ce65 Merge pull request #10532 from rlm2002/zd21800
Remove chain walk for OCSP responder
2026-06-05 16:27:00 -05:00
Daniel Pouzzner 3012154367 Merge pull request #10259 from sebastian-carpenter/tls-ech-keylog
TLS ECH keylogging
2026-06-05 16:22:11 -05:00
Daniel Pouzzner 7caa3b97a8 Merge pull request #10503 from kareem-wolfssl/zd21858
Fix potential mismatch in size between DECL_MP_INT_SIZE_DYN and NEW_MP_INT_SIZE, fix unused variable warning in random.c.
2026-06-05 16:20:55 -05:00
David Garske f9817cf996 Merge pull request #10431 from mattia-moffa/20260330-max32666-sha-bare-metal
MAX32666 bare-metal SHA accelerator
2026-06-05 13:03:00 -07:00
Daniel Pouzzner c99567c96d Merge pull request #10596 from SparkiDev/regression_fixes_24
Regression testing fixes
2026-06-05 13:37:56 -05:00
Thomas Cook 8945f2bde8 Address pr comments. 2026-06-05 12:55:18 -04:00
Daniel Pouzzner 4bf2d52780 Merge pull request #10571 from Frauschi/mlkem_rename
Migrate internal ML-KEM consumers to canonical wc_MlKemKey API
2026-06-05 11:00:44 -05:00
Daniel Pouzzner 727041b525 Merge pull request #10543 from anhu/zeroOnAuthFail
For chachapoly, force zero of output on auth fail
2026-06-05 10:55:05 -05:00
Sean Parkinson eeab53205a Merge pull request #10600 from douzzer/20260604-asm-and-linuxkm-fixes
20260604-asm-and-linuxkm-fixes
2026-06-05 20:55:43 +10:00
Daniel Pouzzner b8d8e918af Merge pull request #10597 from SparkiDev/sp_lazy_mutex_init_improv
SP gen: FP_ECC init mutex improvement
2026-06-04 22:38:06 -05:00
Hideki Miyazaki b06ced1166 Addressed Copilot comments 2026-06-05 12:20:09 +09:00
Sean Parkinson 0796519a99 More regression testing fixes
Leak fixes: free existing ssl->buffers.key before overwriting in SetSSL_CTX() (internal.c) and wolfSSL_set_SSL_CTX() (ssl.c)

UAF fix: wc_CheckRsaKey() — mp_memzero_check(tmp) moved before the free (rsa.c)

Build guards: #ifndef NO_ED25519/ED448_VERIFY around forged-sig test data (test_ed25519/ed448.c); guard equal()/cmov() for verify-only builds (ge_operations.c); guard unused pointers under WOLFSSL_MLDSA_SIGN_SMALL_MEM_PRECALC (wc_mldsa.c)

Test cleanups (test.c): fix UB from out-of-range enum in hash_test(), always free AES dec object, fix der buffer declaration under small-stack builds
2026-06-05 11:30:53 +10:00
Sean Parkinson ada6c5f95b SP gen: FP_ECC init mutex improvement
F-1379
Better handling of the lazy mutex initialization to use atomics where
available.

Improved atomic code when no system support:
 - add types
 - used types in functions

Add --no-ec to unit.test to not run wolfCrypt tests.
2026-06-05 10:58:44 +10:00
Daniel Pouzzner af119869d2 Merge pull request #10364 from MarkAtwood/fix/evp-cipher-iv-length-cfb-ofb
fix: EVP_CIPHER_iv_length returns 0 for AES-CFB128 and AES-OFB (ZD-21730)
2026-06-04 17:26:48 -05:00
Daniel Pouzzner b2e4bd1a11 Merge pull request #9987 from MarkAtwood/fix/evp-pkey-cmp-after-der-roundtrip
evp: fix EVP_PKEY_cmp for EC keys after DER deserialization
2026-06-04 17:19:46 -05:00
Daniel Pouzzner 6c4c03dc76 Merge pull request #10593 from miyazakh/f4429_EntropyGet
f4429 Add missing upper-bound validation in wc_Entropy_Get()
2026-06-04 17:09:36 -05:00
Daniel Pouzzner 50166aab36 wolfcrypt/src/port/ppc64/ppc64-aes-asm.S: use TOC-relative addressing consistently, and add ELFv2 global-entry prologues. 2026-06-04 16:28:08 -05:00
Mattia Moffa bd022d995a Update README so the #define can be grepped by CI 2026-06-04 23:11:53 +02:00
Daniel Pouzzner 99bf36bb61 wolfcrypt/src/port/arm/armv8-32-curve25519.S and wolfcrypt/src/port/arm/armv8-32-curve25519_c.c: fix MPI overflow in L_curve25519_inv_8, similar to fix in #10536 (efabd1844a). 2026-06-04 14:12:01 -05:00
Mattia Moffa 8404459918 Update README 2026-06-04 21:04:34 +02:00