Commit Graph

29626 Commits

Author SHA1 Message Date
Jeremiah Mackey 81b66c9cd8 harden SSL config defaults 2026-05-07 02:34:41 +00:00
Jeremiah Mackey b5cff8dcca harden TLS handshake validation 2026-05-07 02:34:41 +00:00
Jeremiah Mackey 3d489d1c10 tests 2026-05-07 02:33:58 +00:00
Jeremiah Mackey 4c76eae0aa zeroize DH private keys on free 2026-05-07 02:31:51 +00:00
Jeremiah Mackey 88664f7224 guard zero length in DES ncbc 2026-05-07 02:31:51 +00:00
Jeremiah Mackey 31c69bfdbc harden SSL config and session 2026-05-07 02:31:51 +00:00
Jeremiah Mackey a5670d7e49 harden TLS extension processing 2026-05-07 02:31:51 +00:00
Jeremiah Mackey 51072bbce9 tests: cover input validation fixes 2026-05-07 02:31:25 +00:00
Jeremiah Mackey a075a99729 evp: fix sm4-ctr debug message 2026-05-07 02:31:25 +00:00
Jeremiah Mackey 8667bd0f92 wolfcrypt: validate API input sizes 2026-05-07 02:31:25 +00:00
Jeremiah Mackey 90eb7253b6 wolfcrypt: zero sensitive buffers 2026-05-07 02:31:25 +00:00
Jeremiah Mackey a454248791 eddsa: zero orig_k after sign 2026-05-07 02:31:25 +00:00
Jeremiah Mackey 6711389e3b pkcs7: zero plaintext before free 2026-05-07 02:31:25 +00:00
Jeremiah Mackey a2aa3691f0 srp: harden secret intermediates 2026-05-07 02:31:25 +00:00
Paul Adelsbach 7f5138fb9a More review feedback: pass hash to LMS export, and drop len check in XMSS verify 2026-05-06 17:46:42 -07:00
Sean Parkinson 55d7ed8d0e ML-DSA fixes: small vfy key object, small SHA-3, fix test
Only have the public key in the ML-DSA key object when verify-only.
Be able to leave out SHA-3 APIs when only needing SHAKE.
Fix ML-DSA testing to only have data for compiled in parameters.
2026-05-07 10:03:41 +10:00
Daniel Pouzzner b6de2d3cbc src/ssl.c: in wolfSSL_check_domain_name(), call wolfssl_local_IsValidFQDN() to validate the argument, with allowance for "localhost".
scripts/crl-revoked.test: improve "Workaround to not pollute the certs folder" (don't copy whole source tree, and don't copy file contents).
2026-05-06 18:29:27 -05:00
Sean Parkinson 15398c26d0 ML-KEM: fix comments, API signatures, minor issues
More checks for public or private key not set.
wc_MlKemKey_Free clears key->flags
wc_MlKemKey_DecodePrivateKey now checks the public key is valid.
wc_MlKemKey_EncodePrivateKey doesn't need calculate hash of public key
as encoding the public key will do this.
EncodePrivateKey/EncodePublicKey now return BAD_STATE_E when flags not
set.
mlkem_kdf, mlkem_check_public, mlkem_xof_absorb pointer parameters are
now const.
Now all mlkem_redistribute_*_rand_avx2 functions are WOLFSSL_LOCAL.
Changed Kyber uses to MlKem.
2026-05-07 08:17:27 +10:00
Kareem 3f1c6bdac8 Code review feedback. 2026-05-06 15:13:48 -07:00
Kareem d1b6ddca75 Properly handle fallback cipher type case in wc_Pkcs11_CryptoDevCb.
Thanks to Zou Dikai for the report.
2026-05-06 15:12:09 -07:00
Ruby Martin f6019467fa add unit test for NULL SHAKE parameters 2026-05-06 15:25:06 -06:00
Eric Blankenhorn 38dfa91a7b Fix include for errno in Microchip port settings 2026-05-06 16:14:59 -05:00
Ruby Martin e085d468d8 clear potential null dereference 2026-05-06 14:33:14 -06:00
jackctj117 a3799cffda fix: guard wc_Ed448PublicKeyToDer ed448_export_public call for FIPS<7 2026-05-06 14:09:56 -06:00
David Garske 980fc51ea7 Merge pull request #10275 from twcook86/make_rpm_fix
Fix a few issues with "make rpm"
2026-05-06 13:06:42 -07:00
Daniel Pouzzner 03cee6f2bf tests/api/test_ed25519.c and tests/api/test_ed448.c: add missing FIPS v7+ gating in test_wc_ed25519_export() and test_wc_ed448_export().
wolfcrypt/test/test.c: in aes_cbc_test(), use unconditional static on msg4 and verify4 to work around gcc optimizer bug (probably same bug as noted in ac11279c60).
2026-05-06 14:24:18 -05:00
David Garske 490c1062e4 Merge pull request #10274 from gasbytes/crl-idp-extension-fix-follow-up
Reject CRLs with unrecognized critical entry extensions per RFC 5280 section 5.3
2026-05-06 12:13:28 -07:00
David Garske 545376c477 Merge pull request #10279 from julek-wolfssl/zd/21661
zd/21661: harden X.509 chain validation, session ticket identity binding, and peer cert restore
2026-05-06 11:59:55 -07:00
David Garske 27413e0a3f Merge pull request #10403 from Frauschi/hostap_interal_retry
hostap CI tests: incorporate internal retries
2026-05-06 11:59:49 -07:00
David Garske c38e6cac36 Merge pull request #10414 from night1rider/zephyr/4.x-workflow-fixes
Zephyr 4.x workflow: stabilize CI for renamed forks and slashed branch names
2026-05-06 11:58:19 -07:00
jackctj117 2cdbd25a64 asn: restore serial-0 rejection in DecodeCertInternal for pubkey-extraction paths 2026-05-06 12:53:46 -06:00
Paul Adelsbach 0f2c526ee2 Add missing WC_NO_ERR_TRACE 2026-05-06 11:22:47 -07:00
Ruby Martin 80f971cd6d clears dereference before null check 2026-05-06 11:22:47 -06:00
Paul Adelsbach 8c2bf1dfd4 Remove wc_*Key_HashMsg functions and PKCS#11 references 2026-05-06 09:56:22 -07:00
Ruby Martin 682b628eed remove redundant, always true, checks 2026-05-06 10:51:00 -06:00
night1rider dc3ba1e299 stabilize CI for renamed forks and slashed branch names 2026-05-06 10:04:33 -06:00
Ruby Martin d960d02c80 compare against MAX_UNICODE_SZ, readability change 2026-05-06 09:28:43 -06:00
Ruby Martin dbdd066737 remove dead length check 2026-05-06 09:24:01 -06:00
Juliusz Sosinowicz 061311d6ca zd/21661: harden X.509 chain validation, session ticket identity binding, and peer cert restore
- x509_str: require CA:TRUE unconditionally in wolfSSL_X509_verify_cert;
  verify leaf signature even when verify_cb overrides INVALID_CA
- x509_str: align WOLFSSL_X509_V_ERR_INVALID_CA with OpenSSL value (79)
  so OPENSSL_COEXIST builds compile; bump WC_OSSL_V509_V_ERR_MAX to 80
  and extend error_test() missing-value table for the new gaps
- asn: reject embedded NUL in dNSName / rfc822Name / URI SAN entries
- internal: re-verify restored ticket peer cert against trust store with
  CRL/OCSP checks; clear stale state from session cache on verification
  failure
- ticket: bind SNI and ALPN into session ticket via compile-time selected
  hash (TICKET_BINDING_HASH_TYPE); reject resumption on mismatch in both
  TLS 1.3 and TLS 1.2 paths
- ticket: defer SNI/ALPN binding check until after extensions are parsed
  by consolidating into VerifyTicketBinding(), called once after
  ALPN_Select in DoTls13ClientHello and DoClientHello; the early
  per-call sites ran before extensions were parsed and rejected valid
  resumptions in nginx, haproxy, grpc, and CPython integration tests
- ssl_sess: free previous session in wolfSSL_d2i_SSL_SESSION before
  overwrite
- examples/client: increase SESSION_TICKET_LEN fallback from 256 to 2048
  to support larger tickets
- tests: update SAN NUL fixtures and add parse-time rejection coverage;
  add test_tls13_ticket_peer_cert_reverify for CA-removal scenario; skip
  it under WOLFSSL_NO_DEF_TICKET_ENC_CB
2026-05-06 16:45:58 +02:00
JacobBarthelmeh f140546ba1 add sanity check of hash to atmel port 2026-05-06 08:34:50 -06:00
Daniel Pouzzner 50da0c0a26 Merge pull request #10390 from Frauschi/lms_Wconversion
LMS Wconversion fixes
2026-05-06 09:16:23 -05:00
Daniel Pouzzner 29343708df Merge pull request #10391 from Frauschi/xmss_Wconversion
XMSS Wconversion fixes
2026-05-06 09:15:59 -05:00
Daniel Pouzzner 01f500b938 Merge pull request #10399 from Frauschi/mldsa_Wconversion
ML-DSA Wconversion fixes
2026-05-06 09:15:53 -05:00
Tobias Frauenschläger 2833a4b1e8 ML-DSA Wconversion fixes 2026-05-06 15:33:17 +02:00
Tobias Frauenschläger 40b583fbcb Wconversion fixes for LMS 2026-05-06 15:31:00 +02:00
Tobias Frauenschläger fe353af409 XMSS Wconversion fixes 2026-05-06 15:29:08 +02:00
Tobias Frauenschläger 57f4b231c4 hostap CI tests: incorporate internal retries 2026-05-06 10:36:19 +02:00
Paul Adelsbach 7906e67c14 Address PR comments 2026-05-05 13:46:45 -07:00
Paul Adelsbach b9eb7c1ff8 Add crypto callbacks for LMS and XMSS 2026-05-05 13:46:41 -07:00
David Garske 6a3eb6f0a8 Merge pull request #10360 from gasbytes/cipher-init-dtls13-fix
dtls13: free and null the cipher slot on init failure in Dtls13InitAesCipher and ChaCha equivalent
2026-05-05 13:08:06 -07:00