Commit Graph

551 Commits

Author SHA1 Message Date
Tobias Frauenschläger b59ff436f3 Remove the amount of macos based tests in os-check
Reduce the number of tests running on macos in os-check.yml to the
minimum required number to cover all mac os specific features. All other
platform-agnostic configs and setups are only tested on Linux, which is
much faster in GitHub CI.
2026-04-28 19:34:05 +02:00
David Garske 3181e2bcf8 Merge pull request #10309 from JacobBarthelmeh/openvpn
remove openvpn master from CI test
2026-04-27 08:49:30 -07:00
Daniel Pouzzner caffc458af .github/workflows/: add -Wnull-dereferences to a few -pedantic scenarios missed in the first pass. 2026-04-25 11:47:25 -05:00
Daniel Pouzzner df486d8cd5 src/ssl_load.c: fix -Wnull-dereference in wolfssl_ctx_set_tmp_dh() (detected by armel build);
.github/workflows/pq-all.yml: for the --enable-sp-math scenario, --disable-quic (QUIC unit tests fail on that combo);

wolfcrypt/test/test.c: add WC_MAYBE_UNUSED to ecdsa_test_deterministic_k_rs(), to fix armel sp-math build.
2026-04-25 11:47:25 -05:00
Daniel Pouzzner d14b8f8e79 .github/workflows/:
* add "-Wnull-dereference" to all existing "-pedantic -Wdeclaration-after-statement" configs;
* add an --enable-sp-math config to .github/workflows/pq-all.yml and .github/workflows/multi-arch.yml.
2026-04-25 11:47:24 -05:00
JacobBarthelmeh 186ab8b0c3 remove openvpn master from CI test 2026-04-24 16:55:51 -06:00
JacobBarthelmeh b9514e70be Merge pull request #10148 from julek-wolfssl/openvpn-master-bn2binpad
Add BN_bn2binpad API and enable OpenVPN master CI testing
2026-04-24 13:54:06 -06:00
Juliusz Sosinowicz 5dad65c04c Remove ap_wpa2_eap_sim_sql 2026-04-24 17:07:37 +02:00
JacobBarthelmeh 20c1b91914 Merge pull request #10286 from LinuxJedi/git-action
ci: add PR commit message sanity check workflow
2026-04-23 17:16:26 -06:00
JacobBarthelmeh 6a0303e299 Merge pull request #10066 from dgarske/wc_puf
wolfCrypt SRAM PUF Support
2026-04-23 14:28:37 -06:00
JacobBarthelmeh 53e352181e Merge pull request #10058 from julek-wolfssl/hostap-ec-generate.sh
Re-enable hostap tests and remove some flaky tests
2026-04-23 14:09:09 -06:00
Andrew Hutchings 8810160da7 ci: add PR commit message sanity check workflow
Adds a GitHub Actions workflow that scans every commit in a pull
request and fails if any commit message carries a Co-authored-by
or Signed-off-by trailer pointing at noreply@anthropic.com.
2026-04-23 07:08:36 +01:00
David Garske e05ce26fc9 wolfCrypt SRAM PUF Support
Add SRAM PUF (Physically Unclonable Function) support to wolfCrypt. Derives device-unique cryptographic keys from the power-on state of SRAM memory using a BCH(127,64,t=10) fuzzy extractor with HKDF key derivation.

- **wolfCrypt PUF API** (`wolfcrypt/src/puf.c`, `wolfssl/wolfcrypt/puf.h`)
  - `wc_PufInit`, `wc_PufReadSram`, `wc_PufEnroll`, `wc_PufReconstruct`
  - `wc_PufDeriveKey` (HKDF-SHA256), `wc_PufGetIdentity` (SHA-256 device fingerprint)
  - `wc_PufZeroize` (secure context cleanup)
  - `wc_PufSetTestData` (synthetic SRAM for testing without hardware)
- **BCH(127,64,t=10) error-correcting codec** - corrects up to 10 bit flips per 127-bit codeword across 16 codewords
- **`WC_PUF_SHA3` build option** - select SHA3-256 instead of SHA-256 for identity hash and HKDF (default: SHA-256)
- **Precomputed GF(2^7) tables** - `const` arrays in `.rodata` (no runtime init, thread-safe, flash-resident on embedded)
- `./configure --enable-puf` (auto-enables HKDF dependency)
- CMake: `WOLFSSL_PUF=yes`
- `WOLFSSL_USER_SETTINGS`: define `WOLFSSL_PUF` and `WOLFSSL_PUF_SRAM`
- See wolfssl-examples/puf for example implementation on STM32 NUCLEO-H563ZI (Cortex-M33, STM32H563ZI)
- Supports test mode (synthetic SRAM)
- Builds to ~13KB `.elf`
- Tested on NUCLEO-H563ZI: enrollment, noisy reconstruction, key derivation all pass
- `.github/workflows/puf.yml`: host build + test workflow for PUF feature
- Doxygen API docs for all 8 public functions
- PUF group added to `doxygen_groups.h`
2026-04-22 11:39:39 -07:00
Andrew Hutchings ddacd6b822 Move SE050 simulator under wolfSSL
The simulator is now in the simulators repo instead of LinuxJedi's
private repo.
2026-04-21 06:31:42 +01:00
Tobias Frauenschläger 0de3925207 Add RFC8773bis cert_with_extern_psk support
Implement RFC8773bis (draft-ietf-tls-8773bis-13)
cert_with_extern_psk for TLS 1.3, including protocol checks
and API support.

Includes unit tests for API and handshake behavior as well
as tests in the testsuite using extended examples.
2026-04-17 15:12:04 +02:00
Brett Nicholas 4bf334c299 Merge pull request #10009 from night1rider/SHE-update
Add SHE (Secure Hardware Extension) support to wolfCrypt
2026-04-16 16:49:00 -06:00
Daniel Pouzzner 8d332778b0 wolfcrypt/test/test.c: in ed25519_test(), fix RARE_ED_BAD_ENC_E and RARE_ED_BAD_SIG_E macros to use WC_NO_ERR_TRACE() safely;
.github/workflows/trackmemory.yml: add --enable-debug-trace-errcodes to a couple scenarios.
2026-04-15 21:12:21 -05:00
David Garske 48a0347581 Merge pull request #10180 from Frauschi/dilithium-alloc-key
Add dynamic key allocation support for Dilithium
2026-04-15 10:36:14 -07:00
night1rider f081a08c5c Address comments from bigbrett and Fenrir bot. Rename she.{c,h} to wc_she.{c,h}, fix naming consistency, auto-enable CMAC/AES dependencies, add WC_SHE_SW_DEFAULT opt-inAddress PR #10009 review comments from bigbrett and Fenrir 2026-04-15 11:28:03 -06:00
night1rider ee7fe9e1b1 SHE API: remove key storage from context, add direct output params 2026-04-15 11:28:03 -06:00
night1rider eeedc470e9 Add SHE (Secure Hardware Extension) support to wolfCrypt 2026-04-15 11:27:44 -06:00
David Garske 1a67eb7223 Merge pull request #9851 from night1rider/setkey-callbacks
Setkey/Export callbacks
2026-04-15 10:17:38 -07:00
David Garske 240703c959 Merge pull request #10219 from rizlik/se050
SE050: Fixes  + NO_{RSA,ECDHE}_VERIFY options + simulator CI
2026-04-15 09:35:23 -07:00
Michael Rogov Papernov e38c88daf3 ci: preserve membrowse push-to-master runs from cancellation
Use unique concurrency group per commit for push events so that
sequential merges to master don't cancel each other's queued runs.
This ensures every master commit gets analyzed for memory tracking.
2026-04-15 11:07:41 +01:00
Marco Oliverio 8b01033d0b se050: reviewer's fixes 2026-04-15 08:52:16 +02:00
night1rider a99a72029c narrow ecc_size/sig_size guards to SETKEY||EXPORT_KEY, update _WC_PK_TYPE_MAX, const-qualify export_key.obj, call _ecc_import_x963_ex2 directly, fix GetSetKeyTypeStr, fix NULL deref in wc_RsaPrivateKeyDecode with WOLF_CRYPTO_CB_FIND, add FIND CI config. 2026-04-14 16:21:50 -06:00
night1rider 1295f4fe0e Add WOLF_CRYPTO_CB_SETKEY and WOLF_CRYPTO_CB_EXPORT_KEY crypto callback
utilities for generic SetKey and ExportKey operations on HMAC, RSA, ECC,
  and AES. Add wc_ecc_size/wc_ecc_sig_size callback hooks for hardware-only
  keys. Integrate into configure.ac as --enable-cryptocbutils=setkey,export
  options with CI test configurations in os-check.yml.

  Add test handlers in test.c and api.c with export/import delegation
  pattern, small-stack-safe allocations, custom curve support, and
  DEBUG_CRYPTOCB helpers.
2026-04-14 16:21:50 -06:00
David Garske 584489f2e0 Merge pull request #10211 from night1rider/mlkem-cryptocb-sha3-hashtype-bug
Mlkem cryptocb sha3 hashtype not reset after final call
2026-04-14 11:08:26 -07:00
David Garske 9ed79a2815 Merge pull request #10189 from michael-membrowse/master
ci: membrowse integration
2026-04-14 09:25:53 -07:00
Andrew Hutchings 931893c62b Address items in code review 2026-04-14 18:07:30 +02:00
Andrew Hutchings 6d2845751b Fix SE050 Ed25519 port bugs and add simulator CI workflow
- se050_ed25519_verify_msg: initialize *res = 0 at entry so failures don't leak a stale res = 1 from a prior good verify.
- Ed25519 import functions: reset keyIdSet / keyId under WOLFSSL_SE050 in wc_ed25519_import_private_key_ex, wc_ed25519_import_private_only, wc_ed25519_import_public_ex so overwriting host-side key material invalidates any prior SE050 object binding.
- New workflow .github/workflows/se050-sim.yml: builds wolfSSL against the NXP Plug&Trust SDK and runs the wolfCrypt tests against the SE050Sim simulator. Patches the upstream Dockerfile to use the PR's wolfSSL source.
- ed25519_test SE050 adjustments:
- Cap the RFC 8032 loop at 5 iters — iter 5's 1023 B msg exceeds NXP SDK SE05X_TLV_BUF_SIZE_CMD = 900.
  - rareEd verifies and private-only sign: expect WC_HW_E (SE050 delegates malformed-input rejection to the secure element) instead of BAD_FUNC_ARG / SIG_VERIFY_E.
  - Skip ed25519ctx_test / ed25519ph_test — SE050 port drops the context/prehash params so RFC 8032 ctx/ph vectors can't byte-match.
2026-04-14 18:05:51 +02:00
Tobias Frauenschläger b562d5c7d8 Add dynamic key allocation support for Dilithium
This update introduces the WOLFSSL_DILITHIUM_DYNAMIC_KEYS option, allowing
for dynamic memory allocation of public and private key buffers. This change
reduces memory usage by allocating buffers only when needed.
2026-04-14 13:22:12 +02:00
Zackery Backman 4c8c67f8aa Add --enable-cryptocb --enable-keygen -DWOLF_CRYPTO_CB_FIND CI config to surface mlkem SHA3 hashType latch bug 2026-04-13 16:57:59 -06:00
David Garske 178e10e42a Merge pull request #10081 from julek-wolfssl/openssh-10.2p1
Add openssh 10.2p1 to CI
2026-04-13 10:21:50 -07:00
Andrew Hutchings 08aac33a7d ci: rebuild mbedtls/nss in test job on cache miss
The test jobs used actions/cache/restore with fail-on-cache-miss,
which aborted when the cache key was scoped to another PR or had
been evicted, even though the build job reported success.

Drop fail-on-cache-miss and add a fallback rebuild in the test
job, gated on the cache-hit output. Fast path is unchanged; on
miss the test job rebuilds locally and proceeds.
2026-04-13 14:58:35 +01:00
Juliusz Sosinowicz a4632ea508 Add BN_bn2binpad API and enable OpenVPN master CI testing 2026-04-13 15:35:40 +02:00
Sean Parkinson 1cd1872abf Merge pull request #10179 from Frauschi/mlkem-alloc-key
Add dynamic key allocation support for ML-KEM
2026-04-13 09:35:34 +10:00
Michael Rogov Papernov 18b2bb3dd9 ci: membrowse integration 2026-04-10 18:36:08 +01:00
Tobias Frauenschläger b7cc7adab8 Add dynamic key allocation support for ML-KEM
Introduce the WOLFSSL_MLKEM_DYNAMIC_KEYS option to allow dynamic allocation
of private and public key buffers in the MlKemKey struct. This change
enables right-sizing of buffers based on the actual ML-KEM level and eliminates
unnecessary memory usage for encapsulate-only operations.
2026-04-10 17:20:21 +02:00
Tobias Frauenschläger 9c2dbac668 os-check: split platform-agnostic configs to Linux-only job
Split make_check into two jobs to reduce CI time:

- make_check: 37 configs that interact with platform-specific features
  (sys-ca-certs, Apple Security.framework, OpenSSL compat, networking)
  continue to run on both Ubuntu and macOS.

- make_check_linux: 17 configs testing pure crypto algorithms,
  preprocessor guards, or features with no macOS-specific code paths
  now run on Linux only.

Also change make_user_settings_testwolfcrypt to Linux-only since
testwolfcrypt runs pure crypto tests with no platform-specific features.

Saves ~33 CI jobs with no loss of test coverage.
2026-04-10 12:50:24 +02:00
Tobias Frauenschläger 585a1ecaaf CI script improvements
* ensure make -j is called everywhere
* shallow clones where possible
* set fixed ubuntu version for linux tests
2026-04-10 12:50:24 +02:00
Tobias Frauenschläger 062ef3e93b Remove some duplicate CI tests 2026-04-10 12:50:24 +02:00
David Garske cc72851694 Merge pull request #10026 from LinuxJedi/actions-composite-caching
Composite GHA action with caching
2026-04-09 12:01:24 -07:00
JacobBarthelmeh eddea3884a pin OpenVPN version until BN_bn2binpad is added 2026-04-06 09:22:28 -06:00
Daniel Pouzzner 24f9981877 Merge pull request #10120 from douzzer/20260331-wolfcrypt-Wcast-qual
20260331-wolfcrypt-Wcast-qual

approved by @padelsbach
2026-04-02 00:25:13 -05:00
Daniel Pouzzner d6fa846615 Merge pull request #10096 from padelsbach/dilithium-oob-shift
Fix out of bounds shift in ML-DSA
2026-04-02 00:13:06 -05:00
Daniel Pouzzner 21c6568883 Fixes for -Wcast-qual hygiene in wolfCrypt.
.github/workflows/wolfCrypt-Wconversion.yml: Add -Wcast-qual to all scenarios.

wolfssl/wolfcrypt/signature.h, wolfcrypt/src/signature.c, doc/dox_comments/header_files/signature.h:

  Remove incorrect const qualifier on the key argument in

  * wc_SignatureVerifyHash()
  * wc_SignatureVerify()
  * wc_SignatureGenerateHash()
  * wc_SignatureGenerateHash_ex()
  * wc_SignatureGenerate()
  * wc_SignatureGenerate_ex()

  This fixes UB code patterns throughout signature.c.  key is inherently
  accessed readwrite by the underlying low level crypto.  Fortunately, wolfCrypt
  has no APIs/methods to allow actual const MPI key objects, therefore these
  seeming breaking API changes can't actually break any users.

globally:

  * Add const qualifiers to all struct pointer members that are assigned values
    computed from const pointers.

  * Add const qualifiers to intermediate casts for accessors and read-only
    dereference constructs, as needed for -Wcast-qual hygiene, e.g. for a macro
    GET_U16(a), use (*(const word16*)(a)) rather than (*(word16*)(a)).

  * Add const qualifiers to internal declarations, and remove illegal casts, as
    needed for -Wcast-qual hygiene.

  * Add missing const qualifiers to all casts for argument, operand, and
    assignment type agreement, as needed for -Wcast-qual hygiene, e.g.
    "*data = (const byte*)dataASN->data.ref.data" rather than
    "*data = (byte*)dataASN->data.ref.data".

wolfssl/wolfcrypt/asn.h, wolfssl/wolfcrypt/asn_public.h, wolfcrypt/src/asn.c, wolfcrypt/src/asn_orig.c:

  * Add additional lifecycle management for object members that are only sometimes locally allocated:

    DNS_entry.nameStored
    DNS_entry.ipStringStored
    DNS_entry.ridStringStored

wolfssl/wolfcrypt/types.h: add WC_BARRIER() macro -- a portable construct that
   prevents compiler optimizers from reordering operations across the barrier.

wolfssl/wolfcrypt/blake2-impl.h, wolfcrypt/src/blake2s.c, wolfcrypt/src/blake2b.c:

  * In blake2b_init(), blake2b_init_key(), blake2s_init(), and
    blake2s_init_key(), refactor blake2b_param initialization using WC_BARRIER()
    (fixes volatile abuse that triggered -Wcast-qual).

  * Remove the residual and unused WOLFSSL_BLAKE2[BS]_INIT_EACH_FIELD code.

wolfcrypt/src/ecc.c and wolfssl/wolfcrypt/ecc.h:

  Remove incorrect const qualifier on curve arg to wc_ecc_free_curve() (internal function).
2026-04-01 14:12:02 -05:00
Paul Adelsbach 73c6f2a91f Fix out of bounds shift in ML-DSA 2026-03-31 09:39:45 -07:00
Paul Adelsbach ec9b6cf469 Add test cases 2026-03-31 09:29:46 -07:00
Juliusz Sosinowicz cd967c7e61 Add openssh 10.2p1 to CI
Depends on https://github.com/wolfSSL/osp/pull/327
2026-03-26 18:42:44 +01:00