Commit Graph

11083 Commits

Author SHA1 Message Date
Daniel Pouzzner df486d8cd5 src/ssl_load.c: fix -Wnull-dereference in wolfssl_ctx_set_tmp_dh() (detected by armel build);
.github/workflows/pq-all.yml: for the --enable-sp-math scenario, --disable-quic (QUIC unit tests fail on that combo);

wolfcrypt/test/test.c: add WC_MAYBE_UNUSED to ecdsa_test_deterministic_k_rs(), to fix armel sp-math build.
2026-04-25 11:47:25 -05:00
Daniel Pouzzner 363bb0e216 configure.ac:
* allow for fips-dev in v7|ready|dev ENABLED_SHA256_DRBG and ENABLED_SHA512_DRBG setup and change from AC_MSG_WARN to AC_MSG_ERROR if user tries to disable outside fips-dev;
* set ENABLED_SHA512_DRBG=no in lean-aesgcm setup;

wolfcrypt/test/test.c: suppress concurrency-mt-unsafe in myFipsCb();

 .wolfssl_known_macro_extras: fix lexical order.
2026-04-25 11:47:25 -05:00
Daniel Pouzzner b79221acd3 wolfcrypt/test/test.c: in random_bank_test(), accommodate WOLFSSL_DRBG_SHA512 in the WC_RNG_BANK_FLAG_NO_VECTOR_OPS test;
linuxkm/lkcapi_sha_glue.c: in wc_mix_pool_bytes(), accommodate WOLFSSL_DRBG_SHA512.
2026-04-25 11:47:25 -05:00
Daniel Pouzzner 91c7c8f9fb wolfcrypt/test/test.c and wolfcrypt/test/test.h: fix gating for dsa_test() and srp_test() prototypes to avoid -Wunused-function in --enable-sp-math builds. 2026-04-25 11:47:24 -05:00
David Garske 21921408b9 Merge pull request #10216 from ColtonWilley/add-null-checks-public-api
Add missing NULL checks in public API functions
2026-04-24 14:42:24 -07:00
JacobBarthelmeh 734a71180c Merge pull request #10220 from embhorn/zd21596
Fix TLS ext bounds checking
2026-04-24 15:10:05 -06:00
JacobBarthelmeh c6953b868a Merge pull request #10260 from Frauschi/ecc_fix
Fix ECC validation regression
2026-04-24 14:39:50 -06:00
JacobBarthelmeh 46cedcf0f6 Merge pull request #10268 from ColtonWilley/zephyr-4.3-default-tls-support
zephyr: changes needed for Zephyr 4.3 default TLS support
2026-04-24 14:30:59 -06:00
JacobBarthelmeh 0c9a496215 Merge pull request #10162 from embhorn/gh9753
Use O_CLOEXEC to avoid race conditions
2026-04-24 14:28:00 -06:00
JacobBarthelmeh a20c391b84 Merge pull request #10282 from kareem-wolfssl/zd21527
Fix W560 "possible truncation at implicit conversion to type unsigned char" warnings raised by Tasking compiler.
2026-04-24 14:11:41 -06:00
kaleb-himes 08fd7bde58 PQ FIPS v7.0.0 Phase 2 & 3: All changes
Implement peer review feedback
2026-04-24 06:52:49 -06:00
Eric Blankenhorn 412c428b0a Fix TLS ext bounds checking 2026-04-24 07:23:07 -05:00
Juliusz Sosinowicz 31278ee8bd Merge pull request #10296 from JacobBarthelmeh/hostap 2026-04-24 14:13:02 +02:00
Sean Parkinson 936f8e5423 Merge pull request #10203 from Frauschi/pkcs7_fixes
PKCS#7 fixes
2026-04-24 10:13:43 +10:00
JacobBarthelmeh d9beec2e81 Merge pull request #10283 from night1rider/SHE-test-double-free-fix
Fix double-free of she2 in she_test()
2026-04-23 16:59:52 -06:00
JacobBarthelmeh 72c7d12cfb exclude the trust anchor from prospective certification path with pathlen check 2026-04-23 16:23:07 -06:00
JacobBarthelmeh fe8541cc47 Merge pull request #10193 from padelsbach/set-hashtype-in-ports
Set hashType in ports
2026-04-23 15:02:30 -06:00
JacobBarthelmeh 6a0303e299 Merge pull request #10066 from dgarske/wc_puf
wolfCrypt SRAM PUF Support
2026-04-23 14:28:37 -06:00
JacobBarthelmeh 5277556989 Merge pull request #10264 from JeremiahM37/fenrir-issues-5
Harden wolfCrypt input validation and zeroization
2026-04-23 14:06:29 -06:00
Tobias Frauenschläger 6c5de29758 Fix ECC validation regression 2026-04-23 11:26:33 +02:00
Tobias Frauenschläger 22d1441331 Bounds-check the RecipientInfo SET length in wc_PKCS7_ParseToRecipientInfoSet() 2026-04-23 11:03:24 +02:00
Tobias Frauenschläger 97b82b5087 Add nonce length validation for PKCS#7 2026-04-23 11:03:19 +02:00
Tobias Frauenschläger b7f6e77a95 Reject PKCS#7 SignedData signer-identity forgery 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 589feabc0c Harden PKCS#7 EnvelopedData key unwrap 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 4e423fde17 More PKCS#7 bounds checks 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 46f3ebb0c6 Add missing ForceZero calls in PKCS#7 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 16e1d33f24 Fix invalid preprocessor guard in PKCS7 with SHA224
Also add missing ForceZero for ECDH shared secret on the heap.
2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 5634cfd67c Fix PKCS#7 regression with --enable-all and NO_PKCS7_STREAM 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger e2167e4bbd add length check in PKCS#7 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 84fb0f694c Fix various range and size bugs in PKCS#7 code 2026-04-23 09:36:32 +02:00
night1rider d673b62143 Fix double-free of she2 in she_test 2026-04-22 17:33:21 -06:00
Kareem 9fef016106 Fix W560 "possible truncation at implicit conversion to type unsigned char" warnings raised by Tasking compiler. 2026-04-22 15:47:48 -07:00
Kareem b3c2877a14 Add additional checks for encryptedContentSz exceeding pkiMsgSz. 2026-04-22 15:22:36 -07:00
Kareem 3e04475875 Fix unused variable error 2026-04-22 15:22:36 -07:00
Kareem ebdcc03b71 Code review feedback 2026-04-22 15:22:36 -07:00
Kareem 1397268aa1 In wc_PKCS7_DecodeEnvelopedData, confirm encryptedContentTotalSz does not exceed the total message size before using it in the non-streaming case.
Thanks to Zou Dikai for the report.
2026-04-22 15:22:36 -07:00
Kareem 7f218574c4 Ensure esd->signedAttribsCount contains the correct count in case some are skipped by using the current idx rather than the total array size.
Thanks to Zou Dikai for the report.
2026-04-22 15:22:36 -07:00
JacobBarthelmeh b5738236d9 Merge pull request #10187 from embhorn/zd21587
Fixes in TLS ECH, handle empty records, and ASN len check
2026-04-22 14:44:15 -06:00
JacobBarthelmeh bc4bec63fc Merge pull request #10094 from sebastian-carpenter/GH-10068
Fixes: for GH #10068
2026-04-22 14:24:25 -06:00
Paul Adelsbach ea6af18bc1 Set hashType in ports 2026-04-22 13:17:28 -07:00
David Garske e05ce26fc9 wolfCrypt SRAM PUF Support
Add SRAM PUF (Physically Unclonable Function) support to wolfCrypt. Derives device-unique cryptographic keys from the power-on state of SRAM memory using a BCH(127,64,t=10) fuzzy extractor with HKDF key derivation.

- **wolfCrypt PUF API** (`wolfcrypt/src/puf.c`, `wolfssl/wolfcrypt/puf.h`)
  - `wc_PufInit`, `wc_PufReadSram`, `wc_PufEnroll`, `wc_PufReconstruct`
  - `wc_PufDeriveKey` (HKDF-SHA256), `wc_PufGetIdentity` (SHA-256 device fingerprint)
  - `wc_PufZeroize` (secure context cleanup)
  - `wc_PufSetTestData` (synthetic SRAM for testing without hardware)
- **BCH(127,64,t=10) error-correcting codec** - corrects up to 10 bit flips per 127-bit codeword across 16 codewords
- **`WC_PUF_SHA3` build option** - select SHA3-256 instead of SHA-256 for identity hash and HKDF (default: SHA-256)
- **Precomputed GF(2^7) tables** - `const` arrays in `.rodata` (no runtime init, thread-safe, flash-resident on embedded)
- `./configure --enable-puf` (auto-enables HKDF dependency)
- CMake: `WOLFSSL_PUF=yes`
- `WOLFSSL_USER_SETTINGS`: define `WOLFSSL_PUF` and `WOLFSSL_PUF_SRAM`
- See wolfssl-examples/puf for example implementation on STM32 NUCLEO-H563ZI (Cortex-M33, STM32H563ZI)
- Supports test mode (synthetic SRAM)
- Builds to ~13KB `.elf`
- Tested on NUCLEO-H563ZI: enrollment, noisy reconstruction, key derivation all pass
- `.github/workflows/puf.yml`: host build + test workflow for PUF feature
- Doxygen API docs for all 8 public functions
- PUF group added to `doxygen_groups.h`
2026-04-22 11:39:39 -07:00
Sean Parkinson 353a379bd7 Merge pull request #10262 from douzzer/20260420-test-fixes
20260420-test-fixes
2026-04-21 10:23:46 +10:00
Sean Parkinson 967780f1b7 Merge pull request #10239 from gasbytes/crl-idp-extension-fix
reject crls with unrecognized critical extensions
2026-04-21 10:21:31 +10:00
JacobBarthelmeh ad8b6dbc32 Merge pull request #10217 from ColtonWilley/null-checks-evp-ocsp-x509
Fix NULL derefs, buffer overflow, and i2d contract in EVP/OCSP/X509
2026-04-20 17:27:19 -06:00
Colton Willey c950a6aa46 zephyr: changes needed for Zephyr 4.3 default TLS support
Follow-up to #7731 ("Changes needed for default TLS support in zephyr
kernel"). Zephyr 4.3's TLS socket integration uses three additional
wolfSSL features that were not needed by the 3.7 integration, plus an
extension to the native_sim time-source gates introduced in #7731.

native_sim timer gates (src/internal.c, wolfcrypt/src/wc_port.c):
  Extend the !CONFIG_BOARD_NATIVE_POSIX gate in LowResTimer() and the
  CONFIG_BOARD_NATIVE_POSIX RTC path in z_time() to also cover
  CONFIG_BOARD_NATIVE_SIM. Zephyr 4.3 renamed the simulator board from
  native_posix to native_sim; without this, k_cpu_idle() on native_sim
  advances simulated time during DTLS retransmit loops and the RTC path
  falls through to uptime-since-boot. Behavior on native_posix is
  unchanged.

New Kconfig options (zephyr/Kconfig, zephyr/user_settings.h):
  CONFIG_WOLFSSL_SESSION_EXPORT   -> HAVE_EXT_CACHE
    Required by consumers that serialize TLS session state across
    connections via wolfSSL_i2d_SSL_SESSION / wolfSSL_d2i_SSL_SESSION.
  CONFIG_WOLFSSL_KEEP_PEER_CERT   -> KEEP_PEER_CERT
    Retain the peer certificate after handshake so the application
    layer can inspect it via wolfSSL_get_peer_certificate.
  CONFIG_WOLFSSL_ALWAYS_VERIFY_CB -> WOLFSSL_ALWAYS_VERIFY_CB
    Invoke an application-set verify callback on successful chain
    validation in addition to validation failures.

All three are default-off; customers opt in the same way they do for
the existing CONFIG_WOLFSSL_DTLS / ALPN / PSK feature options.

.wolfssl_known_macro_extras: register HAVE_EXT_CACHE.
2026-04-20 12:29:26 -07:00
Jeremiah Mackey d5312ba350 wc_MakeDsaKey: match tmpQ alloc and free 2026-04-20 17:20:54 +00:00
Jeremiah Mackey 9c1b8cf4f1 wc_rng_bank_init: fall through on size error 2026-04-20 17:20:54 +00:00
Jeremiah Mackey c417a1ce1e zero sensitive state before free 2026-04-20 17:20:54 +00:00
Jeremiah Mackey 4a103a1b4e AES: tighten AEAD input validation 2026-04-20 17:20:54 +00:00
Jeremiah Mackey 6596419cb0 add NULL validation to wolfCrypt APIs 2026-04-20 17:20:54 +00:00