Commit Graph

28930 Commits

Author SHA1 Message Date
Daniel Pouzzner e601e04444 fix examples/pem/ and scripts/pem.test:
examples/pem/pem.c:
* improve error messages,
* add wc_SetSeed_Cb() if WC_RNG_SEED_CB, and
* add wolfCrypt_Init() and wolfCrypt_Cleanup().

scripts/pem.test:
* fix exit code to unmask script failure,
* add configured feature detection,
* improve error messages and handling,
* add configuration gating around subtests, and
* comment out currently failing subtests.
2026-04-20 10:26:09 -05:00
Daniel Pouzzner 8c3d471ce1 linuxkm/module_hooks.c: in wolfssl_init() FIPS_OPTEST_FULL_RUN_AT_MODULE_INIT code path (currently unused), add missing declaration for i. 2026-04-20 10:19:33 -05:00
Daniel Pouzzner a7bf5e5989 wolfcrypt/test/test.c: add missing FIPS gating for backward-incompatible NULL arg tests in hkdf_test() and srtpkdf_test(). 2026-04-20 10:17:31 -05:00
Sean Parkinson fa9f24ff27 Merge pull request #10223 from rlm2002/zd21611
CN constraints fix
2026-04-19 21:28:29 +10:00
Sean Parkinson d577ea3228 Merge pull request #10238 from JeremiahM37/fenrir-issues-4
Fix UAF in Delete wrappers, harden KDF and LMS signing
2026-04-19 21:18:44 +10:00
Ruby Martin 797ba3f03b test DNS name constraints on CA are applied against Subject CN name when SAN name is unavailable
test correct CN with no SAN available is accepted
2026-04-17 12:10:25 -06:00
David Garske c4c71eece3 Merge pull request #10085 from Frauschi/rfc8773bis-cert-with-extern-psk
Add RFC8773(bis) cert_with_extern_psk support
2026-04-17 09:43:20 -07:00
David Garske 423b47177c Merge pull request #10243 from night1rider/SHE-doxygen-clean
Add SHE doxygen so documentation can pick up the API and notes.
2026-04-17 09:36:05 -07:00
David Garske 1f271855fc Merge pull request #10241 from SparkiDev/asm_gen_refactor_1
ASM files: generation script refactor output
2026-04-17 09:35:03 -07:00
Tobias Frauenschläger 0de3925207 Add RFC8773bis cert_with_extern_psk support
Implement RFC8773bis (draft-ietf-tls-8773bis-13)
cert_with_extern_psk for TLS 1.3, including protocol checks
and API support.

Includes unit tests for API and handshake behavior as well
as tests in the testsuite using extended examples.
2026-04-17 15:12:04 +02:00
Reda Chouk fb64844924 Merge pull request #10205 from holtrop-wolfssl/rust-fenrir-fixes
Rust fenrir fixes
2026-04-17 10:32:26 +02:00
Sean Parkinson 755a90b3f3 Merge pull request #10218 from julek-wolfssl/zd/21535
Fix bugs found in crl.c, keys.c, and ssl_certman.c review
2026-04-17 10:46:48 +10:00
Sean Parkinson 318cd62d44 Merge pull request #10231 from JeremiahM37/fenrir-issues-3
Fix PEM input validation and zeroize sensitive key buffers
2026-04-17 10:44:55 +10:00
Sean Parkinson 460463aa8f Merge pull request #10166 from JeremiahM37/test-coverage
Add negative tests for TLS handshake verification paths
2026-04-17 10:41:53 +10:00
Sean Parkinson 9d1fe652b1 Merge pull request #10224 from embhorn/zd21594
Various fixes in internal.c
2026-04-17 09:44:33 +10:00
Sean Parkinson fc433b2596 ASM files: generation script refactor output
Refactors the output format of generated assembly files across all
platforms
(x86_64, ARM AArch64, ARMv8-32, Thumb2, PowerPC) for consistency and
  correctness.

  Changes

  Data constant consolidation
- Pack multiple values per directive line (e.g., 4× .long or 8× .short
per
line) instead of one value per line, reducing file sizes significantly
- Normalize hex literal formatting: 64-bit values use full 8-byte
zero-padded
form (e.g., 0x0000000003ffffff instead of 0x3ffffff)

  x86_64 assembly
- Use decimal immediate values for shift counts (e.g., $1 instead of
$0x01)
- .asm (MASM): use hex notation consistently for data constants;
update ALIGN
values to match data width (e.g., ALIGN 32 for 256-bit aligned data)

  ARM .S files
- Move .type directive before .section for data objects (correct
ordering per
ELF convention)

ARM/Thumb2 inline C (_c.c) files
  - Replace asm( with __asm__( for register variable constraints (better
portability)
- Add XALIGNED(8) attribute to constant lookup tables used in inline
asm
- Remove redundant #include <stdint.h> and
<wolfssl/wolfcrypt/libwolfssl_sources.h> headers

Files affected: 71 assembly and companion C files across
wolfcrypt/src/,
wolfcrypt/src/port/arm/, covering AES, ChaCha, Poly1305,
SHA-256/512/3,
  Curve25519, ML-KEM, ML-DSA, and SP math routines.
2026-04-17 09:38:57 +10:00
night1rider 87cbc57ec8 Add SHE doxygen so documentation can pick up the API and notes. 2026-04-16 17:35:44 -06:00
Brett Nicholas 4bf334c299 Merge pull request #10009 from night1rider/SHE-update
Add SHE (Secure Hardware Extension) support to wolfCrypt
2026-04-16 16:49:00 -06:00
David Garske 3d548f46b3 Merge pull request #10235 from SparkiDev/sp_int_fixes_6
SP int: fixes from review by Claude
2026-04-16 15:39:23 -07:00
David Garske 7486183f22 Merge pull request #10237 from douzzer/20260416-SNI-WOLFSSL_HOST_NAME_MAX
20260416-SNI-WOLFSSL_HOST_NAME_MAX
2026-04-16 10:52:09 -07:00
Jeremiah Mackey 4ce11fa5f5 zero LMS signature on write failure 2026-04-16 17:35:50 +00:00
Jeremiah Mackey 3175c3387f add NULL validation to KDF APIs 2026-04-16 17:35:50 +00:00
Jeremiah Mackey 625ea89284 save heap before Free in Delete wrappers 2026-04-16 17:14:05 +00:00
Daniel Pouzzner 801c412ad2 src/tls.c, wolfssl/ssl.h, tests/api.c: followup to ff7a32d022 (#10182):
* Fix OOB heap reads via TLSX_ExtractEch() by preemptively rejecting oversized
  SNI names in TLSX_UseSNI().

* In TLSX_EchChangeSNI(), don't attempt to truncate if an oversized name is
  seen, just return error.

* Move definition of WOLFSSL_HOST_NAME_MAX to an ungated context in ssl.h, and
  use it consistently in tls.c, eliminating the duplicative
  WOLFSSL_HOST_NAME_MAX.
2026-04-16 11:12:02 -05:00
Jeremiah Mackey a0614dd3c0 add negative tests for TLS handshake verification paths 2026-04-16 14:37:07 +00:00
Sean Parkinson c119a21931 SP int: fixes from review by Claude
1. sp_cond_swap_ct_ex (line ~5524) — XOR typo: b->sign ^= b->sign always
zeroed the sign. Fixed to b->sign ^= t->sign to correctly swap signs.
2. sp_mod_d (line ~7271) — Negative modulo correction was applied even
when the remainder was 0. Added (*r != 0) guard to avoid producing d
instead of 0.
3. sp_lshb (line ~8444) — Left-shift size check was off. Refactored to
correctly distinguish between pure-digit shifts and bit-within-digit
shifts when checking if the result fits, using separate overflow checks
for each case.
4. _sp_mulmod_tmp (line ~12160) — Zero inputs caused an allocation of
size 0, which is problematic. Added an early path: if either operand is
zero, set result to zero and skip the allocation/multiply entirely.
5. sp_mod_2d — copy path (line ~14762) — XMEMCPY copied digits *
SP_WORD_SIZEOF bytes but a may have fewer than digits used digits. Fixed
to copy min(a->used, digits) digits to avoid reading uninitialized
memory.
6. sp_mod_2d — negation loop (line ~14782) — Negation loop iterated
over r->used, which could exceed digits. Fixed to loop over min(r->used,
digits).
7. _sp_sqrmod (line ~17314) — Same zero-input issue as _sp_mulmod_tmp.
Added early zero path to skip the allocation/squaring when input is
zero.
8. sp_lcm (line ~19838) — Typo in sign check: b->sign >= MP_NEG
(comparing against a value that is 1, so >= 1 would also match MP_ZPOS)
changed to b->sign == MP_NEG.
2026-04-16 19:01:53 +10:00
David Garske f086e91cbf Merge pull request #10234 from douzzer/20260415-trace-errcodes-fixes-and-tests
20260415-trace-errcodes-fixes-and-tests
2026-04-15 20:38:53 -07:00
Daniel Pouzzner 4cd7126092 tests/api/test_aes.c: fix gating for test_wc_AesGcm_MonteCarlo() to exclude WOLFSSL_AFALG and WOLFSSL_DEVCRYPTO. 2026-04-15 21:29:17 -05:00
Daniel Pouzzner 0f0dab0105 wolfcrypt/src/logging.c and wolfssl/wolfcrypt/logging.h: add wc_backtrace_set_fp(). 2026-04-15 21:28:43 -05:00
Daniel Pouzzner 8d332778b0 wolfcrypt/test/test.c: in ed25519_test(), fix RARE_ED_BAD_ENC_E and RARE_ED_BAD_SIG_E macros to use WC_NO_ERR_TRACE() safely;
.github/workflows/trackmemory.yml: add --enable-debug-trace-errcodes to a couple scenarios.
2026-04-15 21:12:21 -05:00
night1rider 64a1ac8dd2 wc_SHE_ImportM1M2M3: fix guard from || to && so it gates on WOLF_CRYPTO_CB 2026-04-15 18:03:39 -06:00
Sean Parkinson 3c2a92d21d Merge pull request #10225 from kareem-wolfssl/zd21544
Fix uninitialized before use warning.  Fix unsupported #warning directive by Tasking compiler.
2026-04-16 08:55:49 +10:00
Sean Parkinson cd6b062847 Merge pull request #10136 from JeremiahM37/fenrir-issues-2
Fenrir fixes
2026-04-16 08:51:17 +10:00
Sean Parkinson d2175f3b42 Merge pull request #10222 from embhorn/zd21597
Report cert verify failure with MD5
2026-04-16 08:45:15 +10:00
Sean Parkinson f286f62cb3 Merge pull request #10201 from gasbytes/quic_record_cap
add missing WOLFSSL_QUIC_MAX_RECORD_CAPACITY check on the early-data
2026-04-16 08:42:35 +10:00
Sean Parkinson 6be03a5dab Merge pull request #10182 from embhorn/zd21576
Fix TLSX_EchChangeSNI to check hostname termination
2026-04-16 08:37:42 +10:00
Sean Parkinson 0c93bf9e7c Merge pull request #10229 from mattia-moffa/20260415-zd21621
Fix regressions (fast math MAX_ENCODED_SIG_SZ; DTLS export IV buffer size)
2026-04-16 08:33:23 +10:00
Sean Parkinson 1fab25301f Merge pull request #10221 from julek-wolfssl/gh/10197
TLS 1.3: evict session from cache after accepted 0-RTT resumption
2026-04-16 08:16:31 +10:00
Eric Blankenhorn 0ddde71279 Fix from review 2026-04-15 17:07:22 -05:00
David Garske 26a7d594e3 Merge pull request #10232 from douzzer/20260415-confusing_globals
20260415-confusing_globals
2026-04-15 15:02:40 -07:00
David Garske faa6e985a5 Merge pull request #10226 from SparkiDev/api_test_cipher_algs_3
API tests: more cipher tests
2026-04-15 14:32:11 -07:00
Eric Blankenhorn c429a41121 Fix from review 2026-04-15 15:26:46 -05:00
David Garske 48a0347581 Merge pull request #10180 from Frauschi/dilithium-alloc-key
Add dynamic key allocation support for Dilithium
2026-04-15 10:36:14 -07:00
Daniel Pouzzner 4ac3c89cd7 wolfssl/ssl.h: add backward compat mappings for wolfSSL*PrivateKey_id(). 2026-04-15 12:29:35 -05:00
night1rider 9775795470 Add ability to skip load key verify test 2026-04-15 11:28:03 -06:00
night1rider 1413afb0db Fix CMake SHE build: add wc_she.c to sources, propagate CMAC/AES_DIRECT defines, 2026-04-15 11:28:03 -06:00
night1rider 1078e797f8 Fix CMake SHE deps, const-correctness in CryptoCb uid, stale comment, XSTRLEN double call, configure.ac AES-CBC guard, and add LoadKey/LoadKey_Verify test coverage 2026-04-15 11:28:03 -06:00
Zackery Backman 92bd03a8a2 Fix .wolfssl_known_macro_extras: remove 19 unneeded macros, add NO_WC_SHE_LOADKEY, fix sort order 2026-04-15 11:28:03 -06:00
night1rider 8760b72426 Add missing NO_WC_SHE_LOADKEY macro to known macros list 2026-04-15 11:28:03 -06:00
night1rider 994b0cdedd Add one-shot SHE LoadKey and LoadKey Verify convenience APIs: wc_SHE_LoadKey, wc_SHE_LoadKey_Id, wc_SHE_LoadKey_Label and their verify counterparts 2026-04-15 11:28:03 -06:00