Colton Willey
94b36c9092
Harden chain depth bounds and parser input validation
...
Enforce MAX_CHAIN_DEPTH limits in OCSP chain processing
(SendCertificateStatus, ProcessChainOCSPRequest), certificate loading
(ProcessUserChain), and TLS 1.3 certificate sending
(SendTls13Certificate). Add idx bounds checks to chain accessors
in ssl.c.
Harden SNI extension parser (TLSX_SNI_GetFromBuffer) with length
checks preventing buffer overreads on malformed ClientHello.
Fix off-by-one in TLSX_CSR_Free where <= should be < since
csr->requests is a count, not a max index.
Add remaining-buffer bounds checks to PKCS7 decoders:
DecodeEnvelopedData, DecodeAuthEnvelopedData (encryptedContentSz
and authTagSz), DecodeEncryptedData, SignedData null signature tag,
and PwriKek_KeyUnWrap cekLen validation.
2026-05-27 17:16:30 -07:00
Sean Parkinson
971d2b051a
Merge pull request #10401 from night1rider/Early-heap-delcare-cmac
...
plumb caller heap into Cmac before cryptocb fires
2026-05-28 09:46:10 +10:00
Sean Parkinson
78a5740bac
Merge pull request #10504 from miyazakh/f-2180_pbkdf
...
f-2180: fix clamp iterations <= 0 to 1 instead of returning an error
2026-05-28 09:32:01 +10:00
Sean Parkinson
c92208076f
Merge pull request #10374 from kareem-wolfssl/zd21699
...
Enable all-zero shared secret check for Curve448/25519 by default. Ensure post_handshake_auth extension was sent before accepting post-handshake CertificateRequest message.
2026-05-28 09:29:49 +10:00
Sean Parkinson
eaadfb12ed
Merge pull request #10508 from JacobBarthelmeh/static_analysis_3
...
devcrypto fixes, forcezero on memory after use, RX64 GetHash port fix, blake2 stor64 alignment
2026-05-28 09:24:56 +10:00
Sean Parkinson
7bcc613bb0
Merge pull request #10478 from embhorn/zd21821
...
Fixes in SP int and DH
2026-05-28 09:00:41 +10:00
jordan
12d79d8838
wc_port: guard fcntl behind WOLFSSL_KERNEL_MODE.
2026-05-27 14:52:54 -05:00
David Garske
e55e8a9842
Merge pull request #10524 from JacobBarthelmeh/sgx
...
SGX build does not have fcntl.h
2026-05-27 12:06:05 -07:00
JacobBarthelmeh
4e491ed3db
Merge pull request #10511 from dgarske/zd21780
...
Fix minor compile error with `WOLFSSL_DEBUG_MEMORY`
2026-05-27 11:16:19 -06:00
JacobBarthelmeh
cd82d7e08d
Merge pull request #10529 from SparkiDev/sp_fixes_8
...
sp_int: fixes and added testing
2026-05-27 10:59:24 -06:00
David Garske
10020f9cc9
Fix minor compile error with WOLFSSL_DEBUG_MEMORY
2026-05-26 11:39:34 -07:00
David Garske
8199fda0a4
Merge pull request #10160 from Roy-Carter/feature/integrate_openssl_comp_fixes
...
OpenSSL compatibility layer extension
2026-05-26 10:39:14 -07:00
night1rider
291ec20d4e
stash caller heap before cryptocb fires so InitCmac_* callbacks can honor it
2026-05-26 09:51:59 -06:00
David Garske
a3f5260260
Merge pull request #10500 from rizlik/sha224_only
...
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
2026-05-26 08:05:47 -07:00
Tobias Frauenschläger
637c07798a
Finalize ML-DSA renaming
2026-05-26 14:54:30 +02:00
Sean Parkinson
c57a873824
sp_int: fixes and added testing
...
sp_set_bit(): check i is in range before use.
_sp_div_2(): Use a constant-time clamp as called by a constant-time
function.
_sp_sqr(): static buffer needs to be one larger for when ECC with P-521
is the largest size.
Add tests:
- Testing negative numbers with mp_read_raidx/mp_to_radix 10/16
- Testing negative numbers with mp_add_d/mp_sub_d
- Testing of mp_gcd without mp_lcm
- More testing of mp_mod_d and when negative numbers are used
- Check maximum values work for square. Check of _sp_sqr() bug
- Add testing of mp_add/sub_mod_ct
- Add testing of mp_cmp_mag
- Add testing of mp_mulmod/mp_sqrmod
- Add testing of mp_exch
- Add testing of mp_to_unsigned_bin_len_ct
- Add testing of mp_exptmod that uses base-2 windowing method.
- Add testing of mp_invmod_mont_ct
2026-05-26 13:52:57 +10:00
JacobBarthelmeh
8c0d3b7ea1
SGX build does not have fcntl.h
2026-05-22 23:20:36 -06:00
Roy Carter
56e4612e4e
Fix : apply Julek pr notes
2026-05-22 19:01:05 +03:00
Roy Carter
c1a507e175
Feature: allow the usage of
...
wolfSSL_alert_type_string
wolfSSL_alert_desc_string
wolfSSL_EVP_DigestSign
wolfSSL_EVP_DigestVerify
in the openssl compatiility layer for wolfssl
2026-05-22 19:01:04 +03:00
Sean Parkinson
8597d9da83
Merge pull request #10496 from dgarske/fenrir_20260518
...
Various Fenrir fixes (F-2626, F-585, F-586, F-2638, F-1960, F-599)
2026-05-23 01:28:42 +10:00
Andrew Hutchings
8574fa995f
Merge pull request #10470 from JacobBarthelmeh/tropic
...
fix for tropic port AES key length used
2026-05-21 13:59:48 -07:00
JacobBarthelmeh
0073f3c879
dcp unlock added around aes forcezero, adjust align macro check
2026-05-21 09:34:28 -07:00
JacobBarthelmeh
70288b017f
add sanity check on AES key length
2026-05-20 16:02:56 -07:00
David Garske
782787276c
Merge pull request #10497 from Frauschi/mldsa_rename
...
ML-DSA renaming part 2
2026-05-20 11:24:09 -07:00
HIDEKI MIYAZAKI
03eb38e897
fix EVP_BytesToKey
2026-05-20 11:04:07 -07:00
Tobias Frauenschläger
1dffcffb80
Fix hashType comparison in SLH-DSA
2026-05-20 10:16:37 -07:00
Tobias Frauenschläger
2a30ce3c04
Rename ML-DSA wc_PqcSignatureType entry
2026-05-20 09:06:54 -07:00
HIDEKI MIYAZAKI
319f1d699d
fix clamp iterations <= 0 to 1 instead of returning an error
2026-05-20 07:25:35 -07:00
Marco Oliverio
408ea84c83
sha256: check no hw accelleartion is enabled with CB_ONLY_SHA256
2026-05-20 11:33:31 +02:00
JacobBarthelmeh
51698759fa
0 memset kop in devcrypto before use
2026-05-20 01:29:34 -07:00
JacobBarthelmeh
26bce72776
fix for devcrypto RSA size used
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
2a05c13db8
fix to use correct struct size for devcrypto memset
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
f7d595eec4
fix for Renesas RX64 GetHash on initial state
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
35f61aaa66
explicit cast to word16 before shift with RC2
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
a04b68243c
clear public/private key buffer after use in tropicsquare port
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
999e1b9f99
In NXP DCP port clear key buffer after use
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
6ac6e5065e
fix for tropic port AES key length used
2026-05-20 00:43:36 -07:00
Tobias Frauenschläger
44074fd1df
More ML-DSA renaming
2026-05-19 14:09:09 -07:00
David Garske
dc56e87522
Merge pull request #10466 from Frauschi/slhdsa_cryptocb
...
Add CryptoCb support for SLH-DSA
2026-05-19 13:59:40 -07:00
David Garske
9a5bb8eb23
fix(signature): fenrir 2626 enforce min hash strength
2026-05-19 10:06:56 -07:00
David Garske
2fad30e394
fix(qat): fenrir 585 null-check buffers before memcpy
2026-05-19 10:06:56 -07:00
David Garske
0ea4fa0f97
fix(qat): fenrir 586 guard exit memcpy on error path
2026-05-19 10:06:56 -07:00
David Garske
a211f74a8d
fix(se050): fenrir 2638 zero ed25519 der buffer
2026-05-19 10:06:56 -07:00
David Garske
583bd6bc4e
fix(kcapi): fenrir 1960 zero ecdh secret before free
2026-05-19 10:06:56 -07:00
David Garske
66e5b8fd14
fix(stm32): fenrir 599 capture sign from input mp_int
2026-05-19 10:06:55 -07:00
Marco Oliverio
0c8cabedff
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
2026-05-19 10:22:06 +02:00
David Garske
145a4fac69
Merge pull request #10449 from LinuxJedi/TropicSim
...
Add TROPIC01 simulator
2026-05-18 16:34:25 -07:00
David Garske
be67bf88f7
Merge pull request #10436 from Frauschi/mldsa_rename
...
Rename Dilithium to canonical ML-DSA (FIPS 204) names
2026-05-18 11:44:21 -07:00
David Garske
bc2e842234
Merge pull request #10460 from JacobBarthelmeh/static_analysis
...
Static analysis fixes/improvements for SECO, devcrypto, ARIA, MD4, MD2
2026-05-18 10:31:37 -07:00
David Garske
4c9116c743
Merge pull request #10462 from kareem-wolfssl/zd21507
...
Fix alert type for missing cert. Prevent building with RNG disabled and blinding enabled by default. Enforce bounds for AES CMAC size in verify.
2026-05-17 22:25:09 -07:00