Crypto layer: Add missing input validation#10819
Open
lealem47 wants to merge 2 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens wolfCrypt/wolfSSL by adding additional input validation and tightening default Diffie–Hellman parameter minimums to align with modern security guidance (2048-bit minimum by default, overridable for legacy use).
Changes:
- Introduces
DH_MIN_SIZE(default 2048 bits) and aligns TLS-layer DH minimums with the DH primitive’s minimum. - Adds/adjusts input validation to prevent overflow/wraparound and invalid arguments in KDF/PRF, ECC key import, RSA key generation, and DH operations.
- Updates an existing DH test to be conditionally compiled based on
DH_MIN_SIZE.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| wolfssl/wolfcrypt/settings.h | Defines DH_MIN_SIZE with a secure default and legacy override mapping. |
| wolfssl/version.h | Updates library version macros (currently inconsistent with rest of repo). |
| wolfssl/internal.h | Aligns WOLFSSL_MIN_DHKEY_BITS default with DH_MIN_SIZE and enforces consistency. |
| wolfcrypt/src/rsa.c | Fixes heap usage in an OAEP error path and tightens RSA exponent validation under FIPS. |
| wolfcrypt/src/kdf.c | Adds null/length argument validation and prevents word32 wraparound in length checks. |
| wolfcrypt/src/ecc.c | Prevents potential word32 overflow when expanding compressed ECC point lengths. |
| wolfcrypt/src/dh.c | Rejects DH primes smaller than DH_MIN_SIZE and adds a null check in wc_DhCheckPubValue. |
| tests/api/test_dh.c | Gates a subgroup-check test on DH_MIN_SIZE (affects coverage in default builds). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
c66cde1 to
8961b60
Compare
Contributor
Author
|
Jenkins retest this please |
cb5d209 to
69af8ed
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adding miscellaneous input validation throughout wolfcrypt files.
Testing
./configure --enable-all && make check
Checklist