Skip to content

Crypto layer: Add missing input validation#10819

Open
lealem47 wants to merge 2 commits into
wolfSSL:masterfrom
lealem47:input_validation
Open

Crypto layer: Add missing input validation#10819
lealem47 wants to merge 2 commits into
wolfSSL:masterfrom
lealem47:input_validation

Conversation

@lealem47

@lealem47 lealem47 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Description

Adding miscellaneous input validation throughout wolfcrypt files.

Testing

./configure --enable-all && make check

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@lealem47 lealem47 self-assigned this Jun 30, 2026
Copilot AI review requested due to automatic review settings June 30, 2026 16:31

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens wolfCrypt/wolfSSL by adding additional input validation and tightening default Diffie–Hellman parameter minimums to align with modern security guidance (2048-bit minimum by default, overridable for legacy use).

Changes:

  • Introduces DH_MIN_SIZE (default 2048 bits) and aligns TLS-layer DH minimums with the DH primitive’s minimum.
  • Adds/adjusts input validation to prevent overflow/wraparound and invalid arguments in KDF/PRF, ECC key import, RSA key generation, and DH operations.
  • Updates an existing DH test to be conditionally compiled based on DH_MIN_SIZE.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
wolfssl/wolfcrypt/settings.h Defines DH_MIN_SIZE with a secure default and legacy override mapping.
wolfssl/version.h Updates library version macros (currently inconsistent with rest of repo).
wolfssl/internal.h Aligns WOLFSSL_MIN_DHKEY_BITS default with DH_MIN_SIZE and enforces consistency.
wolfcrypt/src/rsa.c Fixes heap usage in an OAEP error path and tightens RSA exponent validation under FIPS.
wolfcrypt/src/kdf.c Adds null/length argument validation and prevents word32 wraparound in length checks.
wolfcrypt/src/ecc.c Prevents potential word32 overflow when expanding compressed ECC point lengths.
wolfcrypt/src/dh.c Rejects DH primes smaller than DH_MIN_SIZE and adds a null check in wc_DhCheckPubValue.
tests/api/test_dh.c Gates a subgroup-check test on DH_MIN_SIZE (affects coverage in default builds).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread wolfssl/version.h Outdated
Comment thread tests/api/test_dh.c
@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown

MemBrowse Memory Report

gcc-arm-cortex-m0plus

  • FLASH: .text +460 B (+0.7%, 64,043 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m3

  • FLASH: .text +424 B (+0.3%, 121,957 B / 262,144 B, total: 47% used)

gcc-arm-cortex-m4

  • FLASH: .text +448 B (+0.2%, 199,628 B / 262,144 B, total: 76% used)

gcc-arm-cortex-m4-baremetal

  • FLASH: .text +448 B (+0.7%, 66,635 B / 262,144 B, total: 25% used)

gcc-arm-cortex-m4-crypto-only

  • FLASH: .text +128 B (+0.1%, 173,930 B / 262,144 B, total: 66% used)

gcc-arm-cortex-m4-dtls13

  • FLASH: .text +384 B (+0.2%, 180,312 B / 1,048,576 B, total: 17% used)

gcc-arm-cortex-m4-min-ecc

  • FLASH: .text +448 B (+0.7%, 61,613 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m4-openssl-compat

  • FLASH: .text +128 B (+0.0%, 768,388 B / 1,048,576 B, total: 73% used)

gcc-arm-cortex-m4-pkcs7

  • FLASH: .text +448 B (+0.2%, 212,013 B / 262,144 B, total: 81% used)

gcc-arm-cortex-m4-pq

  • FLASH: .text +448 B (+0.2%, 278,512 B / 1,048,576 B, total: 27% used)

gcc-arm-cortex-m4-rsa-only

  • FLASH: .text +128 B (+0.0%, 323,728 B / 1,048,576 B, total: 31% used)

gcc-arm-cortex-m4-sp-math

  • FLASH: .text +448 B (+0.7%, 61,613 B / 262,144 B, total: 24% used)

gcc-arm-cortex-m4-tls12

  • FLASH: .text +384 B (+0.3%, 122,701 B / 262,144 B, total: 47% used)

gcc-arm-cortex-m4-tls13

  • FLASH: .text +384 B (+0.2%, 235,262 B / 262,144 B, total: 90% used)

gcc-arm-cortex-m7

  • FLASH: .text +384 B (+0.2%, 199,564 B / 262,144 B, total: 76% used)

gcc-arm-cortex-m7-pq

  • FLASH: .text +448 B (+0.2%, 279,088 B / 1,048,576 B, total: 27% used)

gcc-arm-cortex-m7-tls13

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

Comment thread wolfcrypt/src/ecc.c
Comment thread wolfcrypt/src/kdf.c
Comment thread wolfcrypt/src/kdf.c
@lealem47

lealem47 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor Author

Jenkins retest this please

@lealem47 lealem47 assigned wolfSSL-Bot and unassigned lealem47 Jun 30, 2026
@lealem47 lealem47 force-pushed the input_validation branch from cb5d209 to 69af8ed Compare July 1, 2026 00:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants