Skip to content

Various fixes reported from analyzer#26

Merged
dgarske merged 20 commits intowolfSSL:mainfrom
gasbytes:2025-03-18-varios-fixes
Mar 19, 2026
Merged

Various fixes reported from analyzer#26
dgarske merged 20 commits intowolfSSL:mainfrom
gasbytes:2025-03-18-varios-fixes

Conversation

@gasbytes
Copy link
Contributor

@gasbytes gasbytes commented Mar 19, 2026

f-904 - 3d50bbc check stat instead of only checking ret when verifying signatures (ed25519)
f-905 - 1a3db7b remove panic when signatures are invalid (verify/ecdsa.rs)
f-907 - ef80b36 copy_from_slice could panic when source and destination lengths differ, slice
indexing to prevent that. also the second copy_from_slice could overwrite the first one.
f-908 - 1cd5139 add missing RSA_PSS_SHA512 and RSA_PKCS1_SHA512 to the all array, which are already
supported.
f-917 - 5b2f5cb (aes256gcm) copy_from_slice could panic when source and destination lengths differ,
slice indexing to prevent that. also the second copy_from_slice could overwrite the first one.
f-909 - 5c0eb94 minor error in including ed448 as signature scheme in eddsa.rs
f-911 - 81d18aa match on any Err variant not just WCError when checking signatures in rsa-pkcs1 and
rsa-pss
f-918 - 3654c59 proper error mapping and return in sign/eddsa.rs instead of panic
f-914 - e7d5059 minor typo of the digest size in hmac_final (changed from sha3_384 to sha384)
f-906/915/916 - 9476a30 remove hmacobject dangling pointer, heap allocate hmac struct via box, so it outlives
hmac_init so that it remains valid for the lifetime of the hmac operation
f-910 - a91c8f1 check returned value of wc_HKDF_Expand with proper error propagation
f-912 - 9dc39df added drop implementations for the missing foreign types to prevent potential
resource leaking; custom deallocation method for rsa to reclaim the Box allocation; implemented Send and Sync to send the new rsa object safely between
threads
f-919 - d0f6ed0 use the appropriate copy function in the clone implementations of sha256 and sha384,
instead of doing bit by bit copies.
f-920 - b154c1f add lengths checks when deriving the secret in the p-* apis, to validate the peer
public key length before slicing (skipping 0x04 first byte) and return Result instead of panicking.
f-913 - 3d83b34 removing redundant check_if_zero, this was re-checking the wc_hmacfinal returned
value
f-921 - 254ec63 add zeroize crate to wipe key material from memory on drop (this applies for all the
crypto modules)

gasbytes added 20 commits March 18, 2026 13:13
@gasbytes
check stat instead of only checking ret when verifying signatures
3d50bbc 
(ed25519)
@gasbytes
remove panic when signatures are invalid (verify/ecdsa.rs)
1a3db7b
@gasbytes
copy_from_slice could panic when source and destination lengths differ,
ef80b36 
slice indexing to prevent that.
also the second copy_from_slice could overwritee the fist one.
@gasbytes
add missing RSA_PSS_SHA512 and RSA_PKCS1_SHA512 to the all array, which
1cd5139 
are already supported.
@gasbytes
(aes256gcm) copy_from_slice could panic when source and destination l…
5b2f5cb 
…engths differ,

slice indexing to prevent that.
also the second copy_from_slice could overwritee the fist one.
@gasbytes
minor error in including ed448 as signature scheme in eddsa.rs
5c0eb94
@gasbytes
match on any Err variant not just WCError when checking signatures in
81d18aa 
rsa-pkcs1 and rsa-pss
@gasbytes
proper error mapping and return in sign/eddsa.rs instead of panic
3654c59
@gasbytes
minor typo of the digest size in hmac_final (changed from sha3_384 to
e7d5059 
sha384)
@gasbytes
remove hmacobject dangling pointer, heap allocate hmac struct via box,
9476a30 
so it outlives hmac_init so that it remains valid for the lifetime of
the hmac operation
@gasbytes
check returned value of wc_HKDF_Expand with proper error propagation
a91c8f1
@gasbytes
- added drop implementations for the missing foreign types to prevent
9dc39df 
potentiall resource leaking;
- custom deallocation method for rsa to reclaim the Box allocation;
- implemented Send and Sync to send the new rsa object safely between
  threads;
@gasbytes
use the appropriate copy function in the clone implementations of sha256
d0f6ed0 
and sha384, instead of doing bit by bit copies.
@gasbytes
add lengths checks when deriving the secret in the p-* apis, to validate
b154c1f 
the peer public key length before slicing (skipping 0x04 first byyte)
and return Result instead of panicking.
@gasbytes
removing redudant check_if_zero, this it was re-chcking the wc_hmacfinal
3d83b34 
returned value
@gasbytes
add zeroize crate to wipe key material from memory on drop (this applies
254ec63 
for all the cryptoo modules)
@gasbytes
formatting issues fixed via cargo fmt --all
233cc87
@gasbytes
clippy fixes
66ecb84
@gasbytes
more fmt fixes
3938e1a
@gasbytes
surpress unnecessary-transmutes on macOS (newest toolchain)
b7765d0
@gasbytes gasbytes marked this pull request as ready for review March 19, 2026 13:43
@dgarske dgarske merged commit 478a4ad into wolfSSL:main Mar 19, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dgarske dgarske dgarske approved these changes

@holtrop-wolfssl holtrop-wolfssl holtrop-wolfssl approved these changes

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@gasbytes @dgarske @holtrop-wolfssl @wolfSSL-Bot