Skip to content

Rust fenrir fixes #10205

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gasbytes merged 20 commits into from
Apr 17, 2026
Merged

Rust fenrir fixes #10205

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
a8fa845
Rust wrapper: ecc: fix possible resource leak in some error cases
holtrop-wolfssl Mar 23, 2026
9843f03
Rust wrapper: avoid creating a MaybeUninit<RNG>
holtrop-wolfssl Mar 24, 2026
337dfc3
Rust wrapper: avoid uninitialized sys::XtsAesStreamData
holtrop-wolfssl Mar 24, 2026
4f42ba9
Rust wrapper: ed25519: add check for context buffers too long
holtrop-wolfssl Mar 24, 2026
5959aa2
Rust wrapper: ed448: add check for context buffers too long
holtrop-wolfssl Mar 24, 2026
56c20ae
Rust wrapper: dilithium: remove unnecessary size define presence checks
holtrop-wolfssl Mar 24, 2026
5c10fe9
Rust wrapper: BLAKE2: check for non-empty hash buffer in finalize()
holtrop-wolfssl Mar 25, 2026
f006369
Rust wrapper: check kdr_index range in srtp_kdf() and srtcp_kdf()
holtrop-wolfssl Mar 25, 2026
2c981d6
Rust wrapper: check all buffer lengths when converting to u32/i32
holtrop-wolfssl Mar 26, 2026
f1a041a
Rust wrapper: add zeroizing Drop impl for ChaCha20Poly1305
holtrop-wolfssl Mar 24, 2026
db1aab9
Rust wrapper: zeroize structs on drop
holtrop-wolfssl Mar 26, 2026
884b882
Rust wrapper: remove generic types for AES buffers
holtrop-wolfssl Mar 27, 2026
85ad08a
Rust wrapper: avoid as_ptr() to *mut u8 casts
holtrop-wolfssl Mar 27, 2026
10fbc95
Rust wrapper: add comment to MlKem about not implementing Send/Sync
holtrop-wolfssl Mar 27, 2026
2f94121
Rust wrapper: require caller supplied buffer for Lms.get_kid()
holtrop-wolfssl Mar 27, 2026
15ac071
Rust wrapper: make zeroize functions private
holtrop-wolfssl Apr 13, 2026
e1a0192
Rust wrapper: check length returned by Lms.get_kid() in unit test
holtrop-wolfssl Apr 13, 2026
ca362a4
Rust wrapper: also check usize to u32 conversions for digest_size
holtrop-wolfssl Apr 13, 2026
4fb4b3c
Rust wrapper: test BLAKE2 finalize() returns error for empty output b…
holtrop-wolfssl Apr 14, 2026
4f31ff9
Rust wrapper: require fixed length index buffers for SRTP/SRTCP
holtrop-wolfssl Apr 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions wolfcrypt/src/kdf.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -984,7 +984,7 @@ static int wc_srtp_kdf_derive_key(byte* block, int idxSz, byte label,
* @param [in] saltSz Size of random in bytes.
* @param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise
* kdr = 2^kdrIdx.
* @param [in] index Index value to XOR in.
* @param [in] idx Index value to XOR in.
* @param [out] key1 First key. Label value of 0x00.
* @param [in] key1Sz Size of first key in bytes.
* @param [out] key2 Second key. Label value of 0x01.
Expand Down Expand Up @@ -1069,7 +1069,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
* @param [in] saltSz Size of random in bytes.
* @param [in] kdrIdx Key derivation rate index. kdr = 0 when -1, otherwise
* kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
* @param [in] index Index value to XOR in.
* @param [in] idx Index value to XOR in.
* @param [out] key1 First key. Label value of 0x03.
* @param [in] key1Sz Size of first key in bytes.
* @param [out] key2 Second key. Label value of 0x04.
Expand Down Expand Up @@ -1171,7 +1171,7 @@ int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
* @param [in] saltSz Size of random in bytes.
* @param [in] kdrIdx Key derivation rate index. kdr = 0 when -1, otherwise
* kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
* @param [in] index Index value to XOR in.
* @param [in] idx Index value to XOR in.
* @param [in] label Label to use when deriving key.
* @param [out] outKey Derived key.
* @param [in] outKeySz Size of derived key in bytes.
Expand Down Expand Up @@ -1244,7 +1244,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
* @param [in] saltSz Size of random in bytes.
* @param [in] kdrIdx Key derivation rate index. kdr = 0 when -1, otherwise
* kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
* @param [in] index Index value to XOR in.
* @param [in] idx Index value to XOR in.
* @param [in] label Label to use when deriving key.
* @param [out] outKey Derived key.
* @param [in] outKeySz Size of derived key in bytes.
Expand Down
21 changes: 21 additions & 0 deletions wrapper/rust/wolfssl-wolfcrypt/Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions wrapper/rust/wolfssl-wolfcrypt/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ cipher = ["dep:cipher"]
rand_core = { version = "0.10", optional = true, default-features = false }
aead = { version = "0.5", optional = true, default-features = false }
cipher = { version = "0.5", optional = true, default-features = false }
zeroize = { version = "1.3", default-features = false, features = ["derive"] }

[dev-dependencies]
aead = { version = "0.5", features = ["alloc", "dev"] }
Expand Down
2 changes: 0 additions & 2 deletions wrapper/rust/wolfssl-wolfcrypt/build.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -461,8 +461,6 @@ fn scan_cfg() -> Result<()> {
check_cfg(&binding, "DILITHIUM_LEVEL2_KEY_SIZE", "dilithium_level2");
check_cfg(&binding, "DILITHIUM_LEVEL3_KEY_SIZE", "dilithium_level3");
check_cfg(&binding, "DILITHIUM_LEVEL5_KEY_SIZE", "dilithium_level5");
check_cfg(&binding, "DILITHIUM_SEED_SZ", "dilithium_make_key_seed_sz");
check_cfg(&binding, "DILITHIUM_RND_SZ", "dilithium_rnd_sz");

/* mlkem / ML-KEM */
check_cfg(&binding, "wc_MlKemKey_Init", "mlkem");
Expand Down
Loading
Loading