Skip to content

Harden crypto callback, ASN.1 parsing, param-enc and marshalling; add negative tests#551

Merged
embhorn merged 27 commits into
wolfSSL:masterfrom
aidangarske:fenrir-fixes-6839-6850
Jul 13, 2026
Merged

Harden crypto callback, ASN.1 parsing, param-enc and marshalling; add negative tests#551
embhorn merged 27 commits into
wolfSSL:masterfrom
aidangarske:fenrir-fixes-6839-6850

Conversation

@aidangarske

Copy link
Copy Markdown
Member
F-6839, F-6840, F-6841, F-6842, F-6843, F-6844, F-6845, F-6846, F-6847, F-6848, F-6849, F-6850

@aidangarske aidangarske self-assigned this Jul 13, 2026
Copilot AI review requested due to automatic review settings July 13, 2026 19:07

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens several security-sensitive paths in wolfTPM around parameter encryption hashing, TPM public-area marshalling, ASN.1 parsing, and the wolfCrypt crypto callback, and adds unit tests intended to lock in the new boundary/error handling.

Changes:

  • Add new unit tests for param-encryption boundary conditions, response HMAC verification, ASN.1 error handling, crypto callback edge cases, and public marshal/parse round-trips.
  • Scrub hash context stack state after cpHash/rpHash computation.
  • Clamp several TPM2B_* size fields during public-area marshalling and add an ECC verify guard against oversized DER R/S causing offset underflow.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
tests/unit_tests.c Adds new negative/boundary tests across param-enc, ResponseProcess HMAC, public marshalling, CryptoDevCb, and ASN.1 parsing.
src/tpm2_param_enc.c Adds explicit stack zeroization of hash contexts after cpHash/rpHash calculation.
src/tpm2_packet.c Clamps public-area authPolicy and several unique.* sizes before appending to packet.
src/tpm2_cryptocb.c Rejects ECDSA verify signatures with R/S larger than key size to prevent pad-offset underflow.
src/tpm2_asn.c Normalizes ASN header decode success return to 0 and updates callers accordingly.
src/fwtpm/fwtpm_crypto.c Adds clarifying comments about ML-KEM secret length per FIPS 203 errata.

Comment thread src/tpm2_packet.c
Comment thread tests/unit_tests.c
Comment thread tests/unit_tests.c
@aidangarske aidangarske marked this pull request as ready for review July 13, 2026 21:16
@aidangarske aidangarske requested a review from embhorn July 13, 2026 21:16
Comment thread src/tpm2_packet.c
@aidangarske aidangarske requested a review from embhorn July 13, 2026 21:44
@embhorn embhorn merged commit 7d02b58 into wolfSSL:master Jul 13, 2026
199 checks passed
@aidangarske aidangarske deleted the fenrir-fixes-6839-6850 branch July 13, 2026 22:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants