Merged
Conversation
douzzer
force-pushed
the
20260403-WC_FIPS_186
branch
from
1873acb to
69da051
Compare
wolfSSL-Fenrir-bot
left a comment
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #10131
Scan targets checked: wolfcrypt-api_misuse, wolfcrypt-bugs, wolfcrypt-compliance, wolfcrypt-concurrency, wolfcrypt-portability, wolfcrypt-src, wolfssl-bugs, wolfssl-compliance, wolfssl-src
Findings: 5
5 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
douzzer
force-pushed
the
20260403-WC_FIPS_186
branch
5 times, most recently
from
9e83284 to
a008983
Compare
Contributor
Author
|
Note, CI failures are fips-ready ACVP (expected to fail) and OpenVPN |
douzzer
force-pushed
the
20260403-WC_FIPS_186
branch
2 times, most recently
from
73cc972 to
e1f5992
Compare
…ature gen and verify ops: * add WC_FIPS_186_4, WC_FIPS_186_4_PLUS, WC_FIPS_186_5, and WC_FIPS_186_5_PLUS feature macros. * add support for WC_HASH_CUSTOM_MIN_DIGEST_SIZE, WC_HASH_CUSTOM_MAX_DIGEST_SIZE, and WC_HASH_CUSTOM_MAX_BLOCK_SIZE, for use with custom digest algorithms. * add SigOidMatchesKeyOid() helper function and WC_MIN_DIGEST_SIZE macro. * add additional size and OID agreement checks for sig gen and verify ops. * update ecc_test_vector() with FIPS 186-5 vectors. Co-authored-by: Tobias Frauenschläger <tobias@wolfssl.com>
douzzer
force-pushed
the
20260403-WC_FIPS_186
branch
from
e1f5992 to
abce5be
Compare
Frauschi
previously approved these changes
Apr 6, 2026
dgarske
previously approved these changes
Apr 6, 2026
JacobBarthelmeh
previously approved these changes
Apr 6, 2026
… in compat #defines.
douzzer
dismissed stale reviews from JacobBarthelmeh, dgarske, and Frauschi
via
1d6f295
JacobBarthelmeh
approved these changes
Apr 6, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
wolfcrypt: add additional enforcement of correct digest sizes in signature gen and verify ops:
WC_FIPS_186_4,WC_FIPS_186_4_PLUS,WC_FIPS_186_5, andWC_FIPS_186_5_PLUSfeature macros.WC_HASH_CUSTOM_MIN_DIGEST_SIZE,WC_HASH_CUSTOM_MAX_DIGEST_SIZE, andWC_HASH_CUSTOM_MAX_BLOCK_SIZE, for use with custom digest algorithms.SigOidMatchesKeyOid()helper function andWC_MIN_DIGEST_SIZEmacro.ecc_test_vector()with FIPS 186-5 vectors.tested with
Co-authored-by: @Frauschi