Skip to content

Fixes issues in SRP component:#9896

Merged
douzzer merged 3 commits intowolfSSL:masterfrom
embhorn:f278-281-282
Mar 7, 2026
Merged

Fixes issues in SRP component:#9896
douzzer merged 3 commits intowolfSSL:masterfrom
embhorn:f278-281-282

Conversation

@embhorn
Copy link
Member

@embhorn embhorn commented Mar 5, 2026

Description

Fixes issues in SRP component:

  • fix setting heap in wc_SrpInit_ex
  • use force zero in wc_SrpInit
  • use force zero in wc_SrpComputeKey

Fixes

  • F278
  • F281
  • F282

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • Updated manual and documentation

@embhorn embhorn self-assigned this Mar 5, 2026
Copilot AI review requested due to automatic review settings March 5, 2026 22:18
Copilot AI reviewed Mar 5, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adjusts SRP initialization and teardown to use the correct heap hint earlier and to securely zero sensitive big-integer state during cleanup.

Changes:

  • Initialize srp->heap before hash initialization in wc_SrpInit_ex.
  • Switch from mp_clear to mp_forcezero for sensitive SRP big integers (auth, priv) in wc_SrpTerm.
  • Switch cleanup in wc_SrpComputeKey from mp_clear to mp_forcezero for intermediates.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@philljj philljj added the For This Release Release version 5.9.0 label Mar 6, 2026
@embhorn
Copy link
Member Author

embhorn commented Mar 6, 2026

Jenkins retest this please

@embhorn embhorn assigned wolfSSL-Bot and unassigned embhorn Mar 6, 2026
@embhorn
Copy link
Member Author

embhorn commented Mar 6, 2026

Retest this please

@douzzer douzzer added the Staged Staged for merge pending final test results and review label Mar 6, 2026
@douzzer douzzer merged commit 396b5ec into wolfSSL:master Mar 7, 2026
453 of 454 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@douzzer douzzer douzzer approved these changes

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

For This Release Release version 5.9.0 Staged Staged for merge pending final test results and review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@embhorn @douzzer @wolfSSL-Bot @philljj