Skip to content

fixes for c++ error on missing enum cast and warning on MlKemKey init #928

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ejohnstown merged 2 commits into from
Apr 17, 2026
+41 −20
Merged

fixes for c++ error on missing enum cast and warning on MlKemKey init #928

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8a945c7
fixes for c++ error on missing enum cast and warning on MlKemKey init…
JacobBarthelmeh Apr 16, 2026
6013f12
check on return value of get digest size and remove old ret reset code
JacobBarthelmeh Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 41 additions & 20 deletions src/internal.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5527,12 +5527,14 @@ static int KeyAgreeEcdhMlKem_client(WOLFSSH* ssh, byte hashId,
int ret = WS_SUCCESS;
byte sharedSecretHashSz = 0;
byte *sharedSecretHash = NULL;
MlKemKey kem = {0};
MlKemKey kem;
word32 length_ciphertext = 0;
word32 length_sharedsecret = 0;
word32 length_privatekey = 0;
int mlKemType = WC_ML_KEM_768;
byte kexId = ssh->handshake->kexId;

WMEMSET(&kem, 0, sizeof(kem));
#if !defined(WOLFSSH_NO_NISTP256_MLKEM768_SHA256) || \
!defined(WOLFSSH_NO_NISTP384_MLKEM1024_SHA384)
ecc_key *key_ptr = NULL;
Expand Down Expand Up @@ -5694,18 +5696,26 @@ static int KeyAgreeEcdhMlKem_client(WOLFSSH* ssh, byte hashId,
/* Replace the concatenated shared secrets with the hash. That
* will become the new shared secret. */
if (ret == 0) {
sharedSecretHashSz = wc_HashGetDigestSize(hashId);
sharedSecretHash = (byte *)WMALLOC(sharedSecretHashSz,
ssh->ctx->heap,
DYNTYPE_PRIVKEY);
if (sharedSecretHash == NULL) {
ret = WS_MEMORY_E;
int digestSz;

digestSz = wc_HashGetDigestSize((enum wc_HashType)hashId);
if (digestSz <= 0) {
ret = WS_INVALID_ALGO_ID;
}
else {
sharedSecretHashSz = (byte)digestSz;
sharedSecretHash = (byte *)WMALLOC(sharedSecretHashSz,
ssh->ctx->heap,
DYNTYPE_PRIVKEY);
if (sharedSecretHash == NULL) {
ret = WS_MEMORY_E;
}
}
}

if (ret == 0) {
ret = wc_Hash(hashId, ssh->k, ssh->kSz, sharedSecretHash,
sharedSecretHashSz);
ret = wc_Hash((enum wc_HashType)hashId, ssh->k, ssh->kSz,
sharedSecretHash, sharedSecretHashSz);
}

if (ret == 0) {
Expand Down Expand Up @@ -12144,12 +12154,14 @@ static int KeyAgreeEcdhMlKem_server(WOLFSSH* ssh, byte hashId,
int ret = WS_SUCCESS;
byte sharedSecretHashSz = 0;
byte *sharedSecretHash = NULL;
MlKemKey kem = {0};
MlKemKey kem;
word32 length_publickey = 0;
word32 length_ciphertext = 0;
word32 length_sharedsecret = 0;
int mlKemType = WC_ML_KEM_768;
byte kexId = ssh->handshake->kexId;

WMEMSET(&kem, 0, sizeof(kem));
#if !defined(WOLFSSH_NO_NISTP256_MLKEM768_SHA256) || \
!defined(WOLFSSH_NO_NISTP384_MLKEM1024_SHA384)
ecc_key* pubKey = NULL;
Expand Down Expand Up @@ -12366,16 +12378,24 @@ static int KeyAgreeEcdhMlKem_server(WOLFSSH* ssh, byte hashId,
/* Replace the concatenated shared secrets with the hash. That
* will become the new shared secret.*/
if (ret == 0) {
sharedSecretHashSz = wc_HashGetDigestSize(hashId);
sharedSecretHash = (byte *)WMALLOC(sharedSecretHashSz,
ssh->ctx->heap, DYNTYPE_PRIVKEY);
if (sharedSecretHash == NULL) {
ret = WS_MEMORY_E;
int digestSz;

digestSz = wc_HashGetDigestSize((enum wc_HashType)hashId);
if (digestSz <= 0) {
ret = WS_INVALID_ALGO_ID;
}
else {
sharedSecretHashSz = (byte)digestSz;
sharedSecretHash = (byte *)WMALLOC(sharedSecretHashSz,
ssh->ctx->heap, DYNTYPE_PRIVKEY);
if (sharedSecretHash == NULL) {
ret = WS_MEMORY_E;
}
}
}
if (ret == 0) {
ret = wc_Hash(hashId, ssh->k, ssh->kSz, sharedSecretHash,
sharedSecretHashSz);
ret = wc_Hash((enum wc_HashType)hashId, ssh->k, ssh->kSz,
sharedSecretHash, sharedSecretHashSz);
}
if (ret == 0) {
XMEMCPY(ssh->k, sharedSecretHash, sharedSecretHashSz);
Expand Down Expand Up @@ -13553,12 +13573,13 @@ int SendKexDhInit(WOLFSSH* ssh)
#if !defined(WOLFSSH_NO_NISTP256_MLKEM768_SHA256) || \
!defined(WOLFSSH_NO_NISTP384_MLKEM1024_SHA384) || \
!defined(WOLFSSH_NO_CURVE25519_MLKEM768_SHA256)
if (ssh->handshake->useEccMlKem) {
MlKemKey kem = {0};
if (ret == WS_SUCCESS && ssh->handshake->useEccMlKem) {
MlKemKey kem;
word32 length_publickey = 0;
word32 length_privatekey = 0;
int mlKemType = WC_ML_KEM_768;
ret = 0;

WMEMSET(&kem, 0, sizeof(kem));

#ifndef WOLFSSH_NO_NISTP384_MLKEM1024_SHA384
if (ssh->handshake->kexId == ID_NISTP384_MLKEM1024_SHA384) {
Expand Down
Loading