wolfSSL · dgarske · Jun 12, 2026 · Jun 9, 2026 · Jun 9, 2026 · Jun 9, 2026
diff --git a/tests/api/test_dsa.c b/tests/api/test_dsa.c
@@ -547,19 +547,23 @@ int test_wc_DsaExportKeyRaw(void)
     WC_RNG rng;
     byte xOut[MAX_DSA_PARAM_SIZE];
     byte yOut[MAX_DSA_PARAM_SIZE];
-    word32 xOutSz, yOutSz;
+    word32 xOutSz = sizeof(xOut);
+    word32 yOutSz = sizeof(yOut);
 
     XMEMSET(&key, 0, sizeof(key));
     XMEMSET(&rng, 0, sizeof(rng));
 
     ExpectIntEQ(wc_InitDsaKey(&key), 0);
     ExpectIntEQ(wc_InitRng(&rng), 0);
     ExpectIntEQ(wc_MakeDsaParameters(&rng, 1024, &key), 0);
+    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+    /* export before make key should return error. */
+    ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
+                WC_NO_ERR_TRACE(BAD_FUNC_ARG));
+    #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
     ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
 
     /* try successful export */
-    xOutSz = sizeof(xOut);
-    yOutSz = sizeof(yOut);
     ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), 0);
 
     /* test bad args */

diff --git a/tests/api/test_hmac.c b/tests/api/test_hmac.c
@@ -305,6 +305,13 @@ int test_wc_Md5HmacUpdate(void)
     b.inLen = XSTRLEN(b.input);
 
     ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    #if !defined(WOLFSSL_KCAPI_HMAC) && !defined(HAVE_SELFTEST) && \
+       (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+    /* update before setkey results in err. */
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
+                WC_NO_ERR_TRACE(BAD_FUNC_ARG));
+    #endif /* !WOLFSSL_KCAPI_HMAC && !HAVE_SELFTEST && \
+              (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
     ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys,
         (word32)XSTRLEN(keys)), 0);
     ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -346,6 +353,11 @@ int test_wc_ShaHmacUpdate(void)
     b.inLen = XSTRLEN(b.input);
 
     ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+    /* update before setkey results in err. */
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
+                WC_NO_ERR_TRACE(BAD_FUNC_ARG));
+    #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
     ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys,
         (word32)XSTRLEN(keys)), 0);
     ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -387,6 +399,11 @@ int test_wc_Sha224HmacUpdate(void)
     b.inLen = XSTRLEN(b.input);
 
     ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+    /* update before setkey results in err. */
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
+                WC_NO_ERR_TRACE(BAD_FUNC_ARG));
+    #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
     ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys,
         (word32)XSTRLEN(keys)), 0);
     ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -428,6 +445,11 @@ int test_wc_Sha256HmacUpdate(void)
     b.inLen = XSTRLEN(b.input);
 
     ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+    /* update before setkey results in err. */
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
+                WC_NO_ERR_TRACE(BAD_FUNC_ARG));
+    #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
     ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys,
         (word32)XSTRLEN(keys)), 0);
     ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -469,6 +491,11 @@ int test_wc_Sha384HmacUpdate(void)
     b.inLen = XSTRLEN(b.input);
 
     ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
+    /* update before setkey results in err. */
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
+                WC_NO_ERR_TRACE(BAD_FUNC_ARG));
+    #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
     ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys,
         (word32)XSTRLEN(keys)), 0);
     ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);

diff --git a/wolfcrypt/src/dsa.c b/wolfcrypt/src/dsa.c
@@ -723,6 +723,11 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
     if (x == NULL || y == NULL)
         return BAD_FUNC_ARG;
 
+    /* check we have a key to export */
+    if (mp_iszero(&dsa->x) && mp_iszero(&dsa->y)) {
+        return BAD_FUNC_ARG;
+    }
+
     /* export x */
     if (*xSz < xLen) {
         WOLFSSL_MSG("Output buffer for DSA private key (x) too small, "

diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
@@ -9848,8 +9848,10 @@ static int ECC_populate_EVP_PKEY(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
                 pkey->pkey.ptr = (char*)derBuf;
                 if ((derSz = wc_EccPublicKeyToDer(ecc, derBuf, (word32)derSz,
                         1)) < 0) {
-                    XFREE(derBuf, NULL, DYNAMIC_TYPE_OPENSSL);
+                    XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_OPENSSL);
                     derBuf = NULL;
+                    pkey->pkey.ptr = NULL;
+                    pkey->pkey_sz = 0;
                 }
             }
         }

diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c
@@ -368,6 +368,7 @@ static int HmacKeyCopyHash(byte macType, wc_HmacHash* src, wc_HmacHash* dst)
     #endif
 
         default:
+            ret = BAD_FUNC_ARG;
             break;
     }
 
@@ -475,6 +476,7 @@ static int HmacKeyHashUpdate(byte macType, wc_HmacHash* hash, byte* pad)
     #endif
 
         default:
+            ret = BAD_FUNC_ARG;
             break;
     }
 
@@ -1020,7 +1022,6 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
         if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
             return ret;
         /* fall-through when unavailable */
-        ret = 0; /* reset error code */
     }
 #endif
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
@@ -1135,6 +1136,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
     #endif
 
         default:
+            ret = BAD_FUNC_ARG;
             break;
     }
 

diff --git a/wolfcrypt/src/pwdbased.c b/wolfcrypt/src/pwdbased.c
@@ -777,7 +777,9 @@ int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
 #endif
     }
 
+    ForceZero(B, WC_MAX_BLOCK_SIZE);
     WC_FREE_VAR_EX(B, heap, DYNAMIC_TYPE_TMP_BUFFER);
+    ForceZero(buffer, totalLen);
     if (buffer != staticBuffer) {
         XFREE(buffer, heap, DYNAMIC_TYPE_KEY);
     }