Juliusz Sosinowicz
|
0d7ef87f09
|
Fix bounds check in session deserialization
F-717
|
2026-03-16 15:14:25 -07:00 |
|
David Garske
|
b5c532703a
|
Merge pull request #9954 from kareem-wolfssl/gh9951
Fix potential overflows in used size calculation in generic, TI and SE050 hash functions.
|
2026-03-16 15:09:22 -07:00 |
|
David Garske
|
da635c9004
|
Merge pull request #9980 from anhu/sphincs_no_elseif
Fixes SPHINCS else-if chain key detection
|
2026-03-16 15:03:59 -07:00 |
|
David Garske
|
90377e10c5
|
Merge pull request #9979 from anhu/falcon_no_elseif
Fixes Falcon else-if chain key detection
|
2026-03-16 15:03:43 -07:00 |
|
David Garske
|
96661a5dab
|
Merge pull request #9977 from JacobBarthelmeh/multi-test
Minor fixes for nightly multi-test tool
|
2026-03-16 14:31:39 -07:00 |
|
JacobBarthelmeh
|
57f416fc43
|
Merge pull request #9961 from sebastian-carpenter/tls-ech-coverity
minor coverity fixes for tls ech code
|
2026-03-16 15:27:27 -06:00 |
|
Daniel Pouzzner
|
416072f298
|
Merge pull request #9969 from Frauschi/mlkem_wconversion
ML-KEM Wconversion fixes
|
2026-03-16 15:03:26 -05:00 |
|
David Garske
|
77c7418052
|
Merge pull request #9973 from JacobBarthelmeh/static_analysis
fix to sanity check on importing raw session key info
|
2026-03-16 13:46:53 -06:00 |
|
David Garske
|
87906a38ab
|
Merge pull request #9974 from JacobBarthelmeh/oss-fuzz
fix to free CRL reason extension
|
2026-03-16 13:46:34 -06:00 |
|
JacobBarthelmeh
|
7de150eff0
|
Merge pull request #9975 from rlm2002/coverity
20260313 Coverity changes
|
2026-03-16 12:52:27 -06:00 |
|
Daniel Pouzzner
|
30d8cf1a66
|
Merge pull request #9971 from JacobBarthelmeh/linuxkm
Use ENOMEM return and add goto out on AAD error with linuxkm
|
2026-03-16 11:43:15 -05:00 |
|
Daniel Pouzzner
|
49796a5159
|
configure.ac: don't include enable_ocsp_responder in enable-all if $enable_sha = no, remove enable_ocsp_responder from enable-all-crypto setup, and remove superseded fixup clause for ENABLED_OCSP_RESPONDER with ENABLED_SHA = no.
.wolfssl_known_macro_extras: remove unneeded WOLFSSL_PYTHON.
|
2026-03-16 10:20:48 -05:00 |
|
JacobBarthelmeh
|
7ad9c25a5b
|
Merge pull request #9978 from SparkiDev/xmss_sign_idx_fix
XMSS: Fix index copy for signing.
|
2026-03-16 09:20:38 -06:00 |
|
Anthony Hu
|
2939ab7f6a
|
Fixes SPHINCS else-if chain key detection
F-751
|
2026-03-16 11:20:19 -04:00 |
|
JacobBarthelmeh
|
93fc517dd1
|
add NO_RSA macro guard to test case
|
2026-03-16 08:58:15 -06:00 |
|
Anthony Hu
|
3b36db0c9d
|
Fixes Falcon else-if chain key detection
F-750
|
2026-03-16 10:55:28 -04:00 |
|
JacobBarthelmeh
|
f8dda213b0
|
Merge pull request #9972 from cconlon/getCiphersCompatFix
Fix wolfSSL_get_ciphers_compat() to return NULL for empty cipher list
|
2026-03-16 08:29:00 -06:00 |
|
Sean Parkinson
|
9590255ceb
|
XMSS: Fix index copy for signing.
The index is already big-endian encoded but it needs to be front padded
with zeros instead of back end padded.
|
2026-03-16 21:24:08 +10:00 |
|
JacobBarthelmeh
|
8f810c2705
|
clear q with integer.c and mp_div_3 in error case
|
2026-03-16 00:09:37 -06:00 |
|
JacobBarthelmeh
|
73e425923b
|
setting heap pointer based on if key is null
|
2026-03-16 00:08:04 -06:00 |
|
JacobBarthelmeh
|
9b96f49505
|
check return value of fwrite in test case
|
2026-03-16 00:07:09 -06:00 |
|
JacobBarthelmeh
|
681fb41fcb
|
Null check on SNI pointer before potential use
|
2026-03-16 00:06:38 -06:00 |
|
JacobBarthelmeh
|
eaa6db9462
|
account for --enable-all-crypto and --disable-sha build now having OCSP responder
|
2026-03-16 00:06:13 -06:00 |
|
Ruby Martin
|
2ca2781756
|
reallocate tmp buffer with space for null terminator
|
2026-03-13 17:28:00 -06:00 |
|
Ruby Martin
|
8b7b6754d9
|
macro guard with WOLFSSL_SMALL_STACK to prevent dead code
|
2026-03-13 17:03:02 -06:00 |
|
Ruby Martin
|
1ac4ba282b
|
remove early der free
|
2026-03-13 17:03:02 -06:00 |
|
Kareem
|
0b26791168
|
Code review feedback
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
3cc15548bc
|
Code review feedback. Error out on len = 0 as well.
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
0a082b08ca
|
Code review feedback
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
42b321a7d3
|
Use safe sum of used size after calculating it. No reason to redo the additions. Fixes unused variable warning as well.
Fix different type addition in hash.c.
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
d205fcac87
|
Fix potential overflows in two additional hash functions.
Thanks to Arjuna Arya for the report.
Fixes #9955.
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
091016a149
|
Ensure se050Ctx->used does not overflow in se050_hash_update.
Thanks to Arjuna Arya for the report.
Fixes #9951.
|
2026-03-13 15:57:18 -07:00 |
|
JacobBarthelmeh
|
bbf3beef35
|
fix to free CRL reason extension
|
2026-03-13 16:17:52 -06:00 |
|
JacobBarthelmeh
|
a6195c30c1
|
Merge pull request #9947 from kareem-wolfssl/zd21325
Ensure the length computed by CheckHeaders in the SSL sniffer does not exceed the actual size of the packets.
|
2026-03-13 15:37:24 -06:00 |
|
JacobBarthelmeh
|
d36f7a2b99
|
fix to sanity check on importing raw session key info
|
2026-03-13 15:32:46 -06:00 |
|
Chris Conlon
|
428030a3e8
|
Fix wolfSSL_get_ciphers_compat to return NULL when no ciphers available
|
2026-03-13 15:07:25 -06:00 |
|
Tobias Frauenschläger
|
3b4e51c150
|
ML-KEM Wconversion fixes
* fix -Wconversion warnings
* allow APIs without RNG usage in case WC_NO_RNG is defined
|
2026-03-13 21:22:48 +01:00 |
|
JacobBarthelmeh
|
b97b3da81b
|
use ENOMEM instead of MEMORY_E with aes glue returns f-669
|
2026-03-13 14:08:03 -06:00 |
|
JacobBarthelmeh
|
1958fbdf71
|
Add goto out on AAD error f-631
|
2026-03-13 14:03:31 -06:00 |
|
Chris Conlon
|
aa9ee8b4fa
|
Merge pull request #9963 from JacobBarthelmeh/caam
fixes for CAAM port without hash store
|
2026-03-13 13:45:08 -06:00 |
|
JacobBarthelmeh
|
73eb8f933b
|
Merge pull request #9967 from Frauschi/pqc_cmake
Move PQC algos out of experimental in CMake
|
2026-03-13 13:12:53 -06:00 |
|
Kareem
|
94b370f5e2
|
Rework check to compare only ints.
|
2026-03-13 11:42:12 -07:00 |
|
Kareem
|
19b99f8072
|
Ensure the length computed by CheckHeaders in the SSL sniffer does not exceed the actual size of the packets.
Thanks to Haruto Kimura (Stella) for the report.
|
2026-03-13 11:42:12 -07:00 |
|
Ruby Martin
|
5d54d8a488
|
init caCert before function can error out
|
2026-03-13 11:57:24 -06:00 |
|
sebastian-carpenter
|
47a24d7b90
|
minor coverity fixes for tls ech
|
2026-03-13 11:04:44 -06:00 |
|
Tobias Frauenschläger
|
da94ea6265
|
Move PQC algos out of experimental in CMake
This has already been done long time in autoconf. User
now does not have to enable experimental features to use
PQC.
|
2026-03-13 17:53:54 +01:00 |
|
JacobBarthelmeh
|
156db7dd2d
|
Merge pull request #9831 from julek-wolfssl/pytho-3.13.4
Fixes to run python with --enable-all
|
2026-03-13 10:50:23 -06:00 |
|
David Garske
|
0792c674c5
|
Merge pull request #9960 from philljj/fix_coverity
asn: fix coverity null deref warnings.
|
2026-03-13 06:58:41 +01:00 |
|
David Garske
|
00cd1a7c22
|
Merge pull request #9962 from night1rider/ecc-dilithium-callback-free-fix
Fix expected callback behavior for ECC/Dilithium for Free Callbacks
|
2026-03-13 06:19:31 +01:00 |
|
David Garske
|
cdacf3a53e
|
Merge pull request #9964 from SparkiDev/asm_gen_fixes_1
SP fixes: 32-bit ARM assembly fixes
|
2026-03-13 06:16:57 +01:00 |
|