Eric Blankenhorn
0ddde71279
Fix from review
2026-04-15 17:07:22 -05:00
Eric Blankenhorn
c429a41121
Fix from review
2026-04-15 15:26:46 -05:00
Eric Blankenhorn
fb726b70c7
Fix from review
2026-04-14 16:44:16 -05:00
Eric Blankenhorn
6aa9db43f2
Fix from review
2026-04-14 15:53:00 -05:00
Eric Blankenhorn
2e5a0b76af
Various fixes in internal.c
2026-04-14 15:01:12 -05:00
David Garske
9ed79a2815
Merge pull request #10189 from michael-membrowse/master
...
ci: membrowse integration
2026-04-14 09:25:53 -07:00
David Garske
c01eca5fc8
Merge pull request #10206 from Frauschi/mlkem-dynamic-key-2
...
Store the size of the allocated private key buffer for ML-KEM
2026-04-14 09:15:10 -07:00
Tobias Frauenschläger
17ba0c252a
Store the size of the allocated private key buffer for ML-KEM
2026-04-14 13:33:14 +02:00
Sean Parkinson
9176185d66
Merge pull request #10171 from dgarske/hpke_csharp
...
Add HPKE (RFC 9180) C# wrapper
2026-04-14 08:27:03 +10:00
Sean Parkinson
649a32fd6e
Merge pull request #10169 from embhorn/zd21565
...
Fix for peer cert verify with IP address
2026-04-14 08:21:23 +10:00
David Garske
b17755b63f
Merge pull request #10164 from rizlik/bio
...
BIO improvements and fixes
2026-04-13 12:40:02 -07:00
David Garske
a143369522
Merge pull request #10138 from padelsbach/cobalt-fixes-2026-04-06
...
Use size_t in wolfSSL_strnstr and reject negative indices in mp_get_digit
2026-04-13 12:37:59 -07:00
David Garske
178e10e42a
Merge pull request #10081 from julek-wolfssl/openssh-10.2p1
...
Add openssh 10.2p1 to CI
2026-04-13 10:21:50 -07:00
David Garske
a67179e3c5
Merge pull request #10202 from LinuxJedi/fix-gha-cache
...
ci: rebuild mbedtls/nss in test job on cache miss
2026-04-13 10:02:04 -07:00
David Garske
c4e7198686
Merge pull request #10070 from holtrop-wolfssl/rust-rand_core-aead-cipher
...
Rust wrapper: add rand_core, aead, cipher trait implementations
2026-04-13 10:00:26 -07:00
David Garske
c36beba9b7
Merge pull request #10174 from SparkiDev/api_test_cipher_algs_1
...
API testing additions: cipher tests
2026-04-13 09:54:23 -07:00
David Garske
bf492eba12
Merge pull request #10175 from yosuke-wolfssl/f_2205
...
Fix authTagSz validation
2026-04-13 09:33:14 -07:00
David Garske
e73b255cbc
Merge pull request #10194 from douzzer/20260410-linuxkm-aes-ccm
...
20260410-linuxkm-aes-ccm
2026-04-13 09:19:17 -07:00
David Garske
9627d80363
Merge pull request #10184 from SparkiDev/asm_gen_fixes_4
...
ASM generation fixes
2026-04-13 08:37:33 -07:00
David Garske
3b63f4bdee
Merge pull request #10072 from night1rider/extend-cmac-api-id-label
...
Extend/Add label/id extension functions
2026-04-13 08:15:46 -07:00
Andrew Hutchings
08aac33a7d
ci: rebuild mbedtls/nss in test job on cache miss
...
The test jobs used actions/cache/restore with fail-on-cache-miss,
which aborted when the cache key was scoped to another PR or had
been evicted, even though the build job reported success.
Drop fail-on-cache-miss and add a fallback rebuild in the test
job, gated on the cache-hit output. Fast path is unchanged; on
miss the test job rebuilds locally and proceeds.
2026-04-13 14:58:35 +01:00
Yosuke Shimizu
d48fc1801e
Add regression test for authTagSz validation
2026-04-13 13:39:32 +09:00
Sean Parkinson
a50a5403a7
Merge pull request #10199 from douzzer/20260412-clang-23_pre20260331
...
20260412-clang-23_pre20260331
2026-04-13 10:39:11 +10:00
Sean Parkinson
1cd1872abf
Merge pull request #10179 from Frauschi/mlkem-alloc-key
...
Add dynamic key allocation support for ML-KEM
2026-04-13 09:35:34 +10:00
Sean Parkinson
0434139967
Merge pull request #10186 from Frauschi/f-159
...
Error out in case of unknown extensions in response message in TLS 1.3
2026-04-13 09:18:46 +10:00
David Garske
a82583d50b
Add HPKE (RFC 9180) C# wrapper and test
2026-04-12 14:50:11 -07:00
David Garske
3d4e929869
Merge pull request #10173 from SparkiDev/init_cert_sha1
...
Initialize certificate: default to SHA-1 when necessary
2026-04-12 14:46:53 -07:00
David Garske
77b0939a8f
Merge pull request #10176 from SparkiDev/aes_gcm_small_armasm_fix
...
ARM ASM: AES-GCM small table without NEON
2026-04-12 14:46:44 -07:00
Daniel Pouzzner
1b692b8063
fixes for clang -Wunused-but-set-globals (coverage added by LLVM 23_pre20260331).
2026-04-12 12:07:33 -05:00
Daniel Pouzzner
d343ea657b
Merge pull request #10190 from rlm2002/mlkem_valgrind
...
Nightly-multi-test valgrind fix
2026-04-11 13:09:13 -05:00
Daniel Pouzzner
fc4ce8b256
linuxkm: implement LKCAPI shims for wolfCrypt-native AES-CCM.
...
also, minor fixes:
linuxkm/lkcapi_aes_glue.c: in linuxkm_test_aescfb(), call the appropriate aes_cfb_test(), not aes_cfb_test().
linuxkm/lkcapi_glue.c: fix bugprone-macro-parentheses in REGISTER_ALG_OPTIONAL().
linuxkm/module_hooks.c: in updateFipsHash(), add suppression for clang-diagnostic-cast-function-type-strict warnings around actually-safe function pointer casts in call to wc_fips_generate_hash().
2026-04-10 22:19:35 -05:00
David Garske
ae0a3877ca
Merge pull request #10122 from miyazakh/f-1370_SigGetSize
...
F-1370 : Tighten key_len check from `>=` to `==`
2026-04-10 14:27:16 -07:00
David Garske
e673316f80
Merge pull request #10177 from julek-wolfssl/add-missing-bwrap
...
Add bwrap network namespace isolation to scripts with listening ports
2026-04-10 14:24:07 -07:00
David Garske
ddf4666031
Merge pull request #10077 from Frauschi/pkcs11-mlkem
...
Add ML-KEM support for PKCS#11
2026-04-10 14:22:47 -07:00
night1rider
3fa0fb78f2
Add (void)ret after CRYPTOCB_UNAVAILABLE fall-through reset in _InitCmac_common to acknowledge intentional store.
2026-04-10 13:19:01 -06:00
night1rider
24c40b543b
reset ret after CRYPTOCB_UNAVAILABLE fall-through in _InitCmac_common, add test_RsaInit_Pub/test_RsaNew_Pub helpers for keypub, re-add (void)heap, reject oversized CMAC id.
2026-04-10 13:19:01 -06:00
night1rider
8b49e0abf0
Fix -Wcast-qual errors by replacing void* with typed id/label params in _common helpers and add input validation.
2026-04-10 13:19:01 -06:00
night1rider
88396d7d12
Fix -Wcast-qual errors in _Label functions by making _common helpers accept const void* data parameter.
2026-04-10 13:19:01 -06:00
night1rider
48e8442e35
Add test/bench_AesEcbInit helper
2026-04-10 13:19:01 -06:00
night1rider
c74f01a1a0
change WC_TEST_NO_ECC_CHECK_KEY to WC_TEST_SKIP_ECC_CHECK_KEY
2026-04-10 13:19:01 -06:00
night1rider
ebdbc8e3d7
Add WC_TEST_SKIP_RSA_PRIVATE_EXPORT to test.c
2026-04-10 13:19:01 -06:00
night1rider
3e112a380b
Extend CMAC API to pull in label/id extension functions to pass down to the AES init call
...
Refactor CMAC init to common function, add wc_AesNew_Id/Label API, do same for RSA new
functions, and add test init helpers for id[] support along with some test disable options
2026-04-10 13:19:00 -06:00
David Garske
4b7ff29b2b
Merge pull request #10185 from JacobBarthelmeh/docs
...
update changelog notes
2026-04-10 11:51:13 -07:00
Eric Blankenhorn
1e40b15551
Fix from review
2026-04-10 13:46:48 -05:00
Paul Adelsbach
6f7e5d030b
Use size_t in wolfSSL_strnstr and reject negative indices in mp_get_digit
2026-04-10 10:48:17 -07:00
Michael Rogov Papernov
18b2bb3dd9
ci: membrowse integration
2026-04-10 18:36:08 +01:00
Ruby Martin
9a8610ca03
increase rand buffer, fix valgrind invalid read size 16
2026-04-10 11:26:51 -06:00
David Garske
9c7257bb7c
Merge pull request #10146 from Frauschi/ci_tests
...
Remove some duplicate CI tests
2026-04-10 09:54:28 -07:00
David Garske
51cd66d0e8
Merge pull request #10106 from BrianAker/fix/remove-unused-m4
...
Remove unused m4 macros and update AX_PTHREAD
2026-04-10 08:56:24 -07:00
Tobias Frauenschläger
b0763ea4d1
Error out in case of unknown extensions in response message in TLS 1.3
2026-04-10 17:43:35 +02:00