Sean Parkinson
14ebd3d649
Merge pull request #10170 from embhorn/zd21566
...
Fix partial chain verification
2026-04-15 08:58:28 +10:00
Sean Parkinson
64c4203d96
Merge pull request #10214 from douzzer/20260413-cross-riscv64-all-asm-fips-dev
...
20260413-cross-riscv64-all-asm-fips-dev
2026-04-15 07:13:53 +10:00
David Garske
e3e95c0454
Merge pull request #10213 from SparkiDev/api_test_cipher_algs_2
...
Unit testing: Add Monte Carlo testing to ciphers
2026-04-14 13:05:08 -07:00
David Garske
584489f2e0
Merge pull request #10211 from night1rider/mlkem-cryptocb-sha3-hashtype-bug
...
Mlkem cryptocb sha3 hashtype not reset after final call
2026-04-14 11:08:26 -07:00
David Garske
9ed79a2815
Merge pull request #10189 from michael-membrowse/master
...
ci: membrowse integration
2026-04-14 09:25:53 -07:00
David Garske
c01eca5fc8
Merge pull request #10206 from Frauschi/mlkem-dynamic-key-2
...
Store the size of the allocated private key buffer for ML-KEM
2026-04-14 09:15:10 -07:00
Eric Blankenhorn
c873f3f77d
Fix from review
2026-04-14 07:58:43 -05:00
Eric Blankenhorn
2b503dae54
Fix from review
2026-04-14 07:41:30 -05:00
Eric Blankenhorn
a6fd25b94e
Fix partial chain verification
2026-04-14 07:25:11 -05:00
Tobias Frauenschläger
17ba0c252a
Store the size of the allocated private key buffer for ML-KEM
2026-04-14 13:33:14 +02:00
Zackery Backman
467ed28d3f
wolfcrypt/mlkem: fix -Wparentheses-equality error when WOLF_CRYPTO_CB_FIND is defined
2026-04-13 22:30:22 -06:00
Sean Parkinson
59a17dd598
Unit testing: Add Monte Carlo testing to ciphers
...
Monte Carlo testing is randomized test data.
These new tests have random keys, IVs, nonce, etc and random data to
encrypt.
100 sets of random test data are encrypted and decrypted with a check to
ensure the input to encrypt is the same as the output of decrypt.
Tags are generated and checked in the calls to encrypt and decrypt.
2026-04-14 13:25:15 +10:00
Daniel Pouzzner
c4c2d8fafe
src/include.am, wolfcrypt/src/aes.c, wolfcrypt/src/port/riscv/riscv-64-aes.c: initial buildability of fips-dev with --enable-riscv-asm.
2026-04-13 18:57:20 -05:00
Zackery Backman
fffb80d221
Clear sha3->hashType in InitSha3 so Final fully resets the struct for cross sha3 reuse.
2026-04-13 17:12:49 -06:00
Zackery Backman
4c8c67f8aa
Add --enable-cryptocb --enable-keygen -DWOLF_CRYPTO_CB_FIND CI config to surface mlkem SHA3 hashType latch bug
2026-04-13 16:57:59 -06:00
Sean Parkinson
9176185d66
Merge pull request #10171 from dgarske/hpke_csharp
...
Add HPKE (RFC 9180) C# wrapper
2026-04-14 08:27:03 +10:00
Sean Parkinson
649a32fd6e
Merge pull request #10169 from embhorn/zd21565
...
Fix for peer cert verify with IP address
2026-04-14 08:21:23 +10:00
David Garske
b17755b63f
Merge pull request #10164 from rizlik/bio
...
BIO improvements and fixes
2026-04-13 12:40:02 -07:00
David Garske
a143369522
Merge pull request #10138 from padelsbach/cobalt-fixes-2026-04-06
...
Use size_t in wolfSSL_strnstr and reject negative indices in mp_get_digit
2026-04-13 12:37:59 -07:00
David Garske
178e10e42a
Merge pull request #10081 from julek-wolfssl/openssh-10.2p1
...
Add openssh 10.2p1 to CI
2026-04-13 10:21:50 -07:00
David Garske
a67179e3c5
Merge pull request #10202 from LinuxJedi/fix-gha-cache
...
ci: rebuild mbedtls/nss in test job on cache miss
2026-04-13 10:02:04 -07:00
David Garske
c4e7198686
Merge pull request #10070 from holtrop-wolfssl/rust-rand_core-aead-cipher
...
Rust wrapper: add rand_core, aead, cipher trait implementations
2026-04-13 10:00:26 -07:00
David Garske
c36beba9b7
Merge pull request #10174 from SparkiDev/api_test_cipher_algs_1
...
API testing additions: cipher tests
2026-04-13 09:54:23 -07:00
David Garske
bf492eba12
Merge pull request #10175 from yosuke-wolfssl/f_2205
...
Fix authTagSz validation
2026-04-13 09:33:14 -07:00
David Garske
e73b255cbc
Merge pull request #10194 from douzzer/20260410-linuxkm-aes-ccm
...
20260410-linuxkm-aes-ccm
2026-04-13 09:19:17 -07:00
David Garske
9627d80363
Merge pull request #10184 from SparkiDev/asm_gen_fixes_4
...
ASM generation fixes
2026-04-13 08:37:33 -07:00
David Garske
3b63f4bdee
Merge pull request #10072 from night1rider/extend-cmac-api-id-label
...
Extend/Add label/id extension functions
2026-04-13 08:15:46 -07:00
Andrew Hutchings
08aac33a7d
ci: rebuild mbedtls/nss in test job on cache miss
...
The test jobs used actions/cache/restore with fail-on-cache-miss,
which aborted when the cache key was scoped to another PR or had
been evicted, even though the build job reported success.
Drop fail-on-cache-miss and add a fallback rebuild in the test
job, gated on the cache-hit output. Fast path is unchanged; on
miss the test job rebuilds locally and proceeds.
2026-04-13 14:58:35 +01:00
Yosuke Shimizu
d48fc1801e
Add regression test for authTagSz validation
2026-04-13 13:39:32 +09:00
Sean Parkinson
a50a5403a7
Merge pull request #10199 from douzzer/20260412-clang-23_pre20260331
...
20260412-clang-23_pre20260331
2026-04-13 10:39:11 +10:00
Sean Parkinson
1cd1872abf
Merge pull request #10179 from Frauschi/mlkem-alloc-key
...
Add dynamic key allocation support for ML-KEM
2026-04-13 09:35:34 +10:00
Sean Parkinson
0434139967
Merge pull request #10186 from Frauschi/f-159
...
Error out in case of unknown extensions in response message in TLS 1.3
2026-04-13 09:18:46 +10:00
David Garske
a82583d50b
Add HPKE (RFC 9180) C# wrapper and test
2026-04-12 14:50:11 -07:00
David Garske
3d4e929869
Merge pull request #10173 from SparkiDev/init_cert_sha1
...
Initialize certificate: default to SHA-1 when necessary
2026-04-12 14:46:53 -07:00
David Garske
77b0939a8f
Merge pull request #10176 from SparkiDev/aes_gcm_small_armasm_fix
...
ARM ASM: AES-GCM small table without NEON
2026-04-12 14:46:44 -07:00
Daniel Pouzzner
1b692b8063
fixes for clang -Wunused-but-set-globals (coverage added by LLVM 23_pre20260331).
2026-04-12 12:07:33 -05:00
Daniel Pouzzner
d343ea657b
Merge pull request #10190 from rlm2002/mlkem_valgrind
...
Nightly-multi-test valgrind fix
2026-04-11 13:09:13 -05:00
Daniel Pouzzner
fc4ce8b256
linuxkm: implement LKCAPI shims for wolfCrypt-native AES-CCM.
...
also, minor fixes:
linuxkm/lkcapi_aes_glue.c: in linuxkm_test_aescfb(), call the appropriate aes_cfb_test(), not aes_cfb_test().
linuxkm/lkcapi_glue.c: fix bugprone-macro-parentheses in REGISTER_ALG_OPTIONAL().
linuxkm/module_hooks.c: in updateFipsHash(), add suppression for clang-diagnostic-cast-function-type-strict warnings around actually-safe function pointer casts in call to wc_fips_generate_hash().
2026-04-10 22:19:35 -05:00
David Garske
ae0a3877ca
Merge pull request #10122 from miyazakh/f-1370_SigGetSize
...
F-1370 : Tighten key_len check from `>=` to `==`
2026-04-10 14:27:16 -07:00
David Garske
e673316f80
Merge pull request #10177 from julek-wolfssl/add-missing-bwrap
...
Add bwrap network namespace isolation to scripts with listening ports
2026-04-10 14:24:07 -07:00
David Garske
ddf4666031
Merge pull request #10077 from Frauschi/pkcs11-mlkem
...
Add ML-KEM support for PKCS#11
2026-04-10 14:22:47 -07:00
night1rider
3fa0fb78f2
Add (void)ret after CRYPTOCB_UNAVAILABLE fall-through reset in _InitCmac_common to acknowledge intentional store.
2026-04-10 13:19:01 -06:00
night1rider
24c40b543b
reset ret after CRYPTOCB_UNAVAILABLE fall-through in _InitCmac_common, add test_RsaInit_Pub/test_RsaNew_Pub helpers for keypub, re-add (void)heap, reject oversized CMAC id.
2026-04-10 13:19:01 -06:00
night1rider
8b49e0abf0
Fix -Wcast-qual errors by replacing void* with typed id/label params in _common helpers and add input validation.
2026-04-10 13:19:01 -06:00
night1rider
88396d7d12
Fix -Wcast-qual errors in _Label functions by making _common helpers accept const void* data parameter.
2026-04-10 13:19:01 -06:00
night1rider
48e8442e35
Add test/bench_AesEcbInit helper
2026-04-10 13:19:01 -06:00
night1rider
c74f01a1a0
change WC_TEST_NO_ECC_CHECK_KEY to WC_TEST_SKIP_ECC_CHECK_KEY
2026-04-10 13:19:01 -06:00
night1rider
ebdbc8e3d7
Add WC_TEST_SKIP_RSA_PRIVATE_EXPORT to test.c
2026-04-10 13:19:01 -06:00
night1rider
3e112a380b
Extend CMAC API to pull in label/id extension functions to pass down to the AES init call
...
Refactor CMAC init to common function, add wc_AesNew_Id/Label API, do same for RSA new
functions, and add test init helpers for id[] support along with some test disable options
2026-04-10 13:19:00 -06:00
David Garske
4b7ff29b2b
Merge pull request #10185 from JacobBarthelmeh/docs
...
update changelog notes
2026-04-10 11:51:13 -07:00