Commit Graph

29067 Commits

Author SHA1 Message Date
David Garske 21921408b9 Merge pull request #10216 from ColtonWilley/add-null-checks-public-api
Add missing NULL checks in public API functions
2026-04-24 14:42:24 -07:00
JacobBarthelmeh 734a71180c Merge pull request #10220 from embhorn/zd21596
Fix TLS ext bounds checking
2026-04-24 15:10:05 -06:00
JacobBarthelmeh c6953b868a Merge pull request #10260 from Frauschi/ecc_fix
Fix ECC validation regression
2026-04-24 14:39:50 -06:00
JacobBarthelmeh 46cedcf0f6 Merge pull request #10268 from ColtonWilley/zephyr-4.3-default-tls-support
zephyr: changes needed for Zephyr 4.3 default TLS support
2026-04-24 14:30:59 -06:00
JacobBarthelmeh 0c9a496215 Merge pull request #10162 from embhorn/gh9753
Use O_CLOEXEC to avoid race conditions
2026-04-24 14:28:00 -06:00
JacobBarthelmeh a20c391b84 Merge pull request #10282 from kareem-wolfssl/zd21527
Fix W560 "possible truncation at implicit conversion to type unsigned char" warnings raised by Tasking compiler.
2026-04-24 14:11:41 -06:00
JacobBarthelmeh b9514e70be Merge pull request #10148 from julek-wolfssl/openvpn-master-bn2binpad
Add BN_bn2binpad API and enable OpenVPN master CI testing
2026-04-24 13:54:06 -06:00
JacobBarthelmeh 06abf84ca8 Merge pull request #10300 from julek-wolfssl/hostap-remove-ap_wpa2_eap_sim_sql
Remove ap_wpa2_eap_sim_sql
2026-04-24 13:50:49 -06:00
JacobBarthelmeh 1da353b516 Merge pull request #10248 from holtrop-wolfssl/rust-digest-signature
Rust wrapper: add digest and signature crate trait implementations
2026-04-24 11:15:40 -06:00
JacobBarthelmeh cf2db428ba Merge pull request #9843 from kaleb-himes/PQ-FS-2026-Part2
Phase 2: PQ in boundary and SHA512 DRBG
2026-04-24 10:55:36 -06:00
Daniel Pouzzner 134f63a38c Merge pull request #10280 from philljj/no_stddef_h_guard
wc_port: guard stddef header include.
2026-04-24 11:33:55 -05:00
Juliusz Sosinowicz 5dad65c04c Remove ap_wpa2_eap_sim_sql 2026-04-24 17:07:37 +02:00
Colton Willey 008ca51cb5 Add additional macros to known macro list 2026-04-24 06:09:25 -07:00
Eric Blankenhorn 6f2d48cd4c Fix from review 2026-04-24 07:54:52 -05:00
kaleb-himes 08fd7bde58 PQ FIPS v7.0.0 Phase 2 & 3: All changes
Implement peer review feedback
2026-04-24 06:52:49 -06:00
Eric Blankenhorn 412c428b0a Fix TLS ext bounds checking 2026-04-24 07:23:07 -05:00
Juliusz Sosinowicz 31278ee8bd Merge pull request #10296 from JacobBarthelmeh/hostap 2026-04-24 14:13:02 +02:00
JacobBarthelmeh 29f674e5b6 avoid glitch hardening false positive byte collision with small messages and adjust test case 2026-04-24 01:08:00 -06:00
Sean Parkinson 936f8e5423 Merge pull request #10203 from Frauschi/pkcs7_fixes
PKCS#7 fixes
2026-04-24 10:13:43 +10:00
JacobBarthelmeh 20c1b91914 Merge pull request #10286 from LinuxJedi/git-action
ci: add PR commit message sanity check workflow
2026-04-23 17:16:26 -06:00
JacobBarthelmeh d9beec2e81 Merge pull request #10283 from night1rider/SHE-test-double-free-fix
Fix double-free of she2 in she_test()
2026-04-23 16:59:52 -06:00
JacobBarthelmeh 90366b747f Merge pull request #10142 from kareem-wolfssl/variousFixes2
Various fixes
2026-04-23 16:47:21 -06:00
JacobBarthelmeh 72c7d12cfb exclude the trust anchor from prospective certification path with pathlen check 2026-04-23 16:23:07 -06:00
JacobBarthelmeh fe8541cc47 Merge pull request #10193 from padelsbach/set-hashtype-in-ports
Set hashType in ports
2026-04-23 15:02:30 -06:00
JacobBarthelmeh 6a0303e299 Merge pull request #10066 from dgarske/wc_puf
wolfCrypt SRAM PUF Support
2026-04-23 14:28:37 -06:00
JacobBarthelmeh 53e352181e Merge pull request #10058 from julek-wolfssl/hostap-ec-generate.sh
Re-enable hostap tests and remove some flaky tests
2026-04-23 14:09:09 -06:00
JacobBarthelmeh 5277556989 Merge pull request #10264 from JeremiahM37/fenrir-issues-5
Harden wolfCrypt input validation and zeroization
2026-04-23 14:06:29 -06:00
JacobBarthelmeh 2ba4d7e6c9 Merge pull request #10210 from ColtonWilley/fix-scr-dangling-ptr-after-tlsx-freeall
Fix dangling secure_renegotiation pointer after TLSX_FreeAll
2026-04-23 13:58:24 -06:00
JacobBarthelmeh 118c0ccb53 Merge pull request #10269 from LinuxJedi/repoint-se050
Move SE050 simulator under wolfSSL
2026-04-23 13:54:29 -06:00
JacobBarthelmeh 4fe2e7feb3 Merge pull request #10128 from kareem-wolfssl/zd21526_21530
PKCS7 Fixes
2026-04-23 13:29:28 -06:00
Daniel Pouzzner 9d46b57af3 Merge pull request #10246 from sameehj/aes-gcm-fix
Zero TLS 1.3 traffic keys after AES SE offload
2026-04-23 13:26:59 -05:00
Tobias Frauenschläger 6c5de29758 Fix ECC validation regression 2026-04-23 11:26:33 +02:00
Tobias Frauenschläger 22d1441331 Bounds-check the RecipientInfo SET length in wc_PKCS7_ParseToRecipientInfoSet() 2026-04-23 11:03:24 +02:00
Tobias Frauenschläger 97b82b5087 Add nonce length validation for PKCS#7 2026-04-23 11:03:19 +02:00
Tobias Frauenschläger b7f6e77a95 Reject PKCS#7 SignedData signer-identity forgery 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 589feabc0c Harden PKCS#7 EnvelopedData key unwrap 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 3fd4060458 Add more PKCS#7 tests 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 4e423fde17 More PKCS#7 bounds checks 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 46f3ebb0c6 Add missing ForceZero calls in PKCS#7 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 16e1d33f24 Fix invalid preprocessor guard in PKCS7 with SHA224
Also add missing ForceZero for ECDH shared secret on the heap.
2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 5634cfd67c Fix PKCS#7 regression with --enable-all and NO_PKCS7_STREAM 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger e2167e4bbd add length check in PKCS#7 2026-04-23 09:36:32 +02:00
Tobias Frauenschläger 84fb0f694c Fix various range and size bugs in PKCS#7 code 2026-04-23 09:36:32 +02:00
Andrew Hutchings 8810160da7 ci: add PR commit message sanity check workflow
Adds a GitHub Actions workflow that scans every commit in a pull
request and fails if any commit message carries a Co-authored-by
or Signed-off-by trailer pointing at noreply@anthropic.com.
2026-04-23 07:08:36 +01:00
night1rider d673b62143 Fix double-free of she2 in she_test 2026-04-22 17:33:21 -06:00
Kareem c69d9693f0 Fix code review feedback and test failure. 2026-04-22 16:33:07 -07:00
Kareem 9fef016106 Fix W560 "possible truncation at implicit conversion to type unsigned char" warnings raised by Tasking compiler. 2026-04-22 15:47:48 -07:00
Kareem b3c2877a14 Add additional checks for encryptedContentSz exceeding pkiMsgSz. 2026-04-22 15:22:36 -07:00
Kareem 3e04475875 Fix unused variable error 2026-04-22 15:22:36 -07:00
Kareem ebdcc03b71 Code review feedback 2026-04-22 15:22:36 -07:00