Daniel Pouzzner
|
262799dfbd
|
wolfcrypt/src/evp.c: in wolfSSL_EVP_MD_type(), fix -Wswitch-enums for WC_HASH_TYPE_BLAKE2B and WC_HASH_TYPE_BLAKE2S exposed in default+opensslall configs.
|
2026-03-23 13:01:38 -05:00 |
|
Daniel Pouzzner
|
d70839506b
|
refactor wc_Hash* so that known wc_HashType values are unconditionally defined in enum wc_HashType, and always either succeed if used properly, or return HASH_TYPE_E if gated out or used improperly; add detailed error code tracing in wolfcrypt/src/hash.c.
|
2026-03-23 13:01:38 -05:00 |
|
Daniel Pouzzner
|
b2f1c5864d
|
Merge pull request #10021 from dgarske/name_mismatches
Fixes for documentation typos on arguments
|
2026-03-23 12:26:23 -05:00 |
|
Daniel Pouzzner
|
6cd001800c
|
Merge pull request #10022 from dgarske/nb_leak
Fix to make sure a double free cannot occur with non-blocking async
|
2026-03-23 12:21:26 -05:00 |
|
Sean Parkinson
|
b5ec204ca4
|
SP non-block ECC: correct mont_inv_order
Was not doing last bit but result still worked (likely because it was
the square root).
|
2026-03-23 23:18:37 +10:00 |
|
Daniel Pouzzner
|
b8f9b06b5d
|
wolfcrypt/src/logging.c: fix recursion in wc_backtrace_render().
|
2026-03-22 13:22:27 -05:00 |
|
David Garske
|
20f640a19f
|
Merge pull request #10035 from night1rider/allow-0-len-input-hash-update
Allow zero-length input in _wc_Hash_Grow and fix SHA Copy MAX32666
|
2026-03-21 15:20:53 -07:00 |
|
night1rider
|
92e3647a32
|
Fix wc_MXC_TPU_SHA_Copy to deep copy src msg buffer instead of freed dst pointer
|
2026-03-20 16:11:09 -06:00 |
|
night1rider
|
5b3750c39f
|
Allow zero length inputs to _wc_Hash_Grow to be a succesful no-op
Added '--enable-all CPPFLAGS=-DWOLFSSL_HASH_KEEP' to the make_check matrix in os-check.yml.
|
2026-03-20 14:06:55 -06:00 |
|
Daniel Pouzzner
|
a98499866d
|
wolfcrypt/src/wc_mlkem.c, wolfcrypt/src/wc_mlkem_poly.c, wolfssl/wolfcrypt/mlkem.h, wolfssl/wolfcrypt/wc_mlkem.h: fixes for C89 compliance and aarch64-FIPS-linuxkm compatibility.
|
2026-03-20 14:53:05 -05:00 |
|
Daniel Pouzzner
|
ba743ccd5b
|
wolfcrypt/src/logging.c, wolfssl/wolfcrypt/error-crypt.h, and wolfssl/wolfcrypt/logging.h: implement WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE, wc_debug_trace_error_codes_enabled(), and wc_debug_trace_error_codes_set(), to allow runtime control of error tracing.
|
2026-03-20 14:53:05 -05:00 |
|
Daniel Pouzzner
|
84a4abfaa8
|
wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: implement wolfSSL_Atomic_Int_Exchange().
|
2026-03-20 14:53:05 -05:00 |
|
David Garske
|
0f41e99c34
|
Merge pull request #10024 from embhorn/zd21390
Fix DecodeAltNames length check
|
2026-03-20 12:13:02 -07:00 |
|
David Garske
|
994a1fbacc
|
Merge pull request #9970 from JacobBarthelmeh/bench
use heap hint with dilithium benchmark
|
2026-03-20 09:46:56 -07:00 |
|
David Garske
|
45b31a1828
|
Merge pull request #10003 from SparkiDev/port_ai_review_1
Fixes from AI review
|
2026-03-20 08:36:30 -07:00 |
|
David Garske
|
82b6b9cb22
|
Merge pull request #10018 from embhorn/zd21389
Fix GetSafeContent to check length
|
2026-03-20 08:08:16 -07:00 |
|
Eric Blankenhorn
|
6446bb2115
|
Fix DecodeAltNames length check
|
2026-03-20 08:16:47 -05:00 |
|
Sean Parkinson
|
ec958de649
|
ASM generation fixes
Many comment fixes, label renaming and non-functional changes.
Bug Fixes
x86_64 (aes_xts_asm.S/.asm)
- Removed a spurious movl %edx, %eax that was clobbering a register,
then
fixed two comparisons to use %edx instead of the now-stale %eax. This
was a
functional bug in AES-XTS key-rounds selection.
x86_64 (fe_x25519_asm.S)
- Changed xor %rbx, %rbx → xorq %rbx, %rbx (explicit 64-bit operand
size
suffix).
ARM32 (sp_arm32.c, sp_cortexm.c)
- Fixed typo in assembly label names: sub_in_pkace → sub_in_place
(both label
definitions and branch targets). Affected 2048-bit and 3072-bit SP
functions.
- Fixed wrong source register in multiply/accumulate sequences: r11 →
r7 and
r3 → r4 (functional register-use bugs).
ARM32 ChaCha (armv8-32-chacha-asm.S/_c.c)
- Fixed label typo: same_keyb_ytes → same_key_bytes
- Fixed NEON instruction syntax: vrev32.i16 → vrev32.16 (invalid
mnemonic →
correct ARM NEON form, affects multiple sites)
ARM32 SHA3 (armv8-32-sha3-asm_c.c, .S)
- Fixed symbol name typo: L_sha3_arm2_neon_rt / L_sha3_arm2_rt →
L_sha3_arm32_neon_rt / L_sha3_arm32_rt
ARM32 AES (armv8-32-aes-asm_c.c, thumb2-aes-asm_c.c, .S variants)
- Fixed #endif comment: WOLFSSL_ARMASM_AES_BLOCK_INLINE →
!WOLFSSL_ARMASM_AES_BLOCK_INLINE (logic inversion was missing from the
comment)
ARM64 ChaCha (armv8-chacha-asm_c.c/.S)
- Fixed label typo: arm64loop_lt_8 → arm64_loop_lt_8
ARM32 ML-KEM (armv8-32-mlkem-asm.S/_c.c)
- Fixed #endif comment typo: WOLFSLS_ARM_ARCH → WOLFSSL_ARM_ARCH
(across many
occurrences)
SHA-512 (sha512_asm.S)
- Corrected off-by-one in comments: msg_sched done: 0-3 → 0-1, 2-5 →
2-3, etc.
(only 2 entries scheduled per block, not 4)
|
2026-03-20 11:56:25 +10:00 |
|
David Garske
|
5fdf32dec6
|
Fix to make sure a double free cannot occur (ZD 21093)
|
2026-03-19 17:03:09 -07:00 |
|
David Garske
|
43f6512e0c
|
Fixes for documentation typos on arguments
|
2026-03-19 16:39:08 -07:00 |
|
JacobBarthelmeh
|
5b9d0a13bf
|
Merge pull request #9992 from dgarske/macro_docs
Add inline documentation for missing macros and fix spelling errors
|
2026-03-19 17:08:33 -06:00 |
|
Eric Blankenhorn
|
b4d2cd6d9c
|
Fix feedback from review
|
2026-03-19 15:22:39 -05:00 |
|
Eric Blankenhorn
|
e0a19a798e
|
Fix GetSafeContent to check length
|
2026-03-19 15:09:02 -05:00 |
|
David Garske
|
056b95235e
|
Merge pull request #9990 from rlm2002/coverity
Coverity: fix more null derefs
|
2026-03-19 12:32:51 -07:00 |
|
David Garske
|
c83dc5c254
|
Merge pull request #10005 from JeremiahM37/f-753
Fix sz==0 buffer underflow in devcrypto AES-CBC
|
2026-03-19 12:29:24 -07:00 |
|
David Garske
|
0d7c58e3e7
|
Merge pull request #9912 from LinuxJedi/se050-fixes2
Fix SE050 RSA-PSS signing, key cleanup, and mutex leaks
|
2026-03-19 12:28:47 -07:00 |
|
David Garske
|
be7bf60e38
|
Merge pull request #10010 from SparkiDev/dilithium_ctxlen_byte
Dilithium: fix API so that context length is byte
|
2026-03-19 12:26:42 -07:00 |
|
David Garske
|
325413f94a
|
Merge pull request #9983 from Frauschi/bench_stack_fix
Fix stack tracking in wolfCrypt benchmark
|
2026-03-19 11:55:30 -07:00 |
|
Sean Parkinson
|
a8247bfd62
|
Dilithium: fix API so that context length is byte
Only allowed to have a context length of 0..255 bytes.
Make all context len parameters type byte.
|
2026-03-19 14:28:22 +10:00 |
|
Jeremiah Mackey
|
b85e500ffa
|
Fix sz==0 buffer underflow in devcrypto AES-CBC
|
2026-03-18 17:22:44 +00:00 |
|
Sean Parkinson
|
30cb25e498
|
Fixes from AI review
|
2026-03-18 22:08:58 +10:00 |
|
JacobBarthelmeh
|
816978050a
|
Merge pull request #10000 from douzzer/20260317-ecc_point_test-FIPS-gate
20260317-ecc_point_test-FIPS-gate
|
2026-03-17 19:41:38 -06:00 |
|
Daniel Pouzzner
|
df7b67ba27
|
wolfcrypt/test/test.c: fix FIPS gate in ecc_point_test() for "Test compressed point with missing x coordinate bytes".
|
2026-03-17 18:15:39 -05:00 |
|
Daniel Pouzzner
|
87125c49e1
|
wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h: add !WC_NO_CONSTRUCTORS gate around wc_rng_new_bankref().
|
2026-03-17 17:45:09 -05:00 |
|
JacobBarthelmeh
|
668d69b73a
|
Merge pull request #9988 from kareem-wolfssl/zd21356
Check raw pubkey length in wc_ecc_import_x963 before copying to it for KCAPI case.
|
2026-03-17 14:12:11 -06:00 |
|
David Garske
|
a98cb451c5
|
Merge pull request #9948 from SparkiDev/sp_int_comment_fixes_1
sp_int.c: comment fixes
|
2026-03-17 07:38:48 -07:00 |
|
JacobBarthelmeh
|
6f386fd6b2
|
Merge pull request #9981 from julek-wolfssl/fenrir/260316
Fenrir fixes
|
2026-03-17 08:36:11 -06:00 |
|
David Garske
|
e023c1793d
|
Merge pull request #9989 from JacobBarthelmeh/ecc
add sanity check on keysize found with ECC point import
|
2026-03-17 06:14:40 -07:00 |
|
David Garske
|
4c75a866d9
|
Add inline documentation for missing macros and fix spelling errors
|
2026-03-16 17:09:13 -07:00 |
|
Ruby Martin
|
f55afbd5f1
|
fix more null derefs
|
2026-03-16 17:22:51 -06:00 |
|
JacobBarthelmeh
|
44de734fa3
|
add sanity check on keysize found with ECC point import
|
2026-03-16 16:57:50 -06:00 |
|
Kareem
|
ddc177b669
|
Check raw pubkey length in wc_ecc_import_x963 before copying to it for KCAPI case.
|
2026-03-16 15:34:18 -07:00 |
|
Juliusz Sosinowicz
|
7c92fb204d
|
Use constant-time PKCS#7 padding check in EVP
F-763
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
fac08427e5
|
Fix missing op validation in EVP_PKEY_decrypt
F-747
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
5f7bc0f3a6
|
Clear sensitive stack buffers in ed448 signing
F-765
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
109e765b5b
|
Clear sensitive stack buffers in ed25519 signing
F-764
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
e4b55be65a
|
Use mp_forcezero for DH private key in async path
F-766
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
643427040b
|
Clear seed buffer after dilithium key generation
F-767
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
4ee9a263f0
|
Fix resource leak in wc_InitEccsiKey_ex error path
F-752
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
b168bfaa6a
|
Check wc_ecc_init_ex return value in wc_GetKeyOID
F-749
|
2026-03-16 15:15:11 -07:00 |
|