Daniel Pouzzner
292ea549cc
wolfcrypt/src/asn.c: fixes for invalid memory access in wc_DsaPublicKeyDecode() and wc_EccPublicKeyDecode(), detected by cppcheck-force-source, lms-xmss-wolfssl-all-clang-sanitizer, and sanitizer-clang-all-noasm.
2026-03-26 16:07:37 -05:00
Daniel Pouzzner
52d5d0a940
linuxkm/, wolfcrypt/src/dh.c, wolfcrypt/test/test.c, wolfcrypt/test/test.h, wolfssl/wolfcrypt/wc_port.h:
...
fixes and workarounds for clang-tidy complaints:
* clang-diagnostic-unknown-warning-option
* bugprone-sizeof-expression
* clang-diagnostic-error "address argument to atomic operation must be a pointer to a trivially-copyable type"
* bugprone-macro-parentheses
* clang-diagnostic-unused-but-set-variable
* readability-redundant-declaration
2026-03-26 15:41:47 -05:00
David Garske
cf6c1722ae
Merge pull request #10027 from embhorn/zd21394
...
Remove FIPS guards in GetASN_BitString length check
2026-03-24 14:06:40 -07:00
David Garske
636f0e50a1
Merge pull request #10059 from douzzer/20260324-wc_PKCS12_PBKDF_ex-bugprone-inc-dec-in-conditions
...
20260324-wc_PKCS12_PBKDF_ex-bugprone-inc-dec-in-conditions
2026-03-24 13:13:42 -07:00
Daniel Pouzzner
ec61e07d18
wolfcrypt/src/pwdbased.c: in wc_PKCS12_PBKDF_ex(), refactor the "Increment B by 1" loop to avoid bugprone-inc-dec-in-conditions.
2026-03-24 12:07:04 -05:00
David Garske
c64fd4f132
Merge pull request #9905 from julek-wolfssl/WC_ALLOC_DO_ON_FAILURE-cleanup
...
Don't declare WC_ALLOC_DO_ON_FAILURE by default
2026-03-24 09:35:03 -07:00
David Garske
328822b447
Merge pull request #10047 from Frauschi/mldsa_no_ctx
...
Guard old non-ctx ML-DSA API by default
2026-03-24 09:26:24 -07:00
David Garske
3cf4aeab5c
Merge pull request #10025 from embhorn/zd21392
...
Fix DecodeObjectId unknown ext parse
2026-03-24 09:17:10 -07:00
David Garske
03beeae44e
Merge pull request #10033 from embhorn/gh10028
...
Fix FillSigner to clear pubkeystored
2026-03-24 09:15:05 -07:00
Daniel Pouzzner
d36ddf4063
Merge pull request #9920 from dgarske/asn_old
...
Split original ASN.1 code from asn.c into asn_orig.c
2026-03-24 10:52:15 -05:00
David Garske
ab8cd6fc46
Merge pull request #9937 from douzzer/20260306-wc_Hash-refactor
...
20260306-wc_Hash-refactor
2026-03-24 08:48:08 -07:00
David Garske
051b83b517
Merge pull request #9999 from sebastian-carpenter/hpke-fix
...
Fix: Improved support for combinations of HPKE algos
2026-03-24 08:47:01 -07:00
David Garske
3b9084142d
Merge pull request #10020 from SparkiDev/sp_int_ai_fixes_1
...
SP int: fixes from AI review
2026-03-24 08:43:50 -07:00
Eric Blankenhorn
1d1d8ff41e
Fix OCSP tests to use Alloc/FreeDer
2026-03-24 07:41:40 -05:00
Eric Blankenhorn
3a6ccc13a1
Fix FillSigner to clear pubkeystored
2026-03-24 07:05:43 -05:00
Tobias Frauenschläger
3fd13b819d
Guard old non-ctx ML-DSA API by default
2026-03-24 11:16:22 +01:00
Sean Parkinson
f15199906d
SP int: fixes from AI review
...
Re-implemented wc_PKCS12_PBKDF() to not use MP. Added tests to
unit.test.
sp_int.c:
Fixes to comments.
Added more define build options documentation to top of file.
Fixes for builds with WOLFSSL_SP_INT_NEGATIVE defined.
Fixes for when a->used is 0 and no underflow - not actually a problem
but cleaner code.
sp_sub has different checks on a->used when values are only positive.
sp_dic_2d missing check for e less than zero.
sp_to_unsigned_bin_len_ct: remove redundant check of outSz. Change i
to int to handle a->used of 0 and make code tidier.
Configuration testing fixes.
Fix formatting in test.c.
Added 128-bit types word128 and sword128 for cleaner PKCS#12 code.
2026-03-24 10:49:58 +10:00
David Garske
8cd9af3036
Peer review fixes
2026-03-23 15:27:47 -07:00
David Garske
99c089411c
Fix memory leak after refactor
2026-03-23 15:27:47 -07:00
David Garske
44af0ab3c5
Group forward declarations by guard context
...
Forward declarations in asn.c and asn_orig.c now use guard transitions
(same mechanism as the function bodies) so consecutive declarations with
the same feature guard are grouped in a single #ifdef/#endif block rather
than each having its own open/close pair.
Also removed the now-redundant _find_func_outer_guards calls from
_emit_split_body_orig; outer feature guard context is emitted at the
generate_asn_orig loop level, not inside the per-block emitters.
Both modes still build and pass tests (5 PASS, 0 FAIL each).
2026-03-23 15:27:47 -07:00
David Garske
653aac2cd3
Fix guard context for forward declarations in asn split
...
Three fixes for guard-context correctness in the ASN.1 code split:
1. Strip WOLFSSL_ASN_ORIG_INCLUDED from forward declaration wrappers.
The file-guard was being applied to fwd decls in asn.c, but at the
fwd-decl site that macro is not yet defined, so #ifndef ... #else
inverted the condition and hid all declarations.
2. Add outer feature guard tracking. Large feature sections (HAVE_OCSP,
HAVE_CRL, WOLFSSL_CERT_GEN, etc.) that span many functions in asn.c
are now tracked and re-emitted around the corresponding blocks in
asn_orig.c, fixing 'unknown type name' errors in minimal builds.
3. Collect multi-line #if continuations in the outer guard map so that
full guard conditions (e.g. #if !defined(NO_RSA) && \ continued
across lines) are stored and compared as complete strings, preventing
duplicate guard emission.
Both modes build and pass tests (5 PASS, 0 FAIL each):
./configure --enable-asn=original && make check
./configure && make check
2026-03-23 15:27:47 -07:00
David Garske
6b1f5ddb92
Split original ASN.1 code from asn.c into asn_orig.c
...
Move non-template (WOLFSSL_ASN_ORIGINAL) code into asn_orig.c and include from asn.c.
2026-03-23 15:27:47 -07:00
Daniel Pouzzner
2c266156c8
wolfssl/wolfcrypt/types.h: add missing values in FIPS <=v2 enum wc_HashType definition;
...
wolfcrypt/src/hash.c: in wc_OidGetHash(), fix misplaced gate re case SHA3_512h.
2026-03-23 14:04:06 -05:00
Daniel Pouzzner
cba5c172ed
wolfcrypt/src/evp.c: in wolfSSL_EVP_init(), fix -Wswitch-enums for WC_HASH_TYPE_SHAKE128 and WC_HASH_TYPE_SHAKE256.
2026-03-23 13:15:52 -05:00
Daniel Pouzzner
262799dfbd
wolfcrypt/src/evp.c: in wolfSSL_EVP_MD_type(), fix -Wswitch-enums for WC_HASH_TYPE_BLAKE2B and WC_HASH_TYPE_BLAKE2S exposed in default+opensslall configs.
2026-03-23 13:01:38 -05:00
Daniel Pouzzner
d70839506b
refactor wc_Hash* so that known wc_HashType values are unconditionally defined in enum wc_HashType, and always either succeed if used properly, or return HASH_TYPE_E if gated out or used improperly; add detailed error code tracing in wolfcrypt/src/hash.c.
2026-03-23 13:01:38 -05:00
Daniel Pouzzner
b2f1c5864d
Merge pull request #10021 from dgarske/name_mismatches
...
Fixes for documentation typos on arguments
2026-03-23 12:26:23 -05:00
Daniel Pouzzner
6cd001800c
Merge pull request #10022 from dgarske/nb_leak
...
Fix to make sure a double free cannot occur with non-blocking async
2026-03-23 12:21:26 -05:00
Sean Parkinson
b5ec204ca4
SP non-block ECC: correct mont_inv_order
...
Was not doing last bit but result still worked (likely because it was
the square root).
2026-03-23 23:18:37 +10:00
Daniel Pouzzner
b8f9b06b5d
wolfcrypt/src/logging.c: fix recursion in wc_backtrace_render().
2026-03-22 13:22:27 -05:00
David Garske
20f640a19f
Merge pull request #10035 from night1rider/allow-0-len-input-hash-update
...
Allow zero-length input in _wc_Hash_Grow and fix SHA Copy MAX32666
2026-03-21 15:20:53 -07:00
night1rider
92e3647a32
Fix wc_MXC_TPU_SHA_Copy to deep copy src msg buffer instead of freed dst pointer
2026-03-20 16:11:09 -06:00
Eric Blankenhorn
1a5090a582
Rebase conflicts
2026-03-20 16:16:21 -05:00
sebastian-carpenter
25dcc0082d
small changes:
...
- better ifdef's in hpke api.c tests
- updated ssl_ech.c to use wc_HpkeKemGetEncLen in both locations
- removed Ndh check in hpke.c, made it inline with the ecc cases
2026-03-20 14:39:29 -06:00
night1rider
5b3750c39f
Allow zero length inputs to _wc_Hash_Grow to be a succesful no-op
...
Added '--enable-all CPPFLAGS=-DWOLFSSL_HASH_KEEP' to the make_check matrix in os-check.yml.
2026-03-20 14:06:55 -06:00
Daniel Pouzzner
a98499866d
wolfcrypt/src/wc_mlkem.c, wolfcrypt/src/wc_mlkem_poly.c, wolfssl/wolfcrypt/mlkem.h, wolfssl/wolfcrypt/wc_mlkem.h: fixes for C89 compliance and aarch64-FIPS-linuxkm compatibility.
2026-03-20 14:53:05 -05:00
Daniel Pouzzner
ba743ccd5b
wolfcrypt/src/logging.c, wolfssl/wolfcrypt/error-crypt.h, and wolfssl/wolfcrypt/logging.h: implement WOLFSSL_DEBUG_TRACE_ERROR_CODES_INIT_STATE, wc_debug_trace_error_codes_enabled(), and wc_debug_trace_error_codes_set(), to allow runtime control of error tracing.
2026-03-20 14:53:05 -05:00
Daniel Pouzzner
84a4abfaa8
wolfssl/wolfcrypt/wc_port.h and wolfcrypt/src/wc_port.c: implement wolfSSL_Atomic_Int_Exchange().
2026-03-20 14:53:05 -05:00
David Garske
0f41e99c34
Merge pull request #10024 from embhorn/zd21390
...
Fix DecodeAltNames length check
2026-03-20 12:13:02 -07:00
David Garske
994a1fbacc
Merge pull request #9970 from JacobBarthelmeh/bench
...
use heap hint with dilithium benchmark
2026-03-20 09:46:56 -07:00
David Garske
45b31a1828
Merge pull request #10003 from SparkiDev/port_ai_review_1
...
Fixes from AI review
2026-03-20 08:36:30 -07:00
David Garske
82b6b9cb22
Merge pull request #10018 from embhorn/zd21389
...
Fix GetSafeContent to check length
2026-03-20 08:08:16 -07:00
Eric Blankenhorn
42bbaa1869
Fix DecodeObjectId unknown ext parse
2026-03-20 09:30:09 -05:00
Eric Blankenhorn
6446bb2115
Fix DecodeAltNames length check
2026-03-20 08:16:47 -05:00
Sean Parkinson
ec958de649
ASM generation fixes
...
Many comment fixes, label renaming and non-functional changes.
Bug Fixes
x86_64 (aes_xts_asm.S/.asm)
- Removed a spurious movl %edx, %eax that was clobbering a register,
then
fixed two comparisons to use %edx instead of the now-stale %eax. This
was a
functional bug in AES-XTS key-rounds selection.
x86_64 (fe_x25519_asm.S)
- Changed xor %rbx, %rbx → xorq %rbx, %rbx (explicit 64-bit operand
size
suffix).
ARM32 (sp_arm32.c, sp_cortexm.c)
- Fixed typo in assembly label names: sub_in_pkace → sub_in_place
(both label
definitions and branch targets). Affected 2048-bit and 3072-bit SP
functions.
- Fixed wrong source register in multiply/accumulate sequences: r11 →
r7 and
r3 → r4 (functional register-use bugs).
ARM32 ChaCha (armv8-32-chacha-asm.S/_c.c)
- Fixed label typo: same_keyb_ytes → same_key_bytes
- Fixed NEON instruction syntax: vrev32.i16 → vrev32.16 (invalid
mnemonic →
correct ARM NEON form, affects multiple sites)
ARM32 SHA3 (armv8-32-sha3-asm_c.c, .S)
- Fixed symbol name typo: L_sha3_arm2_neon_rt / L_sha3_arm2_rt →
L_sha3_arm32_neon_rt / L_sha3_arm32_rt
ARM32 AES (armv8-32-aes-asm_c.c, thumb2-aes-asm_c.c, .S variants)
- Fixed #endif comment: WOLFSSL_ARMASM_AES_BLOCK_INLINE →
!WOLFSSL_ARMASM_AES_BLOCK_INLINE (logic inversion was missing from the
comment)
ARM64 ChaCha (armv8-chacha-asm_c.c/.S)
- Fixed label typo: arm64loop_lt_8 → arm64_loop_lt_8
ARM32 ML-KEM (armv8-32-mlkem-asm.S/_c.c)
- Fixed #endif comment typo: WOLFSLS_ARM_ARCH → WOLFSSL_ARM_ARCH
(across many
occurrences)
SHA-512 (sha512_asm.S)
- Corrected off-by-one in comments: msg_sched done: 0-3 → 0-1, 2-5 →
2-3, etc.
(only 2 entries scheduled per block, not 4)
2026-03-20 11:56:25 +10:00
David Garske
5fdf32dec6
Fix to make sure a double free cannot occur (ZD 21093)
2026-03-19 17:03:09 -07:00
David Garske
43f6512e0c
Fixes for documentation typos on arguments
2026-03-19 16:39:08 -07:00
JacobBarthelmeh
5b9d0a13bf
Merge pull request #9992 from dgarske/macro_docs
...
Add inline documentation for missing macros and fix spelling errors
2026-03-19 17:08:33 -06:00
Eric Blankenhorn
b4d2cd6d9c
Fix feedback from review
2026-03-19 15:22:39 -05:00
Eric Blankenhorn
e0a19a798e
Fix GetSafeContent to check length
2026-03-19 15:09:02 -05:00