Commit Graph

28332 Commits

Author SHA1 Message Date
David Garske 2c030ddb0d Merge pull request #10017 from embhorn/zd21388
Fix ssl_DecodePacketInternal chain processing
2026-03-20 08:07:54 -07:00
David Garske 440fb7092f Merge pull request #10023 from SparkiDev/asm_gen_fixes_2
ASM generation fixes
2026-03-20 08:00:57 -07:00
David Garske 3e820e591b Merge pull request #9946 from LinuxJedi/lms-xmss-flags
Automatically turn on LMS / XMSS full hash
2026-03-20 08:00:12 -07:00
Andrew Hutchings 4cdb979920 Remove unneeded entries from known macro extras 2026-03-20 11:12:15 +00:00
Andrew Hutchings dca9951355 Fixup code comments in XMSS and LMS 2026-03-20 10:22:46 +00:00
Sean Parkinson ec958de649 ASM generation fixes
Many comment fixes, label renaming and non-functional changes.

  Bug Fixes

x86_64 (aes_xts_asm.S/.asm)

- Removed a spurious movl %edx, %eax that was clobbering a register,
then
fixed two comparisons to use %edx instead of the now-stale %eax. This
was a
functional bug in AES-XTS key-rounds selection.

x86_64 (fe_x25519_asm.S)

- Changed xor %rbx, %rbx → xorq %rbx, %rbx (explicit 64-bit operand
size
suffix).

ARM32 (sp_arm32.c, sp_cortexm.c)

- Fixed typo in assembly label names: sub_in_pkace → sub_in_place
(both label
definitions and branch targets). Affected 2048-bit and 3072-bit SP
functions.
- Fixed wrong source register in multiply/accumulate sequences: r11 →
r7 and
r3 → r4 (functional register-use bugs).

ARM32 ChaCha (armv8-32-chacha-asm.S/_c.c)

- Fixed label typo: same_keyb_ytes → same_key_bytes
- Fixed NEON instruction syntax: vrev32.i16 → vrev32.16 (invalid
mnemonic →
correct ARM NEON form, affects multiple sites)

ARM32 SHA3 (armv8-32-sha3-asm_c.c, .S)

- Fixed symbol name typo: L_sha3_arm2_neon_rt / L_sha3_arm2_rt →
L_sha3_arm32_neon_rt / L_sha3_arm32_rt

ARM32 AES (armv8-32-aes-asm_c.c, thumb2-aes-asm_c.c, .S variants)

- Fixed #endif comment: WOLFSSL_ARMASM_AES_BLOCK_INLINE →
  !WOLFSSL_ARMASM_AES_BLOCK_INLINE (logic inversion was missing from the
comment)

ARM64 ChaCha (armv8-chacha-asm_c.c/.S)

- Fixed label typo: arm64loop_lt_8 → arm64_loop_lt_8

ARM32 ML-KEM (armv8-32-mlkem-asm.S/_c.c)

- Fixed #endif comment typo: WOLFSLS_ARM_ARCH → WOLFSSL_ARM_ARCH
(across many
  occurrences)

SHA-512 (sha512_asm.S)

- Corrected off-by-one in comments: msg_sched done: 0-3 → 0-1, 2-5 →
2-3, etc.
   (only 2 entries scheduled per block, not 4)
2026-03-20 11:56:25 +10:00
JacobBarthelmeh 5b9d0a13bf Merge pull request #9992 from dgarske/macro_docs
Add inline documentation for missing macros and fix spelling errors
2026-03-19 17:08:33 -06:00
Chris Conlon 8b388ba3e3 Merge pull request #10011 from mattia-moffa/20260319-jni-no-md5
Don't force enable MD5 with --enable-jni
2026-03-19 14:16:18 -06:00
Eric Blankenhorn a66e29473e Fix ssl_DecodePacketInternal chain processing 2026-03-19 14:56:24 -05:00
David Garske 255f14bab9 Merge pull request #9732 from Frauschi/pqc_first
Enable and use ML-KEM by default
2026-03-19 12:38:36 -07:00
David Garske 679366a5a4 Merge pull request #9991 from kareem-wolfssl/zd21354_2
Disallow wildcard partial domains when using MatchDomainName.
2026-03-19 12:35:14 -07:00
David Garske 3e8338dbc7 Merge pull request #9993 from kojo1/brainpool
Brainpool to set1_sigalgs_list
2026-03-19 12:34:54 -07:00
David Garske 056b95235e Merge pull request #9990 from rlm2002/coverity
Coverity: fix more null derefs
2026-03-19 12:32:51 -07:00
David Garske 42581e4c05 Merge pull request #9982 from julek-wolfssl/DoTls13CertificateRequest-certsetup
DoTls13CertificateRequest: call CertSetupCbWrapper only once
2026-03-19 12:32:39 -07:00
David Garske e642d57528 Merge pull request #10002 from julek-wolfssl/ignore-claud.md
Ignore CLAUDE.md
2026-03-19 12:30:47 -07:00
David Garske c83dc5c254 Merge pull request #10005 from JeremiahM37/f-753
Fix sz==0 buffer underflow in devcrypto AES-CBC
2026-03-19 12:29:24 -07:00
David Garske 0d7c58e3e7 Merge pull request #9912 from LinuxJedi/se050-fixes2
Fix SE050 RSA-PSS signing, key cleanup, and mutex leaks
2026-03-19 12:28:47 -07:00
David Garske 533e9b0859 Merge pull request #9995 from julek-wolfssl/zd/21341
Handle OCSP_WANT_READ returned from DoTls13HandShakeMsgType
2026-03-19 12:27:38 -07:00
David Garske be7bf60e38 Merge pull request #10010 from SparkiDev/dilithium_ctxlen_byte
Dilithium: fix API so that context length is byte
2026-03-19 12:26:42 -07:00
David Garske a636c730c0 Merge pull request #9953 from holtrop-wolfssl/rust-wolfssl-wolfcrypt-1.2.0
Rust wrapper: wolfssl-wolfcrypt crate version 1.2.0
2026-03-19 12:19:50 -07:00
David Garske 325413f94a Merge pull request #9983 from Frauschi/bench_stack_fix
Fix stack tracking in wolfCrypt benchmark
2026-03-19 11:55:30 -07:00
Daniel Pouzzner b6f481070f Merge pull request #9996 from sameehj/linuxkm-fix
linuxkm/lkcapi_aes_glue.c: fix scatterwalk_map error handling in AesG…
2026-03-19 12:35:32 -05:00
David Garske 63f6f0511b Merge pull request #10014 from danielinux/fix-regression-missing-include
Add missing include in asn.h
2026-03-19 08:57:23 -07:00
Daniele Lacamera cdc9c0a496 Add missing include in asn.h 2026-03-19 16:35:42 +01:00
Daniel Pouzzner 46f4b3b2c4 Merge pull request #10013 from JacobBarthelmeh/format
remove trailing white space in ChangeLog.md
2026-03-18 23:47:55 -05:00
Sean Parkinson a8247bfd62 Dilithium: fix API so that context length is byte
Only allowed to have a context length of 0..255 bytes.
Make all context len parameters type byte.
2026-03-19 14:28:22 +10:00
JacobBarthelmeh 1df1236230 remove trailing white space in ChangeLog.md 2026-03-18 21:17:26 -06:00
Mattia Moffa 5ad9f1f684 Don't force enable MD5 with --enable-jni 2026-03-19 02:37:46 +01:00
David Garske 922d04b356 Merge pull request #10008 from JacobBarthelmeh/release
prepare for release 5.9.0
2026-03-18 15:57:35 -07:00
JacobBarthelmeh a08fa98adc prepare for release 5.9.0 2026-03-18 16:18:12 -06:00
Jeremiah Mackey b85e500ffa Fix sz==0 buffer underflow in devcrypto AES-CBC 2026-03-18 17:22:44 +00:00
Juliusz Sosinowicz 141662edfb Ignore CLAUDE.md 2026-03-18 12:57:27 +01:00
Tobias Frauenschläger c3289f8aa9 Enable and use ML-KEM by default
* Enable ML-KEM by default in build systems (autoconf and CMake)
* Only allow three to-be-standardized hybrid PQ/T combinations by
  default
* Use X25519MLKEM768 as the default KeyShare in the ClientHello (if user
  does not override that). When Curve25519 is disabled, then either
  WOLFSSL_SECP384R1MLKEM1024 or WOLFSSL_SECP256R1MLKEM768 is used as
  default depending on the ECC configuration
* Disable standalone ML-KEM in supported groups by default (enable with
  --enable-tls-mlkem-standalone)
* Disable extra OQS-based hybrid PQ/T curves by default and gate
  behind --enable-experimental (enable with --enable-extra-pqc-hybrids)
* Reorder the SupportedGroups extension to reflect the preferences
* Reorder the preferredGroup array to also reflect the same preferences
* Add async support for ML-KEM hybrids
2026-03-18 10:48:16 +01:00
JacobBarthelmeh 816978050a Merge pull request #10000 from douzzer/20260317-ecc_point_test-FIPS-gate
20260317-ecc_point_test-FIPS-gate
2026-03-17 19:41:38 -06:00
JacobBarthelmeh e30923678a Merge pull request #9998 from douzzer/20260317-wc_linuxkm_rng_is_wolfcrypt
20260317-wc_linuxkm_rng_is_wolfcrypt
2026-03-17 18:59:07 -06:00
Daniel Pouzzner df7b67ba27 wolfcrypt/test/test.c: fix FIPS gate in ecc_point_test() for "Test compressed point with missing x coordinate bytes". 2026-03-17 18:15:39 -05:00
Daniel Pouzzner 87125c49e1 wolfcrypt/src/rng_bank.c and wolfssl/wolfcrypt/rng_bank.h: add !WC_NO_CONSTRUCTORS gate around wc_rng_new_bankref(). 2026-03-17 17:45:09 -05:00
Daniel Pouzzner 7c0d64ade5 linuxkm/lkcapi_sha_glue.c and linuxkm/linuxkm_wc_port.h: add wc_linux_kernel_rng_is_wolfcrypt(), and remove incorrect crypto_put_default_rng() in get_crypto_default_rng(). 2026-03-17 17:44:45 -05:00
JacobBarthelmeh 668d69b73a Merge pull request #9988 from kareem-wolfssl/zd21356
Check raw pubkey length in wc_ecc_import_x963 before copying to it for KCAPI case.
2026-03-17 14:12:11 -06:00
David Garske a98cb451c5 Merge pull request #9948 from SparkiDev/sp_int_comment_fixes_1
sp_int.c: comment fixes
2026-03-17 07:38:48 -07:00
JacobBarthelmeh 6f386fd6b2 Merge pull request #9981 from julek-wolfssl/fenrir/260316
Fenrir fixes
2026-03-17 08:36:11 -06:00
Juliusz Sosinowicz 0644369456 Handle OCSP_WANT_READ returned from DoTls13HandShakeMsgType
ZD21341
2026-03-17 14:59:04 +01:00
David Garske a51b40bd01 Merge pull request #9968 from Frauschi/mlkem_fixes
ML-KEM fixes
2026-03-17 06:53:38 -07:00
David Garske e023c1793d Merge pull request #9989 from JacobBarthelmeh/ecc
add sanity check on keysize found with ECC point import
2026-03-17 06:14:40 -07:00
Sameeh Jubran e96dc3690f linuxkm/lkcapi_aes_glue.c: fix scatterwalk_map error handling in AesGcmCrypt_1
When scatterwalk_map fails in either the stream or non-stream path, the
code jumped to cleanup without setting err, causing the function to
return 0 (success) despite the failure. This could cause the kernel
crypto layer to treat uninitialized data as valid ciphertext/plaintext.

- Capture the error code (PTR_ERR) into err before goto out
- Fix PTR_ERR arguments that incorrectly used assoc instead of
  in_map/out_map (assoc was NULL or pointed to the wrong mapping)
- Make in_map/out_map NULL assignments unconditional (previously
  gated behind < 6.15, but the cleanup at out: checks these
  pointers on all kernel versions)
- Remove bogus scatterwalk_unmap of a failed walk in the stream
  path on >= 6.15

Signed-off-by: Sameeh Jubran <sameeh@wolfssl.com>
2026-03-17 14:01:50 +02:00
Tobias Frauenschläger 10b98733f2 Add tests for individual ML-KEM levels (based on #9777)
Also fix minor problems found with these tests
2026-03-17 12:43:15 +01:00
Tobias Frauenschläger 76b1300adb ML-KEM fixes
* DTLS 1.3 cookie and CH frag handling
* static memory handling
* Fix memory leak in TLS server PQC handling in case of ECH
* Make sure hybrids are actually tested in testsuite
2026-03-17 12:43:15 +01:00
Takashi Kojo 8354eb71ca Brainpool to set1_sigalgs_list 2026-03-17 11:22:14 +09:00
David Garske 4c75a866d9 Add inline documentation for missing macros and fix spelling errors 2026-03-16 17:09:13 -07:00
Ruby Martin f55afbd5f1 fix more null derefs 2026-03-16 17:22:51 -06:00