Daniel Pouzzner
313d27df15
Merge pull request #9900 from julek-wolfssl/fenrir/357
...
Use ConstantCompare in EchCheckAcceptance
2026-03-06 22:21:44 -06:00
Daniel Pouzzner
6c37629aa5
Merge pull request #9898 from julek-wolfssl/fenrir/15
...
Replace XMEMCMP with ConstantCompare for ticket MAC verification
2026-03-06 22:20:38 -06:00
Daniel Pouzzner
6424092fa6
Merge pull request #9903 from julek-wolfssl/fenrir/20
...
Remove duplicate check
2026-03-06 22:19:51 -06:00
Daniel Pouzzner
24b2dd040e
Merge pull request #9902 from julek-wolfssl/fenrir/359
...
Clear expandLabelPrk
2026-03-06 22:19:12 -06:00
Juliusz Sosinowicz
c62f535cb5
Remove duplicate check
...
F-20
2026-03-06 09:25:32 +01:00
Juliusz Sosinowicz
ddac52c6e8
Clear expandLabelPrk
...
F-359
2026-03-06 09:19:46 +01:00
Juliusz Sosinowicz
eaef832494
Use ConstantCompare in EchCheckAcceptance
...
F-357
2026-03-06 08:55:34 +01:00
Juliusz Sosinowicz
94adedd109
Replace XMEMCMP with ConstantCompare for ticket MAC verification
...
F-15
2026-03-06 08:43:20 +01:00
Daniel Pouzzner
80938758ac
Merge pull request #9879 from embhorn/f379
...
Fix wc_ecc_sign_hash_ex with Intel QA
2026-03-05 22:53:55 -06:00
Daniel Pouzzner
cc2fdda54c
Merge pull request #9734 from SparkiDev/mlkem_mldsa_harden
...
ML-KEM/ML-DSA: harden against fault attacks
2026-03-05 21:34:39 -06:00
Daniel Pouzzner
fc677d7d52
Merge pull request #9833 from holtrop-wolfssl/rust-ml-kem
...
Rust wrapper: add mlkem module
2026-03-05 17:31:56 -06:00
Sean Parkinson
65a1a68877
ML-KEM/ML-DSA: harden against fault attacks
...
ML-DSA: check pointer to the y parameter has not be faulted.
ML-KEM: to harden against faultiong, use a different buffer for private
seed, sigma, and add a check that the buffer was copied correctly.
SHA-3: fix size of check variables.
2026-03-06 08:44:08 +10:00
Daniel Pouzzner
ed8f67cb37
Merge pull request #9858 from JacobBarthelmeh/ticket
...
additional sanity check with session ticket size
2026-03-05 16:35:51 -06:00
Daniel Pouzzner
8a5c1c7af1
Merge pull request #9855 from SparkiDev/sp_rv32i_muldi3
...
RISC-V 32 no mul SP C: implement multiplication
2026-03-05 16:32:26 -06:00
Daniel Pouzzner
90ca9c4b7f
Merge pull request #9864 from JacobBarthelmeh/f11
...
harden compare of mac with TLS 1.3 finished
2026-03-05 16:19:07 -06:00
Daniel Pouzzner
396b553c45
Merge pull request #9872 from SparkiDev/asn_improvements_1
...
ASN: improve handling of ASN.1 parsing/encoding
2026-03-05 16:18:12 -06:00
Daniel Pouzzner
e880f5947a
Merge pull request #9874 from Frauschi/f12
...
Harden hash comparison in TLS1.2 finished
2026-03-05 16:14:38 -06:00
Daniel Pouzzner
7cf118eae1
Merge pull request #9865 from embhorn/f362
...
F362 kNistCurves Table
2026-03-05 16:13:59 -06:00
Daniel Pouzzner
b36df34bcb
Merge pull request #9868 from embhorn/f295
...
Fix wolfSSL_get_peer_quic_transport_version
2026-03-05 16:13:14 -06:00
Daniel Pouzzner
22f40a1b5a
Merge pull request #9866 from embhorn/f196
...
Fix in wolfSSL_CTX_GenerateEchConfig
2026-03-05 16:12:27 -06:00
Daniel Pouzzner
7ee9bd03c7
Merge pull request #9867 from embhorn/f19
...
Fix sniffer CreateSession
2026-03-05 16:11:23 -06:00
Daniel Pouzzner
1866853073
Merge pull request #9883 from JacobBarthelmeh/f279
...
Fix to free RNG with SRP function in failure case
2026-03-05 16:10:35 -06:00
Daniel Pouzzner
ad3ad566f8
Merge pull request #9871 from JacobBarthelmeh/f296
...
fix to free x509 struct in error case with wolfSSL_PKCS7_get0_signers
2026-03-05 16:08:34 -06:00
Daniel Pouzzner
9010544108
Merge pull request #9870 from JacobBarthelmeh/f21
...
fix benign typo with sizeof
2026-03-05 16:07:50 -06:00
Daniel Pouzzner
63bee12c92
Merge pull request #9875 from Frauschi/f-158
...
Treat alerts as fatal errors regardless of level in TLS1.3
2026-03-05 16:06:40 -06:00
Daniel Pouzzner
888081b4e3
Merge pull request #9882 from Frauschi/f-160
...
Send alert in case of decrypted all-zero message
2026-03-05 15:57:09 -06:00
Daniel Pouzzner
4447f0cca4
Merge pull request #9881 from Frauschi/f-297
...
Make sure session ticket lifetime is in allowed range
2026-03-05 15:45:00 -06:00
Daniel Pouzzner
b2454d183d
Merge pull request #9880 from Frauschi/f-190
...
fix typo in PKCS#11 V3 init
2026-03-05 15:39:41 -06:00
Daniel Pouzzner
663187150e
Merge pull request #9878 from embhorn/f377
...
Fix checkPad to test for zero padding
2026-03-05 15:38:54 -06:00
Daniel Pouzzner
1b25c46d35
Merge pull request #9877 from embhorn/f276
...
Add null check in wolfSSL_EVP_PKEY_encrypt_init / _decrypt_init
2026-03-05 15:37:26 -06:00
Daniel Pouzzner
13c02b92b2
Merge pull request #9839 from padelsbach/crl-enhancements-ossl
...
CRL enhancements for revoked entries
2026-03-05 15:35:53 -06:00
Daniel Pouzzner
ff493c2979
Merge pull request #9834 from padelsbach/padelsbach/finding-23
...
Fix OCSP->CRL fallback
2026-03-05 15:33:25 -06:00
Daniel Pouzzner
58f48a96bf
Merge pull request #9836 from Frauschi/pkcs11_dilithium
...
Add support for ML-DSA in PKCS#11
2026-03-05 15:22:10 -06:00
Daniel Pouzzner
c65e3e50fd
Merge pull request #9825 from embhorn/zd21240
...
Fix issue in TLS_hmac size calculation
2026-03-05 15:16:47 -06:00
Daniel Pouzzner
178f96c483
Merge pull request #9854 from sameehj/rsa-pss-fix
...
Add RSA-PSS certificate support for PKCS7 EnvelopedData KTRI
2026-03-05 15:03:46 -06:00
Daniel Pouzzner
26e2f05bfd
Merge pull request #9848 from Frauschi/dtls_hrr_group
...
Fix for DTLS1.3 HRR group handling
2026-03-05 15:02:16 -06:00
Daniel Pouzzner
5fa18d9817
Merge pull request #9784 from dgarske/async_cryptocb
...
Fixes and tests for async and crypto callbacks
2026-03-05 14:59:27 -06:00
Daniel Pouzzner
91ea97ecdf
Merge pull request #9712 from night1rider/max-32666-code-improvements
...
Fix Crash when using Sha224 Callback with MAX32666
2026-03-05 14:58:02 -06:00
Daniel Pouzzner
b2913d27dd
Merge pull request #9842 from rlm2002/coverity
...
20260227 Coverity changes
2026-03-05 14:53:14 -06:00
Tobias Frauenschläger
f285a523d7
Make sure ticket lifetime is in allowed range
2026-03-05 18:22:53 +01:00
Tobias Frauenschläger
11fc781d0d
Treat alerts as fatal errors regardless of level in TLS1.3
2026-03-05 18:21:02 +01:00
JacobBarthelmeh
54816e8b18
Fix to free RNG with SRP function in failure case
2026-03-05 09:30:16 -07:00
Tobias Frauenschläger
0bb094e644
Send alert in case of decrypted all-zero message
2026-03-05 17:11:39 +01:00
David Garske
36328e31a5
Merge pull request #9857 from douzzer/20260303-linuxkm-aarch64-fixes
...
20260303-linuxkm-aarch64-fixes
2026-03-05 07:53:00 -08:00
Tobias Frauenschläger
4c5df4f2d9
fix typo in PKCS#11 V3 init
2026-03-05 16:41:05 +01:00
Eric Blankenhorn
0c2de309db
Fix wc_ecc_sign_hash_ex with Intel QA
2026-03-05 09:35:23 -06:00
Eric Blankenhorn
998967ea41
Fix review feedback
2026-03-05 08:51:52 -06:00
Eric Blankenhorn
7f487b9869
Fix checkPad to test for zero padding
2026-03-05 08:32:18 -06:00
Eric Blankenhorn
6dc4ba8a24
Fix from review
2026-03-05 08:23:02 -06:00
Eric Blankenhorn
fe12395e61
Add null check in wolfSSL_EVP_PKEY_encrypt_init / _decrypt_init
2026-03-05 08:13:26 -06:00