Commit Graph

27902 Commits

Author SHA1 Message Date
Paul Adelsbach 569a96fbd2 Fix for C++ compilers 2026-03-04 15:01:08 -08:00
Paul Adelsbach 22d7550f8e CRL enhancements for revoked entries 2026-03-04 14:53:28 -08:00
Daniel Pouzzner 1c8d593af7 Merge pull request #9860 from anhu/for_length
Fix for loop exit condition.
2026-03-04 12:18:31 -06:00
Anthony Hu 9d3cc6e30c Fix for loop exit condition.
size should be length.  s includes offset, so it must be compared against
length, not size because size is only what is after offset.
2026-03-04 10:17:33 -05:00
Daniel Pouzzner 350706d2c8 Merge pull request #9847 from embhorn/gh9846
Fix DRBG_internal alloc in wc_RNG_HealthTestLocal
2026-03-03 00:23:10 -06:00
Eric Blankenhorn 42e51701e1 Fix DRBG_internal alloc in wc_RNG_HealthTestLocal 2026-03-02 11:19:38 -06:00
Sean Parkinson 215fe1341c Merge pull request #9829 from night1rider/tmpSha-fixes
Fix potential memory leak when copying into existing SHA contexts and zero init tmpSha
2026-03-02 21:18:55 +10:00
Sean Parkinson cba9ffd703 Merge pull request #9782 from kareem-wolfssl/zd21204
Ensure length is at least ID_LEN in SetTicket.
2026-03-02 21:12:29 +10:00
David Garske a4e2d851d7 Merge pull request #9845 from douzzer/20260228-linuxkm-missed-patch
20260228-linuxkm-missed-patch
2026-02-28 15:43:17 -08:00
Daniel Pouzzner f1b65be0ca linuxkm/Makefile: fix misplaced quotes in configure call in libwolfssl-user-build recipe. 2026-02-28 14:07:00 -06:00
Daniel Pouzzner 21f7fd8901 linuxkm/include.am: add WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-7v0.patch. 2026-02-28 12:29:21 -06:00
David Garske 5d6a23bd19 Merge pull request #9844 from douzzer/20260226-linuxkm-SUPPORT_DUMP_TO_FILE
20260226-linuxkm-SUPPORT_DUMP_TO_FILE
2026-02-28 08:54:02 -08:00
Daniel Pouzzner d22175ae37 Makefile.am: for linuxkm module target, pass through "module" target as such, for compatibility with alt LIBWOLFSSL_NAME.
linuxkm/Makefile:

* don't use `readarray -d` -- it's a recent bashism;
* rework libwolfssl-user-build/src/.libs/libwolfssl.so recipe to better isolate sub-build settings.
* add support for HOSTCC and HOSTCFLAGS in libwolfssl.so build.
* deploy $(QFLAG) --no-print-directory --no-silent in several submakes for neatness and resilience.
* tweak $(LIBWOLFSSL_NAME).ko.signed recipe to add a "skipping" message and some consistency checking.

linuxkm/README.md: update FIPS DRBG /proc/crypto content to show seed source.

linuxkm/linuxkm_memory.c: fixes for format character portability in a RELOC_DEBUG_PRINTF() in wc_reloc_normalize_text).

linuxkm/linuxkm_wc_port.h: pull in linux/moduleparam.h, and if WC_LINUXKM_SUPPORT_DUMP_TO_FILE, pull in linux/fs.h and linux/uaccess.h.

linuxkm/module_hooks.c: implement WC_LINUXKM_SUPPORT_DUMP_TO_FILE: dump_to_file() and module args text_dump_path=... and rodata_dump_path=...

linuxkm/patches/7.0/WOLFSSL_LINUXKM_HAVE_GET_RANDOM_CALLBACKS-7v0.patch: add to accommodate patch-breaking change in Linux 7dff99b354.
2026-02-28 00:25:06 -06:00
Daniel Pouzzner 76bc6e337b wolfcrypt/src/hpke.c, wolfssl/wolfcrypt/error-crypt.h, wolfcrypt/src/error.c: implement RFC 9180 overflow checks on context->seq in wc_HpkeContextSealBase() and wc_HpkeContextOpenBase(), and add SEQ_OVERFLOW_E to wolfCrypt_ErrorCodes (Fenrir M-70). 2026-02-27 23:40:37 -06:00
Daniel Pouzzner 4110887871 wolfcrypt/src/aes.c: in AesSivCipher(), burn sivTmp before return (Fenrir M-69). 2026-02-27 23:40:19 -06:00
Daniel Pouzzner 616a6a5789 wolfcrypt/src/ecc.c: in wc_ecc_import_point_der_ex() and wc_ecc_import_x963_ex2(), add missing retval capture for sp_ecc_uncompress_sm2_256() (Fenrir M-68). 2026-02-27 23:39:57 -06:00
Daniel Pouzzner bdea01a931 src/x509.c: in loadX509orX509REQFromPemBio(), fix an identicalInnerCondition. 2026-02-27 23:39:38 -06:00
night1rider 69ddefb099 Zero-initialize stack-declared hash contexts in GetHash functions before passing to Copy, which now calls Free(dst) and requires valid fields. 2026-02-27 16:13:21 -07:00
night1rider 4c5e321dfb Add missing error check for wc_Sha512Final in unaligned memory test. 2026-02-27 14:31:33 -07:00
night1rider 70ccda7619 Free the reused struct before reiniting it for new test 2026-02-27 12:56:58 -07:00
night1rider d4f8f0d0a5 Revert XMEMSET 0 after free in copy process for digest/hashing functions 2026-02-27 12:56:58 -07:00
night1rider 39ab81bdda Use WC_DECLARE_VAR/WC_ALLOC_VAR for shaCopy in SHA3/Shake tests to avoid stack frame overflow on small-stack builds. 2026-02-27 12:56:58 -07:00
night1rider ca150724b3 Revert "Fix SHA3/Shake copy cleanup tests to heap-allocate shaCopy to avoid exceeding stack frame limit."
This reverts commit d99fe3bbfd.
2026-02-27 12:56:58 -07:00
night1rider b87cb3e1cd Fix SHA3/Shake copy cleanup tests to heap-allocate shaCopy to avoid exceeding stack frame limit. 2026-02-27 12:56:58 -07:00
night1rider 4713ad5675 Add Free(dst) + XMEMSET before XMEMCPY in all wc_ hash Copy functions (MD5, SHA, SHA2, SHA3, SHAKE) and add copy cleanup tests to prevent resource leaks when copying into previously-used contexts. 2026-02-27 12:56:58 -07:00
night1rider 60573a3782 memset 0 the temp contexts 2026-02-27 12:56:57 -07:00
night1rider 4c9b980c72 Fix potential memory leak in SHA Copy and zero-initialize temp GetHash contexts; zero HMAC dst hash before copy to prevent shared pointers 2026-02-27 12:56:57 -07:00
night1rider 1f3bea4907 Fix potential memory leak when copying into existing SHA contexts and zero-initialize temp GetHash contexts 2026-02-27 12:56:57 -07:00
David Garske 9102df3c83 Merge pull request #9837 from jackctj117/PKCS7-unused-variable
Fix unused variable warning in PKCS7 without WC_RSA_PSS
2026-02-27 11:27:13 -08:00
JacobBarthelmeh 080b46dfc1 Merge pull request #9840 from embhorn/zd21243
Fix prefix for WC_ALL_ARGS_NOT_NULL
2026-02-27 10:48:45 -07:00
jackctj117 e6d4c5561c Move paramsStart declaration inside WC_RSA_PSS guard 2026-02-27 09:20:54 -07:00
Eric Blankenhorn 2243133572 Fix prefix for WC_ALL_ARGS_NOT_NULL 2026-02-27 07:29:41 -06:00
Kareem aaf6aa5aca Code review feedback 2026-02-26 17:09:23 -07:00
Kareem 3d5c03a275 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into zd21204 2026-02-26 17:03:15 -07:00
JacobBarthelmeh ff84de2680 Merge pull request #9807 from julek-wolfssl/msmtp-1.8.28
Add msmtp action
2026-02-26 16:35:25 -07:00
JacobBarthelmeh fd61a2b659 Merge pull request #9816 from julek-wolfssl/socat-1.8.0.3
Changes for socat 1.8.0.3
2026-02-26 16:31:51 -07:00
JacobBarthelmeh 5a26692ee9 Merge pull request #9818 from julek-wolfssl/sssd-2.10.2
sssd 2.10.2 changes
2026-02-26 16:23:00 -07:00
Sean Parkinson b9838aa563 Merge pull request #9711 from julek-wolfssl/nginx-1.28.0
nginx 1.28.1 fixes
2026-02-27 08:39:10 +10:00
Sean Parkinson f3b57679a5 Merge pull request #9835 from douzzer/20260226-fix-aes-prefetch-optimize
20260226-fix-aes-prefetch-optimize
2026-02-27 08:23:02 +10:00
JacobBarthelmeh 921ecf0bca Merge pull request #9830 from aidangarske/fix-wolfcrypt-fenrir
Fix fenrir security findings for wolfcrypt
2026-02-26 14:20:31 -07:00
jackctj117 1f9dd3c955 Fix unused variable warning in PKCS7 without WC_RSA_PSS 2026-02-26 14:04:49 -07:00
JacobBarthelmeh 85228f088e Merge pull request #9824 from embhorn/zd21239
Fix issues in TLS Extension size calculations
2026-02-26 13:47:54 -07:00
JacobBarthelmeh ba859d21fa Merge pull request #9817 from LinuxJedi/static-fixes4
Static code analysis fixes
2026-02-26 12:03:24 -07:00
Eric Blankenhorn f53ce49694 Fix from review 2026-02-26 10:46:03 -06:00
Eric Blankenhorn edd943e115 Fix prefix map issues 2026-02-26 10:18:31 -06:00
Eric Blankenhorn be7f934157 Add test case 2026-02-26 10:18:31 -06:00
Eric Blankenhorn 187534855d Fix issues in TLS Extension size calculations 2026-02-26 10:18:30 -06:00
Daniel Pouzzner 100e79f9e5 wolfcrypt/src/aes.c: add _TI_CRYPT and _RISCV_ASM fallthrough definitions for Aes{En,de}crypt_preFetchOpt. 2026-02-26 09:24:10 -06:00
Juliusz Sosinowicz fe85ca643a Add test for EC_POINT_dup 2026-02-26 15:18:36 +01:00
Juliusz Sosinowicz fc0ec06e72 sssd 2.10.2 changes 2026-02-26 15:18:36 +01:00