Commit Graph

29160 Commits

Author SHA1 Message Date
Sean Parkinson 9427f9f26c Merge pull request #9665 from dgarske/cleanup_20260114
Remove Devin Lifeguard
2026-01-16 09:22:47 +10:00
Sean Parkinson fabe0c090a Merge pull request #9646 from rlm2002/coverity
20260112 Coverity: update macros and add length checks
2026-01-16 09:20:01 +10:00
Eric Blankenhorn b3bb8edf45 Fix doc for wc_ecc_verify_hash / _ex 2026-01-15 17:01:24 -06:00
Eric Blankenhorn 8316a4080d Fix doc for wc_ecc_mulmod 2026-01-15 16:45:48 -06:00
Daniel Pouzzner eb65361281 wolfcrypt/test/test.c:
* tweaks to xmss_test() for compatibility with WOLFSSL_NO_MALLOC && NO_WOLFSSL_MEMORY;
* fixes for return codes in dilithium_test().

wolfssl/wolfcrypt/dilithium.h: add !WC_NO_CONSTRUCTORS gate around wc_dilithium_new() and wc_dilithium_delete() prototypes, to match gating in implementation.
2026-01-15 16:04:36 -06:00
Brett 65a2b06d89 ANCV: support server-side policy creation 2026-01-15 11:59:59 -07:00
Brett 22a9665e6d Prevent verify callback from blocking ANCV invocation when verify
callback is registered. Reverts behavior to pre-PR#9144
2026-01-15 11:59:59 -07:00
Ruby Martin b4344c17cc add cleanup logic to sakke_kat_derive_test() 2026-01-15 10:58:26 -07:00
Ruby Martin 2596d56802 verify length limit for supported version ext
add length check to tls extensions
2026-01-15 10:58:26 -07:00
Josh Holtrop e7612ff36f Improve log message and error code for invalid HelloRetryRequest - fix #9653 2026-01-15 12:55:17 -05:00
David Garske 20c4e2760b Remove Devin Lifeguard 2026-01-15 09:50:34 -08:00
David Garske 16e45f94ae Merge pull request #9672 from holtrop-wolfssl/fix-hostap-git-url
Fix hostap repo clone URL
2026-01-15 09:49:45 -08:00
David Garske 7370e3145d Merge pull request #9666 from padelsbach/arduino-esp32-space
Experimental: Reduce disk space for esp32 Arduino builds
2026-01-15 09:49:27 -08:00
Josh Holtrop a4a24ad2fe Fix hostap repo clone URL 2026-01-15 09:30:27 -05:00
Eric Blankenhorn 3c5b8f900e Fix TLSX_Parse to correctly handle client and server cert type ext with TLS1.3 2026-01-15 07:36:52 -06:00
Sean Parkinson 17de9bdec6 ARM32 HW Crypto: AES-GCM set key unaligned key
The key is user data and is not necessarily aligned.
Load key data using 8-bit (byte) alignment.
2026-01-15 20:22:32 +10:00
Paul Adelsbach c193c4c64f Reduce disk space for esp32 Arduino builds 2026-01-14 20:02:50 -08:00
David Garske 0f3c769c44 Merge pull request #9660 from douzzer/20260114-fixes
20260114-fixes
2026-01-14 20:00:27 -08:00
David Garske f0d3957aa9 Merge pull request #9643 from mattia-moffa/20260112-sniffer-fixes
More sniffer length checks
2026-01-14 17:00:12 -08:00
Daniel Pouzzner 96f8eb01f9 wolfssl/wolfcrypt/asn.h and wolfssl/openssl/obj_mac.h: add shortname and longname mappings for ASN subject fields. 2026-01-14 18:03:32 -06:00
Daniel Pouzzner 8d3adfad44 wolfssl/wolfcrypt/falcon.h and wolfssl/wolfcrypt/sphincs.h: in falcon_key and sphincs_key, use WC_BITFIELD foo:1, not bool, to fix readability-implicit-bool-conversion. 2026-01-14 18:03:32 -06:00
Daniel Pouzzner f738e44e39 wolfcrypt/test/test.c: in random_bank_test(), fix position of a misplaced WC_DRBG_BANKREF gate. 2026-01-14 18:03:32 -06:00
Sean Parkinson 9b5cbbc3fb Merge pull request #9663 from embhorn/zd21045
Resolve unused var warning in oss-fuzz
2026-01-15 08:36:17 +10:00
Josh Holtrop b432ee93a5 Add incremental API for HMAC-BLAKE2[bs] computation 2026-01-14 16:12:42 -05:00
Daniel Pouzzner e8934f7a9e Merge pull request #9661 from JacobBarthelmeh/lic
add SWUpdate to GPLv2 exception list
2026-01-14 14:39:49 -06:00
Josh Holtrop 74c79dab1e Update constants in BLAKE2 doxygen documentation 2026-01-14 15:37:29 -05:00
Josh Holtrop 2b3c02531c Use ForceZero to clean up HMAC-BLAKE2[bs] 2026-01-14 15:37:29 -05:00
Josh Holtrop ee708dc457 Update README and doxygen for BLAKE2b/BLAKE2s 2026-01-14 15:37:29 -05:00
Josh Holtrop 92b57d7e34 Add HMAC-BLAKE2b and HMAC-BLAKE2s API functions 2026-01-14 15:37:28 -05:00
Ruby Martin e32ac6ffb7 XMEMSET with WC_CALLOC_VAR_EX
switch WC_ALLOC_VAR_EX with XMEMSET to WC_CALLOC_VAR_EX

fix XMEMSET call for WC_CALLOC_VAR_EX
2026-01-14 11:27:21 -07:00
Paul Adelsbach f3fb63aea7 Add length check to Hmac_UpdateFinal_CT to prevent build error 2026-01-14 09:31:35 -08:00
Eric Blankenhorn 625a3cd250 Resolve unused var warning in oss-fuzz 2026-01-14 11:23:19 -06:00
David Garske 2a5256ba18 Merge pull request #9654 from embhorn/zd21038
Fix DecodeAuthKeyInternal not clearing cert->extAuthKeyIdSet
2026-01-14 09:19:24 -08:00
JacobBarthelmeh 32d33f2a53 add SWUpdate to GPLv2 exception list 2026-01-14 09:42:39 -07:00
Alex Lanzano bdc525dd6d [TLS 1.2, TLS 1.3] Fail immediately if server sends empty certificate message for TLS 1.2 and beyond 2026-01-14 11:30:13 -05:00
David Garske 35f6910186 Merge pull request #9649 from douzzer/20260112-fixes
20260112-fixes
2026-01-13 15:03:43 -08:00
Daniel Pouzzner 1d247b744c wrapper/rust/: fix unit tests to avoid out-of-order wolfCrypt_Cleanup(). 2026-01-13 14:43:50 -06:00
Daniel Pouzzner f878c43814 wolfcrypt/src/wc_port.c: in wolfCrypt_Cleanup(), return error if called with initRefCount <= 0. 2026-01-13 14:42:27 -06:00
Daniel Pouzzner 627f51632b configure.ac: add -Wno-deprecated-enum-enum-conversion to CFLAGS to suppress C++20 default if applicable. 2026-01-13 12:41:53 -06:00
Daniel Pouzzner 366f5fe411 src/ssl.c: refactor initRefCount increment/decrement to avoid -Wvolatile. 2026-01-13 11:21:40 -06:00
Daniel Pouzzner f6fbd2a3b7 wolfcrypt/test/test.c: in random_bank_test(), add a missing WC_DRBG_BANKREF gate, and fix wc_rng_bank_init(bank, ...) to pass _FLAG_NO_VECTOR_OPS to set up .sha_method test. 2026-01-13 11:21:40 -06:00
Daniel Pouzzner b195628204 wolfcrypt/src/sha512.c: fix underinitialization and config-dependent leak paths in InitSha512_Family(). 2026-01-13 11:21:40 -06:00
Daniel Pouzzner fc68137b47 wolfcrypt/src/wc_port.c:
* fixes for readability-implicit-bool-conversion in wolfSSL_Atomic_Ptr_CompareExchange().
* refactor initRefCount as a wolfSSL_Atomic_Int, unless !WOLFSSL_ATOMIC_OPS, for thread safety.
2026-01-13 11:21:39 -06:00
Daniel Pouzzner e0db99218f wolfcrypt/src/asn.c: fix -Wstringop-truncation from gcc-16.0.0_p20260104 in KeyPemToDerPassCb(). 2026-01-13 11:21:39 -06:00
Daniel Pouzzner 6f48e0613e Merge pull request #9647 from SparkiDev/sp_volatile_op_fix
SP volatile op fix
2026-01-13 11:20:13 -06:00
Sean Parkinson 37b20fabdc SP volatile op fix
Performing a non-atomic operation on a volatile.
Deprecated in C++20 and checked by new versions of compilers.
2026-01-14 02:17:20 +10:00
Eric Blankenhorn 4e419938a7 Fix DecodeAuthKeyInternal not clearing cert->extAuthKeyIdSet 2026-01-13 08:09:10 -06:00
Daniel Pouzzner caa6429242 Merge pull request #9624 from holtrop-wolfssl/rust-xchacha20-poly1305
Rust wrapper: add one-shot XChaCha20-Poly1305 encrypt/decrypt functions
2026-01-13 00:51:15 -06:00
Sean Parkinson 1aa79af41e Multiple volatile variables in a C statement undefined
Undefined behaviour when there are multiple volatile variables accessed
in the one C statement.
Changes to introduce non-volatile temporaries, split statement or make
variable non-volatile.
2026-01-13 15:08:50 +10:00
Daniel Pouzzner 05e480f14f Merge pull request #9644 from philljj/bsdkm_time
bsdkm: sys time wrapper.
2026-01-12 22:01:33 -06:00