Daniel Pouzzner
|
65092ab5eb
|
Merge pull request #9838 from SparkiDev/slhdsa_1
FIPS 205, SLH-DSA: implementation
|
2026-03-10 19:28:59 -05:00 |
|
Daniel Pouzzner
|
18d1190e82
|
Merge pull request #9924 from Frauschi/f-426
Fix potential underflow in sniffer
|
2026-03-09 23:42:32 -05:00 |
|
Daniel Pouzzner
|
f5902bd29a
|
Merge pull request #9862 from embhorn/zd21243
Fix DeriveTls13Keys with no_key
|
2026-03-09 23:41:52 -05:00 |
|
Daniel Pouzzner
|
5bb8b3f803
|
src/pk_ec.c: in wolfSSL_ECDSA_SIG_new(), mitigate false-positive nullPointerOutOfMemory by returning immediately if initial XMALLOC() fails.
|
2026-03-09 10:59:50 -05:00 |
|
Eric Blankenhorn
|
9f1296062b
|
Update comment
|
2026-03-09 09:49:39 -06:00 |
|
Eric Blankenhorn
|
d57474a3b7
|
Fix DeriveTls13Keys with no_key
|
2026-03-09 09:46:17 -06:00 |
|
Tobias Frauenschläger
|
7ed66dd1c3
|
Fix potential underflow in sniffer
|
2026-03-09 13:37:02 +01:00 |
|
Sean Parkinson
|
39b34333d6
|
FIPS 205, SLH-DSA: implementation
Adding implementation of SLH-DSA.
Included optimizations for Intel x64.
Some tests added.
|
2026-03-09 19:06:34 +10:00 |
|
Daniel Pouzzner
|
f0ba67ee21
|
Merge pull request #9906 from julek-wolfssl/fenrir/25
wolfSSL_ASN1_item_i2d: simplify buf cleanup
|
2026-03-06 22:31:27 -06:00 |
|
Daniel Pouzzner
|
1d49f411c7
|
Merge pull request #9914 from julek-wolfssl/fenrir/30
Make sure size check doesn't underflow
|
2026-03-06 22:30:51 -06:00 |
|
Daniel Pouzzner
|
467f16f47d
|
Merge pull request #9913 from julek-wolfssl/fenrir/365
Enforce null compression in compression_methods list
|
2026-03-06 22:29:59 -06:00 |
|
Daniel Pouzzner
|
a8686f615e
|
Merge pull request #9911 from julek-wolfssl/fenrir/298
QUIC transport parameters are carried in the ClientHello and the EncryptedExtensions messages
|
2026-03-06 22:28:40 -06:00 |
|
Daniel Pouzzner
|
5f15d57d89
|
Merge pull request #9908 from julek-wolfssl/fenrir/205
Set upper bound on post-auth cert reqs
|
2026-03-06 22:27:59 -06:00 |
|
Daniel Pouzzner
|
3b68026e70
|
Merge pull request #9907 from julek-wolfssl/fenrir/202
wolfSSL_X509_set_ext: fix memory handling
|
2026-03-06 22:27:23 -06:00 |
|
Daniel Pouzzner
|
4e4215ada9
|
Merge pull request #9904 from julek-wolfssl/fenrir/24
Clean up hpke and rng allocation
|
2026-03-06 22:26:40 -06:00 |
|
Daniel Pouzzner
|
1744819348
|
Merge pull request #9901 from julek-wolfssl/fenrir/294
Add bounds check on read in sniffer
|
2026-03-06 22:25:58 -06:00 |
|
Daniel Pouzzner
|
a875ffe1f6
|
Merge pull request #9899 from julek-wolfssl/fenrir/16
Replace `XMEMCMP` with `ConstantCompare` when validating secure renegotiation (SCR) verify data
|
2026-03-06 22:25:24 -06:00 |
|
Daniel Pouzzner
|
2655c436da
|
Merge pull request #9861 from JacobBarthelmeh/f360
additional sanity check on number of groups passed to set groups func…
|
2026-03-06 22:23:40 -06:00 |
|
Daniel Pouzzner
|
431724aaf0
|
Merge pull request #9909 from Frauschi/f-159
Error out in case of unknown extensions in response message in TLS 1.3
|
2026-03-06 22:22:58 -06:00 |
|
Daniel Pouzzner
|
45d814e4f2
|
Merge pull request #9884 from Frauschi/f-204
Prevent session ticket nonce overflow
|
2026-03-06 22:22:24 -06:00 |
|
Daniel Pouzzner
|
313d27df15
|
Merge pull request #9900 from julek-wolfssl/fenrir/357
Use ConstantCompare in EchCheckAcceptance
|
2026-03-06 22:21:44 -06:00 |
|
Daniel Pouzzner
|
6c37629aa5
|
Merge pull request #9898 from julek-wolfssl/fenrir/15
Replace XMEMCMP with ConstantCompare for ticket MAC verification
|
2026-03-06 22:20:38 -06:00 |
|
Daniel Pouzzner
|
6424092fa6
|
Merge pull request #9903 from julek-wolfssl/fenrir/20
Remove duplicate check
|
2026-03-06 22:19:51 -06:00 |
|
JacobBarthelmeh
|
013e2c8fdf
|
remove special characters, use simple ASCII characters
|
2026-03-06 17:22:25 -07:00 |
|
Juliusz Sosinowicz
|
694f251663
|
Add explicit casts
|
2026-03-06 18:11:33 +01:00 |
|
Juliusz Sosinowicz
|
3c06c22314
|
Make sure only free'd on error
|
2026-03-06 18:01:02 +01:00 |
|
Juliusz Sosinowicz
|
479de5a211
|
Always eval both ConstantCompare statements
|
2026-03-06 17:56:33 +01:00 |
|
Tobias Frauenschläger
|
a2622746cd
|
Error out in case of unknown extensions in response message in TLS 1.3
|
2026-03-06 17:09:49 +01:00 |
|
Juliusz Sosinowicz
|
5e22d04baf
|
Make sure size check doesn't underflow
F-30
|
2026-03-06 17:05:35 +01:00 |
|
Juliusz Sosinowicz
|
1537f83c24
|
Enforce null compression in compression_methods list`
F-365
|
2026-03-06 16:56:09 +01:00 |
|
Juliusz Sosinowicz
|
52c64c1340
|
QUIC transport parameters are carried in the ClientHello and the EncryptedExtensions messages
F-298
|
2026-03-06 16:21:11 +01:00 |
|
Juliusz Sosinowicz
|
0c26920ea0
|
Set upper bound on post-auth cert reqs
F-205
|
2026-03-06 16:07:41 +01:00 |
|
Juliusz Sosinowicz
|
49039ef156
|
wolfSSL_X509_set_ext: fix memory handling
|
2026-03-06 12:11:53 +01:00 |
|
Juliusz Sosinowicz
|
da9dc821e4
|
wolfSSL_ASN1_item_i2d: simplify buf cleanup
F-25
|
2026-03-06 12:03:46 +01:00 |
|
Tobias Frauenschläger
|
1d8864980a
|
Prevent session ticket nonce overflow
|
2026-03-06 10:23:08 +01:00 |
|
Juliusz Sosinowicz
|
ac333c371c
|
Clean up hpke and rng allocation
|
2026-03-06 09:47:49 +01:00 |
|
Juliusz Sosinowicz
|
c62f535cb5
|
Remove duplicate check
F-20
|
2026-03-06 09:25:32 +01:00 |
|
Juliusz Sosinowicz
|
ddac52c6e8
|
Clear expandLabelPrk
F-359
|
2026-03-06 09:19:46 +01:00 |
|
Juliusz Sosinowicz
|
679d04d201
|
Add bounds check on read in sniffer
|
2026-03-06 09:05:53 +01:00 |
|
Juliusz Sosinowicz
|
eaef832494
|
Use ConstantCompare in EchCheckAcceptance
F-357
|
2026-03-06 08:55:34 +01:00 |
|
Juliusz Sosinowicz
|
1555ec4b76
|
Replace XMEMCMP with ConstantCompare when validating secure renegotiation (SCR) verify data
F-16
|
2026-03-06 08:51:37 +01:00 |
|
Juliusz Sosinowicz
|
94adedd109
|
Replace XMEMCMP with ConstantCompare for ticket MAC verification
F-15
|
2026-03-06 08:43:20 +01:00 |
|
Daniel Pouzzner
|
ed8f67cb37
|
Merge pull request #9858 from JacobBarthelmeh/ticket
additional sanity check with session ticket size
|
2026-03-05 16:35:51 -06:00 |
|
Daniel Pouzzner
|
90ca9c4b7f
|
Merge pull request #9864 from JacobBarthelmeh/f11
harden compare of mac with TLS 1.3 finished
|
2026-03-05 16:19:07 -06:00 |
|
Daniel Pouzzner
|
396b553c45
|
Merge pull request #9872 from SparkiDev/asn_improvements_1
ASN: improve handling of ASN.1 parsing/encoding
|
2026-03-05 16:18:12 -06:00 |
|
Daniel Pouzzner
|
e880f5947a
|
Merge pull request #9874 from Frauschi/f12
Harden hash comparison in TLS1.2 finished
|
2026-03-05 16:14:38 -06:00 |
|
Daniel Pouzzner
|
7cf118eae1
|
Merge pull request #9865 from embhorn/f362
F362 kNistCurves Table
|
2026-03-05 16:13:59 -06:00 |
|
Daniel Pouzzner
|
b36df34bcb
|
Merge pull request #9868 from embhorn/f295
Fix wolfSSL_get_peer_quic_transport_version
|
2026-03-05 16:13:14 -06:00 |
|
Daniel Pouzzner
|
22f40a1b5a
|
Merge pull request #9866 from embhorn/f196
Fix in wolfSSL_CTX_GenerateEchConfig
|
2026-03-05 16:12:27 -06:00 |
|
Daniel Pouzzner
|
7ee9bd03c7
|
Merge pull request #9867 from embhorn/f19
Fix sniffer CreateSession
|
2026-03-05 16:11:23 -06:00 |
|