Commit Graph

30021 Commits

Author SHA1 Message Date
Colton Willey 7ea94c9a99 Docker/OpenWrt: accept exit 4 or 5 in negative TLS tests
uclient-fetch intermittently returns 4 ("connection reset prematurely") instead of 5: with ML-KEM enabled by default the larger ClientHello is sometimes reset by the server before the cert is evaluated. Accept either on all four negative tests as a band-aid.
2026-06-09 09:49:43 -07:00
Daniel Pouzzner 8fca95ce65 Merge pull request #10532 from rlm2002/zd21800
Remove chain walk for OCSP responder
2026-06-05 16:27:00 -05:00
Daniel Pouzzner 02d08790af Merge pull request #10575 from julek-wolfssl/fenrir-fixes-20260601
Fenrir: TLS/DTLS conformance and crypto hardening fixes
2026-06-05 16:26:05 -05:00
Daniel Pouzzner 764245a8a1 Merge pull request #10489 from holtrop-wolfssl/zd21798
Check SNI/ALPN in TLS 1.2/1.3 session resumptions
2026-06-05 16:25:18 -05:00
Daniel Pouzzner d5560b06cf Merge pull request #10556 from holtrop-wolfssl/rust-crate-updates-3
Rust wrapper: add scrypt KDF and RSA-OAEP support
2026-06-05 16:24:29 -05:00
Daniel Pouzzner 97095d209a Merge pull request #10561 from sebastian-carpenter/tls-ech-send-on-rejection
Enhancement: Stand out less with ECH or GREASE ECH
2026-06-05 16:23:41 -05:00
Daniel Pouzzner c300c41a68 Merge pull request #10514 from kaleb-himes/PQ-DOX
Add PQ documentation
2026-06-05 16:23:05 -05:00
Daniel Pouzzner 3012154367 Merge pull request #10259 from sebastian-carpenter/tls-ech-keylog
TLS ECH keylogging
2026-06-05 16:22:11 -05:00
Daniel Pouzzner 7caa3b97a8 Merge pull request #10503 from kareem-wolfssl/zd21858
Fix potential mismatch in size between DECL_MP_INT_SIZE_DYN and NEW_MP_INT_SIZE, fix unused variable warning in random.c.
2026-06-05 16:20:55 -05:00
Daniel Pouzzner fe77e37025 Merge pull request #10476 from julek-wolfssl/cache-overhead
Cache AEAD record overhead on WOLFSSL
2026-06-05 16:20:15 -05:00
Daniel Pouzzner 1d934846ea Merge pull request #10565 from philljj/bsdkm_misc_cleanup
bsdkm: misc cleanup.
2026-06-05 15:21:57 -05:00
David Garske f9817cf996 Merge pull request #10431 from mattia-moffa/20260330-max32666-sha-bare-metal
MAX32666 bare-metal SHA accelerator
2026-06-05 13:03:00 -07:00
Daniel Pouzzner c99567c96d Merge pull request #10596 from SparkiDev/regression_fixes_24
Regression testing fixes
2026-06-05 13:37:56 -05:00
Daniel Pouzzner f8f1e932a5 Merge pull request #10534 from SparkiDev/tls13_psk_id_fix
TLSv1.3 PSK binders: always use id protection
2026-06-05 12:36:00 -05:00
Daniel Pouzzner 2d186b378a Merge pull request #10537 from SparkiDev/tls13_pt_alert_before_enc
TLS 1.3 plaintext alert: ignore before seeing encrypted
2026-06-05 11:12:47 -05:00
Daniel Pouzzner 4bf2d52780 Merge pull request #10571 from Frauschi/mlkem_rename
Migrate internal ML-KEM consumers to canonical wc_MlKemKey API
2026-06-05 11:00:44 -05:00
Daniel Pouzzner 727041b525 Merge pull request #10543 from anhu/zeroOnAuthFail
For chachapoly, force zero of output on auth fail
2026-06-05 10:55:05 -05:00
Daniel Pouzzner d80785bb07 Merge pull request #10583 from Frauschi/zephyr_patch
Fixes for Zephyr secure sockets integration
2026-06-05 10:06:23 -05:00
Sean Parkinson eeab53205a Merge pull request #10600 from douzzer/20260604-asm-and-linuxkm-fixes
20260604-asm-and-linuxkm-fixes
2026-06-05 20:55:43 +10:00
Daniel Pouzzner b8d8e918af Merge pull request #10597 from SparkiDev/sp_lazy_mutex_init_improv
SP gen: FP_ECC init mutex improvement
2026-06-04 22:38:06 -05:00
Sean Parkinson b0757c1cb7 TLS 1.3 plaintext alert: ignore before seeing encrypted
Change to ignore plaintext alerts when
WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC is defined only until first
encrypted message from peer is seen.

Negative testing added.
2026-06-05 12:35:04 +10:00
Sean Parkinson 0796519a99 More regression testing fixes
Leak fixes: free existing ssl->buffers.key before overwriting in SetSSL_CTX() (internal.c) and wolfSSL_set_SSL_CTX() (ssl.c)

UAF fix: wc_CheckRsaKey() — mp_memzero_check(tmp) moved before the free (rsa.c)

Build guards: #ifndef NO_ED25519/ED448_VERIFY around forged-sig test data (test_ed25519/ed448.c); guard equal()/cmov() for verify-only builds (ge_operations.c); guard unused pointers under WOLFSSL_MLDSA_SIGN_SMALL_MEM_PRECALC (wc_mldsa.c)

Test cleanups (test.c): fix UB from out-of-range enum in hash_test(), always free AES dec object, fix der buffer declaration under small-stack builds
2026-06-05 11:30:53 +10:00
Sean Parkinson 089f1f7c91 TLSv1.3 PSK binders: always use id protection
Removed WOLFSSL_PSK_ID_PROTECTION from use as it is now on by default.
Always check whether the server has a certificate (not a CA chain).
If there is a certificate then continue, otherwise, report a binder
error.

Added test to ensure binder error returned and alert sent when no
NO_CERT. test_tls13_bad_psk_binder already tested no certificate.

Allowed memio test harness to be built when NO_CERT is defined.
2026-06-05 11:16:48 +10:00
Sean Parkinson ada6c5f95b SP gen: FP_ECC init mutex improvement
F-1379
Better handling of the lazy mutex initialization to use atomics where
available.

Improved atomic code when no system support:
 - add types
 - used types in functions

Add --no-ec to unit.test to not run wolfCrypt tests.
2026-06-05 10:58:44 +10:00
Daniel Pouzzner af119869d2 Merge pull request #10364 from MarkAtwood/fix/evp-cipher-iv-length-cfb-ofb
fix: EVP_CIPHER_iv_length returns 0 for AES-CFB128 and AES-OFB (ZD-21730)
2026-06-04 17:26:48 -05:00
Daniel Pouzzner b2e4bd1a11 Merge pull request #9987 from MarkAtwood/fix/evp-pkey-cmp-after-der-roundtrip
evp: fix EVP_PKEY_cmp for EC keys after DER deserialization
2026-06-04 17:19:46 -05:00
Daniel Pouzzner 6c4c03dc76 Merge pull request #10593 from miyazakh/f4429_EntropyGet
f4429 Add missing upper-bound validation in wc_Entropy_Get()
2026-06-04 17:09:36 -05:00
David Garske 887f88b106 Merge pull request #10599 from michael-membrowse/master
fix membrowse report group
2026-06-04 14:38:11 -07:00
Daniel Pouzzner 50166aab36 wolfcrypt/src/port/ppc64/ppc64-aes-asm.S: use TOC-relative addressing consistently, and add ELFv2 global-entry prologues. 2026-06-04 16:28:08 -05:00
Mattia Moffa bd022d995a Update README so the #define can be grepped by CI 2026-06-04 23:11:53 +02:00
Michael Rogov Papernov 5d810f4625 fix membrowse report group 2026-06-04 21:04:16 +01:00
Daniel Pouzzner ca59984200 wolfssl/wolfcrypt/settings.h: for WOLFSSL_LINUXKM, force on NO_STDDEF_H to avoid conflicts with linux/stddef.h, which is always included indirectly in linuxkm_wc_port.h (via linux/kernel.h);
fix indentation in WOLFSSL_uITRON4 section.
2026-06-04 14:20:50 -05:00
Daniel Pouzzner a7b0b3ebc2 linuxkm/module_hooks.c: tweak wc_linuxkm_malloc_usable_size() and my_kallsyms_lookup_name(), moving wc_linuxkm_can_block() to where it's really needed in my_kallsyms_lookup_name(). 2026-06-04 14:18:34 -05:00
Daniel Pouzzner 99bf36bb61 wolfcrypt/src/port/arm/armv8-32-curve25519.S and wolfcrypt/src/port/arm/armv8-32-curve25519_c.c: fix MPI overflow in L_curve25519_inv_8, similar to fix in #10536 (efabd1844a). 2026-06-04 14:12:01 -05:00
Mattia Moffa 8404459918 Update README 2026-06-04 21:04:34 +02:00
Mattia Moffa 6291af4e88 Add WOLFSSL_MAX3266X_SHA_ONESHOT to go to previous behavior 2026-06-04 20:59:29 +02:00
jordan 27edd64118 bsdkm: call wolfkdriv_unregister before wolfkmod_cleanup, and misc cleanup. 2026-06-04 11:42:43 -05:00
philljj 1f0f29cf30 Merge pull request #10590 from douzzer/20260603-linuxkm-fixes
20260603-linuxkm-fixes
2026-06-04 11:14:35 -05:00
Sean Parkinson 26a2b793dc Regression testing fixes
1. Side-aware ML-KEM in TLS (tls.c, tls13.c, ssl.c, internal.h):
TLSX_IsGroupSupported/TLSX_UseSupportedCurve take a `side` arg; new
TLSX_IsMlKemGroupSupported + client/server support macros. A build only
capable of one ML-KEM op no longer advertises groups it can't use for
its role.

2. NO_ASN_TIME support (ssl_asn1.c, ssl.h, settings.h): data-only
ASN1_TIME APIs now compile without system time; OCSP responder
auto-disabled under NO_ASN_TIME.

3. SP ECC (sp_*.c, sp_x86_64_asm.asm): curve `b` constants and
sp_ecc_is_point_* always compiled (point-check available in more
configs); asm movsxd -> movsx.

4. configure.ac: BUILD_MEMUSE fixed to trigger on != "xno".

5. Test fixes: HRR-aware TLS 1.3 memio tests (new
test_memio_msg_is_hello_retry_request); tightened build guards
(Ed25519/Ed448 key-import, AES decrypt, XMSS heights, SP sizes,
static-PSK).
2026-06-04 18:29:24 +10:00
Hideki Miyazaki 904a70d179 Addressed Copilot comments 2026-06-04 15:30:39 +09:00
Daniel Pouzzner 3bf1ae36a7 Merge pull request #10539 from julek-wolfssl/misc/20260527
Guard test_wrong_cs_downgrade on SHA-384 cipher suite; enable SHA disables in minimal DTLS os-check build
2026-06-03 22:50:57 -05:00
Daniel Pouzzner 35329296e8 Merge pull request #10554 from gasbytes/ocsp-certid-serial-number-fix
OCSP_resp_find_status to require exact serial-length match
2026-06-03 22:49:31 -05:00
Daniel Pouzzner 12e7a1d5c3 Merge pull request #10548 from SparkiDev/x509_fixups_1
X509 API: fix issues
2026-06-03 22:48:19 -05:00
Daniel Pouzzner 513bbccf9d Merge pull request #10574 from embhorn/zd21918
Fix in IoTSafe RaspPi client example
2026-06-03 22:36:51 -05:00
Daniel Pouzzner 4993571ccd Merge pull request #10549 from rizlik/nc_dns_wildcards
NameConstraints: support wildcard SAN
2026-06-03 22:29:49 -05:00
Daniel Pouzzner 374ad4051d Merge pull request #10555 from anhu/NO_STDATOMIC_FENCE
Change macro name to avoid suspicion of typo
2026-06-03 20:49:47 -05:00
Daniel Pouzzner 590a367d16 Merge pull request #10576 from holtrop-wolfssl/zd21906
Fix user buffer overrun from wolfSSL_get_finished/wolfSSL_get_peer_finished
2026-06-03 20:48:03 -05:00
Daniel Pouzzner c96da9a002 Merge pull request #10581 from miyazakh/ra6m4_update
Removes the legacy ASN parser override (`WOLFSSL_ASN_ORIGINAL`) from …
2026-06-03 20:42:46 -05:00
Daniel Pouzzner 86fa502285 Merge pull request #10577 from kareem-wolfssl/zd21907
Fix compilation with WOLFSSL_RNG_USE_FULL_SEED.  Fix benchmark compilation with MAIN_NO_ARGS.
2026-06-03 20:41:02 -05:00
Hideki Miyazaki 9e711f5c9c Add MAX ENTROPY BITS check 2026-06-04 09:08:24 +09:00