Ruby Martin
8314aa56ae
catch MEMORY_E from CALLOC_ASNSETDATA()
2026-03-12 09:53:34 -06:00
JacobBarthelmeh
c15715ed54
Merge pull request #9737 from sebastian-carpenter/tls-ech-confirmation-fix
...
TLS ECH Testing Improvements
2026-03-11 15:11:13 -06:00
sebastian-carpenter
bb7c6a13c8
ECH tidying
2026-03-11 12:07:20 -06:00
sebastian-carpenter
8a7d327d24
ECH fixes F-293, F-201, F-358, F-203
2026-03-11 10:06:37 -06:00
sebastian-carpenter
032dbe6878
ECH fixes F-292, F-28
2026-03-11 10:06:36 -06:00
sebastian-carpenter
e17ac41070
TLS ECH fixes [SNI, api.c, server.c, comments]
2026-03-11 09:52:13 -06:00
sebastian-carpenter
58625d1f03
corrections for ECH specification
2026-03-11 09:52:11 -06:00
sebastian-carpenter
c3a38dced7
testing + bug fixes for TLS ECH
2026-03-11 08:56:26 -06:00
sebastian-carpenter
cb2d693550
bad rebase + fixing dtls13 support for ECH
2026-03-11 08:54:00 -06:00
sebastian-carpenter
a2fe12a38a
TLS ECH OuterExtensions support (Server side)
2026-03-11 08:54:00 -06:00
sebastian-carpenter
30cfb385eb
fixed seg fault when confirmation not present
2026-03-11 08:54:00 -06:00
sebastian-carpenter
3605c2a417
client and server fix for TLS ECH
2026-03-11 08:54:00 -06:00
Daniel Pouzzner
3540d89c0d
Merge pull request #9945 from holtrop-wolfssl/zd21327
...
Avoid one-byte read outside of allocated encrypted content buffer in wc_PKCS7_DecodeEnvelopedData()
2026-03-10 22:39:24 -05:00
Daniel Pouzzner
a5bc0cd929
Merge pull request #9887 from rlm2002/static_analysis
...
20260305 Coverity fixes
2026-03-10 22:34:57 -05:00
Daniel Pouzzner
fc7c19bb07
Merge pull request #9934 from SparkiDev/tls_length_fixes_1
...
TLS: Better handling of parsing TLS extensions
2026-03-10 22:34:10 -05:00
Daniel Pouzzner
2db5fbb04e
Merge pull request #9933 from rlm2002/coverity
...
20260309 Coverity changes for Sunday build
2026-03-10 22:32:23 -05:00
Daniel Pouzzner
bfe0b21829
Merge pull request #9765 from night1rider/zephyr-4_3_0-posix-fix
...
Add Zephyr 4.1+ build compatibility for wolfssl_tls_sock sample.
2026-03-10 22:28:43 -05:00
Daniel Pouzzner
ad21c89ba8
Merge pull request #9944 from JacobBarthelmeh/revert-pr9909
...
revert PR 9909
2026-03-10 19:38:57 -05:00
Daniel Pouzzner
be6e088f46
Merge pull request #9942 from padelsbach/padelsbach/crl-gen-script-fix
...
Generate CRLs from unit test script
2026-03-10 19:38:29 -05:00
Daniel Pouzzner
8246fa2900
Merge pull request #9910 from holtrop-wolfssl/rust-lms
...
Rust wrapper: add lms module
2026-03-10 19:37:41 -05:00
Daniel Pouzzner
e8a53c2e6d
Merge pull request #9941 from kaleb-himes/v6-wolfentropy-combofix
...
Ensure user-space wolfentropy builds of the v6 module compile the cor…
2026-03-10 19:36:52 -05:00
Daniel Pouzzner
e4dea8f261
Merge pull request #9885 from Frauschi/missing_force_zero
...
Add missing ForceZero calls
2026-03-10 19:36:07 -05:00
Daniel Pouzzner
f9b15210d9
Merge pull request #9921 from Frauschi/zd21310
...
Zeroize preMasterSecret in hybrid PQ/T error cases
2026-03-10 19:35:12 -05:00
Daniel Pouzzner
51693156fe
Merge pull request #9939 from SparkiDev/mlkem_comments_fixes
...
ML-KEM: Fixes for comments plus bug fixes
2026-03-10 19:34:39 -05:00
Daniel Pouzzner
3203610249
Merge pull request #9925 from sameehj/fix-compilation
...
Fix undefined variable tls1 in InitSuites for PSK cipher suite
2026-03-10 19:34:05 -05:00
Daniel Pouzzner
4e84c7e05a
Merge pull request #9931 from aidangarske/fix-wolfcrypt-fenrir-1
...
Fix Fenrir 376
2026-03-10 19:33:32 -05:00
Daniel Pouzzner
f1508c910a
Merge pull request #9930 from julek-wolfssl/fenrir/260903
...
Fenrir fixes
2026-03-10 19:32:56 -05:00
Daniel Pouzzner
7af6decbf3
Merge pull request #9856 from anhu/rsa_guard
...
Macro guard parameter null check.
2026-03-10 19:32:19 -05:00
Daniel Pouzzner
f18d5ba359
Merge pull request #9928 from philljj/fix_f_451
...
ascon: don't skip wc_AsconAEAD128_Clear on auth error.
2026-03-10 19:31:20 -05:00
Daniel Pouzzner
e3e5179cf8
Merge pull request #9869 from JacobBarthelmeh/f356
...
fix for sanity checks on serial input
2026-03-10 19:30:46 -05:00
Daniel Pouzzner
df504300db
Merge pull request #9863 from JacobBarthelmeh/f361
...
Fix for setting curve using all caps with wolfSSL_set1_curves_list
2026-03-10 19:29:46 -05:00
Daniel Pouzzner
65092ab5eb
Merge pull request #9838 from SparkiDev/slhdsa_1
...
FIPS 205, SLH-DSA: implementation
2026-03-10 19:28:59 -05:00
Daniel Pouzzner
2ad5afaf4d
wolfcrypt/src/wc_slhdsa.c: fixes for uninited data reads in slhdsakey_wots_sign_chain_x4_*() and slhdsakey_wots_pk_from_sig_x4;
...
CMakeLists.txt, cmake/functions.cmake, cmake/options.h.in: fixes for -DWOLFSSL_SLHDSA.
2026-03-10 17:51:18 -05:00
Sean Parkinson
0683dab9ac
TLS: Better handling of parsing TLS extensions
...
TLSX_CSR2_Parse: check didn't include length bytes
TLSX_UseSRTP_Parse: validate profile_len
TLSX_CA_Names_Parse: fix for integer overflow
TLSX_SignatureAlgorithms_Parse: set new length before checking
TLSX_ECH_Parse: better parsing
2026-03-11 07:41:13 +10:00
Josh Holtrop
d37b51c3ce
Avoid one-byte read outside of allocated encrypted content buffer in wc_PKCS7_DecodeEnvelopedData()
2026-03-10 17:26:28 -04:00
JacobBarthelmeh
528b22140b
revert PR 9909
2026-03-10 14:47:21 -06:00
Paul Adelsbach
5bcb9d4966
Generate CRLs from unit test script
2026-03-10 13:25:12 -07:00
night1rider
0442918391
Add Zephyr 4.1+ build compatibility for wolfssl_tls_sock sample. Replace removed Kconfig options (PTHREAD_IPC, POSIX_CLOCK, NET_SOCKETS_POSIX_NAMES) with version-conditional config fragments and fix min/max macro collision with Zephyr's sys/util.h.
2026-03-10 14:23:47 -06:00
Kaleb Himes
4d1b603587
Implement peer review feedback.
2026-03-10 14:15:42 -06:00
kaleb-himes
b2520f120f
Ensure user-space wolfentropy builds of the v6 module compile the correct resource
2026-03-10 10:48:43 -06:00
JacobBarthelmeh
cbf5264d1c
replace comment character with allowed character
2026-03-10 10:23:10 -06:00
Sean Parkinson
b180a279b0
ML-KEM: Fixes for comments plus bug fixes
...
wc_MlKemKey_SharedSecretSize: Check len is not NULL before use.
wc_MlKemKey_DecodePrivateKey:
Don't set flags when public key hash fails.
ForceZero the private key on failure if copied.
2026-03-10 21:09:08 +10:00
Juliusz Sosinowicz
afed9d4b79
fixup! ProcessServerHello: verify extension lengths
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
ae3fcb5601
Update setup-msbuild action
...
F-534
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
62fca11726
Dockerfile: use https instead of http
...
F-532
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
3a8e4a34ce
ProcessSessionTicket: verify nonce length
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
2febc1c7f2
ProcessServerHello: verify extension lengths
...
F-428
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
186aaadf87
Pin actions/checkout version
...
F-529
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
9c4e77d47d
DoTls13ClientHello: session length is a sender side requirement
...
F-433
2026-03-10 09:52:06 +01:00
Juliusz Sosinowicz
8a57ca84c3
CheckCertCRL_ex: check cbRet after callback
...
F-432
2026-03-10 09:52:05 +01:00