Daniele Lacamera
c7684acb6c
Renode docker: fixed permission
2026-05-05 13:03:42 +02:00
Daniele Lacamera
2c7bc0d1b3
Removed toLower
2026-05-05 13:03:42 +02:00
Daniele Lacamera
b695dd37b4
Remove artifact upload, address copilot's, fix docker boundary
2026-05-05 13:03:42 +02:00
Daniele Lacamera
b69ea6659b
Add github workflow to check for wolfboot regressions
2026-05-05 13:03:41 +02:00
Jeremiah Mackey
3f371828c6
tests: cover private-key flag rejection on export
2026-05-05 04:36:16 +00:00
Jeremiah Mackey
6a1b737dae
PKCS7 PWRI decrypt: parse PBKDF2 prf
2026-05-05 04:36:16 +00:00
Jeremiah Mackey
9f79f79d86
wc_Entropy_GetRawEntropy: hold entropy_mutex
2026-05-05 04:36:16 +00:00
Jeremiah Mackey
19ff338be9
mp_cond_swap_ct: branchless masked XOR
2026-05-05 04:36:16 +00:00
Thomas Cook
dde0d56416
Fix a few issues with "make rpm"
2026-05-04 18:38:39 -04:00
David Garske
02dfd12466
Merge pull request #10376 from rlm2002/coverity
...
20260501 Coverity Fixes
2026-05-04 15:15:11 -07:00
sebastian-carpenter
61ba5378fe
TLS ECH compliance fixes
2026-05-04 15:46:18 -06:00
Daniel Pouzzner
5ffdb9f6b9
Merge pull request #10295 from lealem47/hal_xtime
...
Allow custom time functions on STM32
2026-05-04 13:22:50 -05:00
Jeremiah Mackey
f3c3687efc
wc_hash2sz: fix SHA-224 size to 28
2026-05-04 17:18:39 +00:00
Jeremiah Mackey
cf9f852db6
validate preconditions at public API boundary
2026-05-04 17:18:39 +00:00
Tobias Frauenschläger
1411046a98
Retry hostap tests up to 2 times to reduce flakyness
2026-05-04 18:41:36 +02:00
night1rider
25c8a9aad5
workflow tests for zephyr 4.3 and 4.1
2026-05-04 09:39:04 -06:00
Chris Conlon
fe4473fbea
Add ML-DSA SPKI/PKCS#8 DER support to d2i_PUBKEY and d2i_PrivateKey.
2026-05-04 09:24:02 -06:00
JacobBarthelmeh
f3496ca2d3
add macro to known macro extras list
2026-05-04 09:05:38 -06:00
Tobias Frauenschläger
bbcfa97144
SLH-DSA Wconversion fixes
2026-05-04 13:58:00 +02:00
Tobias Frauenschläger
1093a36bc3
Fix flaky tcp bind on Windows test runs
...
Windows test code pre-picked a random port via GetRandomPort() (returning
a value in [49152, 65535]) before calling bind(), with no check that the
port was free and no retry on collision. Under load this occasionally
collided with an already-bound port and aborted the test with
"tcp bind failed", producing intermittent Jenkins failures (e.g. PRB
windows-test-v2 #17140 in the OCSP responder test).
The Unix path already does the right thing: bind to port 0 (OS-assigned
ephemeral) and read the port back via getsockname(). The same primitives
exist in Winsock 1.1, so drop the USE_WINDOWS_API guard around the
getsockname block in tcp_listen()/udp_accept() and remove the per-caller
GetRandomPort() workarounds in the OCSP responder, server example, and
the api.c / test_ossl_bio.c test sites. socklen_t is already typedef'd
as int on Windows in test.h.
GetRandomPort() itself is left in place since it is a static inline in a
shipped public test header.
2026-05-04 10:35:04 +02:00
Tobias Frauenschläger
3524ece54e
Fix PQC key exchange with multiple KEM key shares
2026-05-04 10:32:45 +02:00
Takashi Kojo
691900ac05
Improve argument descriptions
2026-05-02 10:31:03 +09:00
Takashi Kojo
582f505abf
test_mldsa_x509_pubkey_sigtype to TEST_MLDSA_DECLS
2026-05-02 08:19:19 +09:00
Takashi Kojo
048a2e66e1
check candidate runnability before probing ML-DSA support
2026-05-02 08:15:22 +09:00
Takashi Kojo
69854c1cfd
Fix for the comments
2026-05-02 08:15:22 +09:00
Takashi Kojo
1a6dee2bb3
Add ML-DSA to X509_get_pubkey and EVP_PKEY_base_id
2026-05-02 08:13:08 +09:00
Takashi Kojo
4c04ba306b
fix error case in d2iTryAltDhKey
2026-05-02 08:13:08 +09:00
JacobBarthelmeh
da440d19a8
account for FIPS ready build and SE050 test
2026-05-01 16:00:19 -06:00
jackctj117
8d6afc84fb
ci(linuxkm): test minimal DTLS 1.3 build + exports
2026-05-01 15:07:06 -06:00
Daniel Pouzzner
7b5330391b
Merge pull request #10051 from anhu/mp_int_bounds
...
Add bounds checks for MP integer size in SizeASN_Items
2026-05-01 15:32:18 -05:00
Ruby Martin
3137d62cf3
fix issue where ToTraditional_ex may assign negative value to *pkeySz
2026-05-01 14:06:51 -06:00
Ruby Martin
00e1fa651f
Adds tmpSz so int is not cast to word32 in wc_d2i_PKCS12
2026-05-01 13:36:33 -06:00
Ruby Martin
001939d663
Call ForceZero on sensitive buffers
2026-05-01 13:36:33 -06:00
JacobBarthelmeh
b3e9e51967
extra sanity check for hash of all 0's
2026-05-01 13:27:39 -06:00
jackctj117
0870e86d82
docs(linuxkm): document DTLS 1.3 configure flags
2026-05-01 13:01:23 -06:00
Chris Conlon
df8e2eedb3
x509: fix malformed AKID extension from wolfSSL_X509_set_authority_key_id
2026-05-01 10:04:31 -06:00
JacobBarthelmeh
5b4ad8690e
update function comments
2026-05-01 09:43:52 -06:00
JacobBarthelmeh
d9361e2d8c
use INVALID_DEVID in benchmark and copy over heap hint with XMSS export pub
2026-05-01 09:43:51 -06:00
JacobBarthelmeh
78564f0c78
fix XMSS heap hint use
2026-05-01 09:43:25 -06:00
JacobBarthelmeh
e5d27b61dc
use heap hints where possible in benchmark
2026-05-01 09:43:24 -06:00
Ruby Martin
c2d44b4359
Bound by curSz in PKCS12 ContentInfo parsing
2026-05-01 09:37:45 -06:00
Ruby Martin
3a799bd451
zeroize unicodePasswd before breaking
2026-05-01 09:21:04 -06:00
Josh Holtrop
3ca70e585a
Allow SubjectInfoAccess extension without id-ad-caRepository entry
...
Previously parsing a SubjectInfoAccess certificate containing a
SubjectInfoAccess extension that did not contain an id-ad-caRepository
resulted in an error.
2026-05-01 07:57:04 -04:00
Tobias Frauenschläger
5151a695bc
Merge pull request #10373 from douzzer/20260430-ecc_test_vector_item-WC_MIN_DIGEST_SIZE
...
20260430-ecc_test_vector_item-WC_MIN_DIGEST_SIZE
2026-05-01 08:57:53 +02:00
Andrew Hutchings
a4b754ab5d
Add STSAFE A120 CI support
...
Adds our STSAFE A120 simulator to the CI, adds STSAFE to configure.ac
and fix missing required header.
2026-05-01 07:12:55 +01:00
Daniel Pouzzner
d8797f59c4
Merge pull request #10261 from Frauschi/slh-dsa
...
Replace liboqs SPHINCS+ with SLH-DSA in certificate layer
2026-04-30 23:52:36 -05:00
Mark Atwood
d48b0700af
fix: update Ed448 DER Doxygen prototypes to match public header
2026-04-30 15:38:04 -07:00
Ruby Martin
1bf33bcc0b
PKCS12 and unicode password size check improvement
2026-04-30 16:30:29 -06:00
lealem47
8541142a10
Merge pull request #10361 from dgarske/stm32u3
...
Add STM32U3 hardware crypto support
2026-04-30 16:30:26 -06:00
Daniel Pouzzner
70d5d86dda
wolfcrypt/test/test.c: in ecc_test_vector_item(), don't attempt wc_ecc_verify_hash() if the test vector's message (hash) is shorter than WC_MIN_DIGEST_SIZE.
2026-04-30 17:00:40 -05:00