Commit Graph

30513 Commits

Author SHA1 Message Date
Daniele Lacamera c7684acb6c Renode docker: fixed permission 2026-05-05 13:03:42 +02:00
Daniele Lacamera 2c7bc0d1b3 Removed toLower 2026-05-05 13:03:42 +02:00
Daniele Lacamera b695dd37b4 Remove artifact upload, address copilot's, fix docker boundary 2026-05-05 13:03:42 +02:00
Daniele Lacamera b69ea6659b Add github workflow to check for wolfboot regressions 2026-05-05 13:03:41 +02:00
Jeremiah Mackey 3f371828c6 tests: cover private-key flag rejection on export 2026-05-05 04:36:16 +00:00
Jeremiah Mackey 6a1b737dae PKCS7 PWRI decrypt: parse PBKDF2 prf 2026-05-05 04:36:16 +00:00
Jeremiah Mackey 9f79f79d86 wc_Entropy_GetRawEntropy: hold entropy_mutex 2026-05-05 04:36:16 +00:00
Jeremiah Mackey 19ff338be9 mp_cond_swap_ct: branchless masked XOR 2026-05-05 04:36:16 +00:00
Thomas Cook dde0d56416 Fix a few issues with "make rpm" 2026-05-04 18:38:39 -04:00
David Garske 02dfd12466 Merge pull request #10376 from rlm2002/coverity
20260501 Coverity Fixes
2026-05-04 15:15:11 -07:00
sebastian-carpenter 61ba5378fe TLS ECH compliance fixes 2026-05-04 15:46:18 -06:00
Daniel Pouzzner 5ffdb9f6b9 Merge pull request #10295 from lealem47/hal_xtime
Allow custom time functions on STM32
2026-05-04 13:22:50 -05:00
Jeremiah Mackey f3c3687efc wc_hash2sz: fix SHA-224 size to 28 2026-05-04 17:18:39 +00:00
Jeremiah Mackey cf9f852db6 validate preconditions at public API boundary 2026-05-04 17:18:39 +00:00
Tobias Frauenschläger 1411046a98 Retry hostap tests up to 2 times to reduce flakyness 2026-05-04 18:41:36 +02:00
night1rider 25c8a9aad5 workflow tests for zephyr 4.3 and 4.1 2026-05-04 09:39:04 -06:00
Chris Conlon fe4473fbea Add ML-DSA SPKI/PKCS#8 DER support to d2i_PUBKEY and d2i_PrivateKey. 2026-05-04 09:24:02 -06:00
JacobBarthelmeh f3496ca2d3 add macro to known macro extras list 2026-05-04 09:05:38 -06:00
Tobias Frauenschläger bbcfa97144 SLH-DSA Wconversion fixes 2026-05-04 13:58:00 +02:00
Tobias Frauenschläger 1093a36bc3 Fix flaky tcp bind on Windows test runs
Windows test code pre-picked a random port via GetRandomPort() (returning
a value in [49152, 65535]) before calling bind(), with no check that the
port was free and no retry on collision. Under load this occasionally
collided with an already-bound port and aborted the test with
"tcp bind failed", producing intermittent Jenkins failures (e.g. PRB
windows-test-v2 #17140 in the OCSP responder test).

The Unix path already does the right thing: bind to port 0 (OS-assigned
ephemeral) and read the port back via getsockname(). The same primitives
exist in Winsock 1.1, so drop the USE_WINDOWS_API guard around the
getsockname block in tcp_listen()/udp_accept() and remove the per-caller
GetRandomPort() workarounds in the OCSP responder, server example, and
the api.c / test_ossl_bio.c test sites. socklen_t is already typedef'd
as int on Windows in test.h.

GetRandomPort() itself is left in place since it is a static inline in a
shipped public test header.
2026-05-04 10:35:04 +02:00
Tobias Frauenschläger 3524ece54e Fix PQC key exchange with multiple KEM key shares 2026-05-04 10:32:45 +02:00
Takashi Kojo 691900ac05 Improve argument descriptions 2026-05-02 10:31:03 +09:00
Takashi Kojo 582f505abf test_mldsa_x509_pubkey_sigtype to TEST_MLDSA_DECLS 2026-05-02 08:19:19 +09:00
Takashi Kojo 048a2e66e1 check candidate runnability before probing ML-DSA support 2026-05-02 08:15:22 +09:00
Takashi Kojo 69854c1cfd Fix for the comments 2026-05-02 08:15:22 +09:00
Takashi Kojo 1a6dee2bb3 Add ML-DSA to X509_get_pubkey and EVP_PKEY_base_id 2026-05-02 08:13:08 +09:00
Takashi Kojo 4c04ba306b fix error case in d2iTryAltDhKey 2026-05-02 08:13:08 +09:00
JacobBarthelmeh da440d19a8 account for FIPS ready build and SE050 test 2026-05-01 16:00:19 -06:00
jackctj117 8d6afc84fb ci(linuxkm): test minimal DTLS 1.3 build + exports 2026-05-01 15:07:06 -06:00
Daniel Pouzzner 7b5330391b Merge pull request #10051 from anhu/mp_int_bounds
Add bounds checks for MP integer size in SizeASN_Items
2026-05-01 15:32:18 -05:00
Ruby Martin 3137d62cf3 fix issue where ToTraditional_ex may assign negative value to *pkeySz 2026-05-01 14:06:51 -06:00
Ruby Martin 00e1fa651f Adds tmpSz so int is not cast to word32 in wc_d2i_PKCS12 2026-05-01 13:36:33 -06:00
Ruby Martin 001939d663 Call ForceZero on sensitive buffers 2026-05-01 13:36:33 -06:00
JacobBarthelmeh b3e9e51967 extra sanity check for hash of all 0's 2026-05-01 13:27:39 -06:00
jackctj117 0870e86d82 docs(linuxkm): document DTLS 1.3 configure flags 2026-05-01 13:01:23 -06:00
Chris Conlon df8e2eedb3 x509: fix malformed AKID extension from wolfSSL_X509_set_authority_key_id 2026-05-01 10:04:31 -06:00
JacobBarthelmeh 5b4ad8690e update function comments 2026-05-01 09:43:52 -06:00
JacobBarthelmeh d9361e2d8c use INVALID_DEVID in benchmark and copy over heap hint with XMSS export pub 2026-05-01 09:43:51 -06:00
JacobBarthelmeh 78564f0c78 fix XMSS heap hint use 2026-05-01 09:43:25 -06:00
JacobBarthelmeh e5d27b61dc use heap hints where possible in benchmark 2026-05-01 09:43:24 -06:00
Ruby Martin c2d44b4359 Bound by curSz in PKCS12 ContentInfo parsing 2026-05-01 09:37:45 -06:00
Ruby Martin 3a799bd451 zeroize unicodePasswd before breaking 2026-05-01 09:21:04 -06:00
Josh Holtrop 3ca70e585a Allow SubjectInfoAccess extension without id-ad-caRepository entry
Previously parsing a SubjectInfoAccess certificate containing a
SubjectInfoAccess extension that did not contain an id-ad-caRepository
resulted in an error.
2026-05-01 07:57:04 -04:00
Tobias Frauenschläger 5151a695bc Merge pull request #10373 from douzzer/20260430-ecc_test_vector_item-WC_MIN_DIGEST_SIZE
20260430-ecc_test_vector_item-WC_MIN_DIGEST_SIZE
2026-05-01 08:57:53 +02:00
Andrew Hutchings a4b754ab5d Add STSAFE A120 CI support
Adds our STSAFE A120 simulator to the CI, adds STSAFE to configure.ac
and fix missing required header.
2026-05-01 07:12:55 +01:00
Daniel Pouzzner d8797f59c4 Merge pull request #10261 from Frauschi/slh-dsa
Replace liboqs SPHINCS+ with SLH-DSA in certificate layer
2026-04-30 23:52:36 -05:00
Mark Atwood d48b0700af fix: update Ed448 DER Doxygen prototypes to match public header 2026-04-30 15:38:04 -07:00
Ruby Martin 1bf33bcc0b PKCS12 and unicode password size check improvement 2026-04-30 16:30:29 -06:00
lealem47 8541142a10 Merge pull request #10361 from dgarske/stm32u3
Add STM32U3 hardware crypto support
2026-04-30 16:30:26 -06:00
Daniel Pouzzner 70d5d86dda wolfcrypt/test/test.c: in ecc_test_vector_item(), don't attempt wc_ecc_verify_hash() if the test vector's message (hash) is shorter than WC_MIN_DIGEST_SIZE. 2026-04-30 17:00:40 -05:00