The test jobs used actions/cache/restore with fail-on-cache-miss,
which aborted when the cache key was scoped to another PR or had
been evicted, even though the build job reported success.
Drop fail-on-cache-miss and add a fallback rebuild in the test
job, gated on the cache-hit output. Fast path is unchanged; on
miss the test job rebuilds locally and proceeds.
also, minor fixes:
linuxkm/lkcapi_aes_glue.c: in linuxkm_test_aescfb(), call the appropriate aes_cfb_test(), not aes_cfb_test().
linuxkm/lkcapi_glue.c: fix bugprone-macro-parentheses in REGISTER_ALG_OPTIONAL().
linuxkm/module_hooks.c: in updateFipsHash(), add suppression for clang-diagnostic-cast-function-type-strict warnings around actually-safe function pointer casts in call to wc_fips_generate_hash().
Refactor CMAC init to common function, add wc_AesNew_Id/Label API, do same for RSA new
functions, and add test init helpers for id[] support along with some test disable options
Introduce the WOLFSSL_MLKEM_DYNAMIC_KEYS option to allow dynamic allocation
of private and public key buffers in the MlKemKey struct. This change
enables right-sizing of buffers based on the actual ML-KEM level and eliminates
unnecessary memory usage for encapsulate-only operations.
Split make_check into two jobs to reduce CI time:
- make_check: 37 configs that interact with platform-specific features
(sys-ca-certs, Apple Security.framework, OpenSSL compat, networking)
continue to run on both Ubuntu and macOS.
- make_check_linux: 17 configs testing pure crypto algorithms,
preprocessor guards, or features with no macOS-specific code paths
now run on Linux only.
Also change make_user_settings_testwolfcrypt to Linux-only since
testwolfcrypt runs pure crypto tests with no platform-specific features.
Saves ~33 CI jobs with no loss of test coverage.
The WOLF_CRYPTO_CB_FREE path in wc_MlKemKey_Free, wc_dilithium_free,
and wc_ecc_free returned early when the crypto callback succeeded,
skipping local cleanup: ForceZero on private key material, PRF/hash
object frees (ML-KEM), SHAKE free and cached vector frees (ML-DSA),
and mp_forcezero on the private scalar and all hardware port frees
(ECC).
Any non-PKCS#11 callback returning 0 would silently leave key material
in memory. The PKCS#11 backend worked around this by returning
CRYPTOCB_UNAVAILABLE on success to force the fallthrough — a fragile
contract that is not part of the documented callback interface.
Fix by always continuing to software cleanup after invoking the
callback.
Remove the CRYPTOCB_UNAVAILABLE workaround from the three PKCS#11 free
dispatchers (ECC, ML-DSA, ML-KEM); they now return the real result of
C_DestroyObject.
Add PKCS#11 integration for ML-KEM with key generation,
encapsulation and decapsulation support through the crypto
callback path.
Includes ML-KEM PKCS#11 constants/types, key store handling,
token object lifecycle management, and ML-KEM key init helpers
for private-key ID/label workflows.
Align implementation details with current upstream conventions
and review feedback:
- internal wolfCrypt ML-KEM path only for PKCS#11
- inline ML-KEM key-type/flag checks in PKCS#11 code
- proper key template formatting and enum placement
- ensure TLS ML-KEM object storage behavior is compatible with
PKCS#11 ephemeral-key decapsulation flow
Fixed wc_AesEaxAuthDataUpdate to check eax for NULL before
dereferencing.
Fix AesSivCipher to delete/free AES if new/initialization succeeded.
Memsetting to 0 doesn't work when WC_DEBUG_CIPHER_LIFECYCLE is defined.
Added tests for:
- AES-EAX streaming
- AES-SIV
- Poly1305
- DES-CBC