Re-implemented wc_PKCS12_PBKDF() to not use MP. Added tests to
unit.test.
sp_int.c:
Fixes to comments.
Added more define build options documentation to top of file.
Fixes for builds with WOLFSSL_SP_INT_NEGATIVE defined.
Fixes for when a->used is 0 and no underflow - not actually a problem
but cleaner code.
sp_sub has different checks on a->used when values are only positive.
sp_dic_2d missing check for e less than zero.
sp_to_unsigned_bin_len_ct: remove redundant check of outSz. Change i
to int to handle a->used of 0 and make code tidier.
Configuration testing fixes.
Fix formatting in test.c.
Added 128-bit types word128 and sword128 for cleaner PKCS#12 code.
- wolfSSL_X509_verify_cert: add host check from `ctx->param`
- wolfSSL_X509_verify_cert: Set `ctx->error_depth` on error
- Use WOLFSSL_-prefixed error constants (always available) instead of
OPENSSL_COEXIST-guarded macros, fixing error code mismatch in
coexist builds
- Set ctx->current_cert = orig on hostname/IP mismatch so error
reporting aligns with error_depth = 0 (leaf cert)
- Add IP address verification test cases (match + mismatch)
- Copy TLS 1.3 traffic secrets and DTLS 1.3 epoch/cipher state to the
write-dup side in DupSSL so key updates can be performed.
- Delegate KeyUpdate responses from the read side to the write side via
the shared WriteDup struct, for both peer-initiated and local key
updates.
- Delegate DTLS 1.3 ACK sending from the read side to the write side.
- Track DTLS 1.3 KeyUpdate ACKs: write side records the in-flight
KeyUpdate epoch/seq, read side sets keyUpdateAcked when the matching
ACK arrives.
- Delegate post-handshake certificate authentication (CertificateRequest
processing) from the read side to the write side, transferring
transcript hashes, cert context, and signature parameters.
- Reset prevSent/plainSz to prevent stale values from SendData to think
that data was already sent.
- Refactor FreeHandshakeHashes into Free_HS_Hashes for reuse.
- Move DTLS 1.3 epoch initialization earlier in InitSSL so the
write-dup early-return path has valid epoch state.
- Add tests for write dup with all protocol versions, key update,
post-handshake auth, and WANT_WRITE recovery.
- Add --enable-all --enable-writedup to CI os-check matrix.
wolfssl/ssl.h, examples/client/client.c, examples/server/server.c, src/bio.c, tests/api.c: add error tracing for WOLFSSL_SHUTDOWN_NOT_DONE.
tests/api.c: in test_wolfSSL_read_write_ex(), use WOLFSSL_SUCCESS rather than 1 for expected-success wolfSSL_shutdown()s, and add note that the wrong value is being returned (the test currently always fails, which is masked by an always-success retval).
- better ifdef's in hpke api.c tests
- updated ssl_ech.c to use wc_HpkeKemGetEncLen in both locations
- removed Ndh check in hpke.c, made it inline with the ecc cases
- Route BIO_ctrl_pending, BIO_reset, and BIO_get_mem_data through the custom method's ctrlCb when set, enabling fully custom BIO types to handle these operations.
- Add test_wolfSSL_BIO_custom_method that exercises a custom BIO with all callbacks (create, destroy, read, write, puts, gets, ctrl) and verifies each callback is invoked via bitfield tracking.
* Enable ML-KEM by default in build systems (autoconf and CMake)
* Only allow three to-be-standardized hybrid PQ/T combinations by
default
* Use X25519MLKEM768 as the default KeyShare in the ClientHello (if user
does not override that). When Curve25519 is disabled, then either
WOLFSSL_SECP384R1MLKEM1024 or WOLFSSL_SECP256R1MLKEM768 is used as
default depending on the ECC configuration
* Disable standalone ML-KEM in supported groups by default (enable with
--enable-tls-mlkem-standalone)
* Disable extra OQS-based hybrid PQ/T curves by default and gate
behind --enable-experimental (enable with --enable-extra-pqc-hybrids)
* Reorder the SupportedGroups extension to reflect the preferences
* Reorder the preferredGroup array to also reflect the same preferences
* Add async support for ML-KEM hybrids