Marco Oliverio
c4b4e6cd14
NameConstraints: support wildcard SAN
2026-05-28 15:19:20 +02:00
David Garske
2dd7947d27
Merge pull request #10483 from cconlon/pkcs8V1PublicKeyParse
...
ML-DSA: PKCS#8 parsing + EVP_PKCS82PKEY support
2026-05-27 17:41:30 -07:00
Sean Parkinson
971d2b051a
Merge pull request #10401 from night1rider/Early-heap-delcare-cmac
...
plumb caller heap into Cmac before cryptocb fires
2026-05-28 09:46:10 +10:00
Sean Parkinson
78a5740bac
Merge pull request #10504 from miyazakh/f-2180_pbkdf
...
f-2180: fix clamp iterations <= 0 to 1 instead of returning an error
2026-05-28 09:32:01 +10:00
Sean Parkinson
c92208076f
Merge pull request #10374 from kareem-wolfssl/zd21699
...
Enable all-zero shared secret check for Curve448/25519 by default. Ensure post_handshake_auth extension was sent before accepting post-handshake CertificateRequest message.
2026-05-28 09:29:49 +10:00
Sean Parkinson
eaadfb12ed
Merge pull request #10508 from JacobBarthelmeh/static_analysis_3
...
devcrypto fixes, forcezero on memory after use, RX64 GetHash port fix, blake2 stor64 alignment
2026-05-28 09:24:56 +10:00
Sean Parkinson
7bcc613bb0
Merge pull request #10478 from embhorn/zd21821
...
Fixes in SP int and DH
2026-05-28 09:00:41 +10:00
jordan
12d79d8838
wc_port: guard fcntl behind WOLFSSL_KERNEL_MODE.
2026-05-27 14:52:54 -05:00
David Garske
e55e8a9842
Merge pull request #10524 from JacobBarthelmeh/sgx
...
SGX build does not have fcntl.h
2026-05-27 12:06:05 -07:00
JacobBarthelmeh
4e491ed3db
Merge pull request #10511 from dgarske/zd21780
...
Fix minor compile error with `WOLFSSL_DEBUG_MEMORY`
2026-05-27 11:16:19 -06:00
JacobBarthelmeh
cd82d7e08d
Merge pull request #10529 from SparkiDev/sp_fixes_8
...
sp_int: fixes and added testing
2026-05-27 10:59:24 -06:00
David Garske
10020f9cc9
Fix minor compile error with WOLFSSL_DEBUG_MEMORY
2026-05-26 11:39:34 -07:00
David Garske
8199fda0a4
Merge pull request #10160 from Roy-Carter/feature/integrate_openssl_comp_fixes
...
OpenSSL compatibility layer extension
2026-05-26 10:39:14 -07:00
night1rider
291ec20d4e
stash caller heap before cryptocb fires so InitCmac_* callbacks can honor it
2026-05-26 09:51:59 -06:00
David Garske
a3f5260260
Merge pull request #10500 from rizlik/sha224_only
...
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
2026-05-26 08:05:47 -07:00
Tobias Frauenschläger
637c07798a
Finalize ML-DSA renaming
2026-05-26 14:54:30 +02:00
Sean Parkinson
c57a873824
sp_int: fixes and added testing
...
sp_set_bit(): check i is in range before use.
_sp_div_2(): Use a constant-time clamp as called by a constant-time
function.
_sp_sqr(): static buffer needs to be one larger for when ECC with P-521
is the largest size.
Add tests:
- Testing negative numbers with mp_read_raidx/mp_to_radix 10/16
- Testing negative numbers with mp_add_d/mp_sub_d
- Testing of mp_gcd without mp_lcm
- More testing of mp_mod_d and when negative numbers are used
- Check maximum values work for square. Check of _sp_sqr() bug
- Add testing of mp_add/sub_mod_ct
- Add testing of mp_cmp_mag
- Add testing of mp_mulmod/mp_sqrmod
- Add testing of mp_exch
- Add testing of mp_to_unsigned_bin_len_ct
- Add testing of mp_exptmod that uses base-2 windowing method.
- Add testing of mp_invmod_mont_ct
2026-05-26 13:52:57 +10:00
JacobBarthelmeh
8c0d3b7ea1
SGX build does not have fcntl.h
2026-05-22 23:20:36 -06:00
Chris Conlon
497de930fd
evp: support ML-DSA in wolfSSL_EVP_PKCS82PKEY() and wolfSSL_X509_check_private_key()
2026-05-22 14:56:14 -06:00
Chris Conlon
a9e15634db
asn: parse RFC 5958 PKCS#8 (OneAsymmetricKey) publicKey trailer in ToTraditional_ex()
2026-05-22 14:55:38 -06:00
Roy Carter
56e4612e4e
Fix : apply Julek pr notes
2026-05-22 19:01:05 +03:00
Roy Carter
c1a507e175
Feature: allow the usage of
...
wolfSSL_alert_type_string
wolfSSL_alert_desc_string
wolfSSL_EVP_DigestSign
wolfSSL_EVP_DigestVerify
in the openssl compatiility layer for wolfssl
2026-05-22 19:01:04 +03:00
Sean Parkinson
8597d9da83
Merge pull request #10496 from dgarske/fenrir_20260518
...
Various Fenrir fixes (F-2626, F-585, F-586, F-2638, F-1960, F-599)
2026-05-23 01:28:42 +10:00
Andrew Hutchings
8574fa995f
Merge pull request #10470 from JacobBarthelmeh/tropic
...
fix for tropic port AES key length used
2026-05-21 13:59:48 -07:00
JacobBarthelmeh
0073f3c879
dcp unlock added around aes forcezero, adjust align macro check
2026-05-21 09:34:28 -07:00
JacobBarthelmeh
70288b017f
add sanity check on AES key length
2026-05-20 16:02:56 -07:00
David Garske
782787276c
Merge pull request #10497 from Frauschi/mldsa_rename
...
ML-DSA renaming part 2
2026-05-20 11:24:09 -07:00
HIDEKI MIYAZAKI
03eb38e897
fix EVP_BytesToKey
2026-05-20 11:04:07 -07:00
Tobias Frauenschläger
1dffcffb80
Fix hashType comparison in SLH-DSA
2026-05-20 10:16:37 -07:00
Tobias Frauenschläger
2a30ce3c04
Rename ML-DSA wc_PqcSignatureType entry
2026-05-20 09:06:54 -07:00
HIDEKI MIYAZAKI
319f1d699d
fix clamp iterations <= 0 to 1 instead of returning an error
2026-05-20 07:25:35 -07:00
Marco Oliverio
408ea84c83
sha256: check no hw accelleartion is enabled with CB_ONLY_SHA256
2026-05-20 11:33:31 +02:00
JacobBarthelmeh
51698759fa
0 memset kop in devcrypto before use
2026-05-20 01:29:34 -07:00
JacobBarthelmeh
26bce72776
fix for devcrypto RSA size used
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
2a05c13db8
fix to use correct struct size for devcrypto memset
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
f7d595eec4
fix for Renesas RX64 GetHash on initial state
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
35f61aaa66
explicit cast to word16 before shift with RC2
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
a04b68243c
clear public/private key buffer after use in tropicsquare port
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
999e1b9f99
In NXP DCP port clear key buffer after use
2026-05-20 01:25:46 -07:00
JacobBarthelmeh
6ac6e5065e
fix for tropic port AES key length used
2026-05-20 00:43:36 -07:00
Tobias Frauenschläger
44074fd1df
More ML-DSA renaming
2026-05-19 14:09:09 -07:00
David Garske
dc56e87522
Merge pull request #10466 from Frauschi/slhdsa_cryptocb
...
Add CryptoCb support for SLH-DSA
2026-05-19 13:59:40 -07:00
David Garske
9a5bb8eb23
fix(signature): fenrir 2626 enforce min hash strength
2026-05-19 10:06:56 -07:00
David Garske
2fad30e394
fix(qat): fenrir 585 null-check buffers before memcpy
2026-05-19 10:06:56 -07:00
David Garske
0ea4fa0f97
fix(qat): fenrir 586 guard exit memcpy on error path
2026-05-19 10:06:56 -07:00
David Garske
a211f74a8d
fix(se050): fenrir 2638 zero ed25519 der buffer
2026-05-19 10:06:56 -07:00
David Garske
583bd6bc4e
fix(kcapi): fenrir 1960 zero ecdh secret before free
2026-05-19 10:06:56 -07:00
David Garske
66e5b8fd14
fix(stm32): fenrir 599 capture sign from input mp_int
2026-05-19 10:06:55 -07:00
David Garske
583dbaff60
Merge pull request #10488 from padelsbach/lms-xmss-test-sig-cmp
...
Update LMS and XMSS key advance test
2026-05-19 10:04:12 -07:00
Marco Oliverio
0c8cabedff
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
2026-05-19 10:22:06 +02:00