Daniel Pouzzner
dc326f8c70
Merge pull request #10691 from julek-wolfssl/tls13-fragmented-sessionticket-defrag
...
TLS 1.3: reassemble fragmented post-handshake messages after FreeArrays
2026-07-03 00:50:10 -05:00
Daniel Pouzzner
ec37935a1f
Merge pull request #10697 from Frauschi/zd21977
...
Even more missing ForceZero in ML-KEM / ML-DSA
2026-07-03 00:47:57 -05:00
Daniel Pouzzner
3c72ada3b1
Merge pull request #10711 from kareem-wolfssl/zd21987
...
Add a NULL check to refineSuites.
2026-07-03 00:47:08 -05:00
Daniel Pouzzner
460b7ad041
Merge pull request #10742 from tjko/rpi_compile
...
Fix compiler error when WOLFSSL_RPIPICO is used.
2026-07-03 00:45:19 -05:00
Daniel Pouzzner
47b7d6ff04
Merge pull request #10739 from JacobBarthelmeh/test
...
fix for nightly memory allocation test cases with LMS
2026-07-03 00:44:29 -05:00
Daniel Pouzzner
f5538d9ba4
Merge pull request #10758 from julek-wolfssl/fix-ocsp-stapling-tls13multi-wait-timeout
...
Bound waited example servers with timeout to fix flaky CI test hangs
2026-07-03 00:43:55 -05:00
Daniel Pouzzner
27e160fa53
Merge pull request #10764 from embhorn/gh10761
...
Fix TLS1.2 error code correction
2026-07-03 00:41:35 -05:00
David Garske
0ecc0c5973
Merge pull request #10828 from SparkiDev/sp_func_block_comment_1
...
SP: fix function block comments
2026-07-02 15:53:03 -07:00
Daniel Pouzzner
9d3152cae2
Merge pull request #10708 from rlm2002/support-fixes
...
Support fixes - various reports
2026-07-02 12:51:11 -05:00
David Garske
d390a98f64
Merge pull request #10754 from SparkiDev/arm64_asm_c_fallback
...
Aarch64 asm: Have software fallback and CPU id checks
2026-07-02 09:30:19 -07:00
Tobias Frauenschläger
4de819075f
Merge pull request #10835 from yosuke-wolfssl/fix/cert
...
certs: re-sign orphaned rsapss/mldsa leaves and add chain guard
2026-07-02 11:34:59 +02:00
Yosuke Shimizu
b87edc2040
certs: re-sign orphaned rsapss/mldsa leaves and add chain guard
2026-07-02 10:34:06 +09:00
Daniel Pouzzner
076dc5a206
Merge pull request #10773 from rlm2002/coverity
...
24062026 Coverity fixes
2026-07-01 17:59:19 -05:00
Daniel Pouzzner
fd3b489ea5
Merge pull request #10787 from stenslae/update-wolfssl-email
...
Updated email to facts@wolfssl.com
2026-07-01 17:52:20 -05:00
Daniel Pouzzner
7dd269fc52
Merge pull request #10793 from embhorn/gh10790
...
Restore error code from DecodeGeneralName
2026-07-01 17:49:37 -05:00
Daniel Pouzzner
beca44b2fb
Merge pull request #10795 from embhorn/gh10791
...
Fix to send record_overflow alert
2026-07-01 17:45:43 -05:00
Daniel Pouzzner
22b552c668
Merge pull request #10809 from aidangarske/fenrir-6558-nameconstraints-minmax
...
Reject name constraint subtree with non-zero minimum or maximum
2026-07-01 17:38:28 -05:00
Daniel Pouzzner
fed8d6a57e
Merge pull request #10814 from kojiws/fix_ecc_31bytes_on_test
...
Fix ECC buffer test by correcting message length
2026-07-01 17:35:47 -05:00
Daniel Pouzzner
0703dc9c6e
Merge pull request #10815 from SparkiDev/tls13_test_cv_sig_alg
...
TLSv1.3 test: CertificateVerify signature algorithm test
2026-07-01 17:27:48 -05:00
Daniel Pouzzner
7afcc3eef6
Merge pull request #10687 from rlm2002/zd-NameConstraints
...
Name Constraints cert chain walk
2026-07-01 17:24:52 -05:00
Daniel Pouzzner
9f48aef47f
Merge pull request #10638 from rizlik/nc_uri_trailing_dot
...
NameConstraints fixes
2026-07-01 17:14:08 -05:00
Daniel Pouzzner
d733f203fa
Merge pull request #10663 from rizlik/pubkey_ecc_operation_cb
...
Introduce ECC Make PUB and ECC Check Pub crypto callbacks
2026-07-01 16:53:24 -05:00
Daniel Pouzzner
fb54c0a56e
Merge pull request #10734 from philljj/bsdkm_fixes
...
bsdkm: fenrir and misc cleanup.
2026-07-01 16:48:29 -05:00
Daniel Pouzzner
5a9a49d5d5
Merge pull request #10730 from rizlik/dtlsv13_interop
...
dtlsv13: fix: send correct CH2 when server do not send HRR
2026-07-01 16:40:29 -05:00
Daniel Pouzzner
64a0f384a4
Merge pull request #10780 from holtrop-wolfssl/rust-rename-dilithium-mldsa
...
Rust wrapper: rename dilithium to mldsa
2026-07-01 16:30:28 -05:00
Daniel Pouzzner
36437417b6
Merge pull request #10703 from holtrop-wolfssl/rust-validate-prefix-env-var
...
Rust wrapper: validate WOLFSSL_PREFIX in build.rs
2026-07-01 16:29:36 -05:00
Daniel Pouzzner
a66b87b926
Merge pull request #10645 from holtrop-wolfssl/rust-ed-verify-result-codes
...
Rust wrapper: fix signature incorrect return value from Ed448 and Ed25519 verify functions.
2026-07-01 16:28:44 -05:00
David Garske
c9e4b13be4
Merge pull request #10829 from douzzer/20260630-various-fixes
...
20260630-various-fixes
2026-07-01 14:28:27 -07:00
Daniel Pouzzner
323027d1d2
Merge pull request #10820 from lealem47/dh_min_sz
...
FIPS: Default to 2048 bit min DH crypto
2026-07-01 14:40:04 -05:00
Daniel Pouzzner
ed4fb32c92
fixes from Fenrir review:
...
linuxkm/linuxkm_wc_port.h: strcpy() takes 2 args.
wolfcrypt/src/aes.c: add VECTOR_REGISTERS_PUSH2() and use it to free tmp in smallstack path if the push fails.
2026-07-01 13:46:11 -05:00
Josh Holtrop
1e73f8e387
0 memset kop in devcrypto_x25519 before use
2026-07-01 11:35:55 -07:00
Daniel Pouzzner
8b29a95da4
* add WC_MAYBE_UNUSED attribute to AesEcbEncryptBlocks(), AesEcbDecryptBlocks(),
...
AesCbcEncryptBlocks(), AesCbcDecryptBlocks(), and AesCtrEncryptBlocks(), to
fix -Wunused-functions in default build with --enable-aesni under clang.
* in AesCfbDecrypt_C(), add smallstack implementation for fast inner loop on
intelasm/armasm.
2026-07-01 12:54:35 -05:00
Daniel Pouzzner
bb7b4ccc77
wolfcrypt/src/port/kcapi/kcapi_aes.c: add backward-compat code paths for authTagSz validation on old FIPS.
2026-07-01 12:48:02 -05:00
Daniel Pouzzner
41daf899b3
linuxkm/linuxkm_wc_port.h:
...
* when including kernel headers with gcc-17+, ignore -Wconstant-logical-operand.
* when CONFIG_KMSAN, explicitly map memcpy(), memset(), memmove(), strcpy(),
strncpy(), and strncat(), to clang builtins, to get proper __msan
interception.
* genericize WC_SANITIZE_DISABLE() and WC_SANITIZE_ENABLE() to cover both KASAN
and KMSAN, and use the generic macros in wc_linuxkm_stack_hwm_prepare() and
wc_linuxkm_stack_hwm_measure_rel().
2026-07-01 12:35:21 -05:00
JacobBarthelmeh
64a4c7a7ae
Merge pull request #10750 from night1rider/SHAKE-Callbacks
...
SHAKE 128/256 callback wiring and tests, along with fix to devCTX initialization
2026-07-01 10:53:57 -06:00
Lealem Amedie
f15681a6c1
Remove 9-bit prime generation testing, disallowed with DH_MIN_SIZE
2026-07-01 08:26:23 -06:00
Lealem Amedie
53fe0b3fc1
Adjust test.c for dh_min_sz
2026-07-01 08:26:23 -06:00
Lealem Amedie
d6a8e387c8
Fix syntax issue
2026-07-01 08:26:23 -06:00
Lealem Amedie
277bd66624
FIPS: Default to 2048 bit min DH crypto
2026-07-01 08:26:23 -06:00
Tobias Frauenschläger
9e71da21ac
Merge pull request #10751 from aidangarske/tinytls13
...
Add --enable-tinytls13 TLS 1.3-only footprint profile.
Merging with PRB-master-job failing. Failures are unrelated to this PR.
2026-07-01 15:21:04 +02:00
Kaleb Himes
6dae0c9dd4
Merge pull request #10818 from dgarske/dh_checkprivkey_prime
...
DH: honor explicit prime in wc_DhCheckPrivKey_ex (Fenrir F5317)
2026-07-01 05:34:47 -06:00
Sean Parkinson
9104a0d2d7
SP: fix function block comments
2026-07-01 19:35:30 +10:00
Koji Takeda
b98e43eeca
Fix wrong length on test message
2026-07-01 11:06:09 +09:00
Sean Parkinson
6315f95378
Aarch64 asm: Have software fallback and CPU id checks
...
cpuid.h — added CPUID_ASIMD flag + IS_AARCH64_ASIMD() macro (NEON detection).
cpuid.c — added NEON/ASIMD detection fixed FreeBSD/OpenBSD to use HWCAP_*
sha256.c — runtime dispatch SHA256-crypto → NEON → software
sha512.c — replaced the #error with the same crypto → NEON → software dispatch.
chacha.c: add AArch64 runtime fallback to C.
poly1305.c: add AArch64 runtime fallback to C.
Fixes
test_tls.c: don't memcpy into buffer if length is too long.
sha256.c: even if data is not NULL, return immediately when length is 0.
2026-07-01 09:32:28 +10:00
philljj
3fa342a76c
Merge pull request #10812 from douzzer/20260629-linuxkm-fixes
...
20260629-linuxkm-fixes
2026-06-30 13:36:04 -05:00
philljj
b5636ffaf9
Merge pull request #10696 from douzzer/20260615-linuxkm-fixes
...
20260615-linuxkm-fixes
2026-06-30 12:00:25 -05:00
Daniel Pouzzner
8820b810f2
Merge pull request #10725 from SparkiDev/aes_x25519_arm32_thumb2_fixes
...
ARM32/Thumb2: generated asm fixes
2026-06-30 10:47:03 -05:00
David Garske
07b677edba
Merge pull request #10744 from SparkiDev/arm64_asm_opt
...
ARM64 ASM: optimizations
2026-06-30 08:42:23 -07:00
David Garske
5fa08e767b
DH: honor explicit prime in wc_DhCheckPrivKey_ex (Fenrir F5317)
2026-06-30 07:49:00 -07:00
David Garske
8d63afab99
Merge pull request #10767 from SparkiDev/ppc64_ppc32_asm_1
...
PPC64/PPC32 ASM: AES, SHA-2, SHA-3
2026-06-30 07:13:35 -07:00