JacobBarthelmeh
|
668d69b73a
|
Merge pull request #9988 from kareem-wolfssl/zd21356
Check raw pubkey length in wc_ecc_import_x963 before copying to it for KCAPI case.
|
2026-03-17 14:12:11 -06:00 |
|
David Garske
|
a98cb451c5
|
Merge pull request #9948 from SparkiDev/sp_int_comment_fixes_1
sp_int.c: comment fixes
|
2026-03-17 07:38:48 -07:00 |
|
JacobBarthelmeh
|
6f386fd6b2
|
Merge pull request #9981 from julek-wolfssl/fenrir/260316
Fenrir fixes
|
2026-03-17 08:36:11 -06:00 |
|
David Garske
|
e023c1793d
|
Merge pull request #9989 from JacobBarthelmeh/ecc
add sanity check on keysize found with ECC point import
|
2026-03-17 06:14:40 -07:00 |
|
JacobBarthelmeh
|
44de734fa3
|
add sanity check on keysize found with ECC point import
|
2026-03-16 16:57:50 -06:00 |
|
Kareem
|
ddc177b669
|
Check raw pubkey length in wc_ecc_import_x963 before copying to it for KCAPI case.
|
2026-03-16 15:34:18 -07:00 |
|
Juliusz Sosinowicz
|
7c92fb204d
|
Use constant-time PKCS#7 padding check in EVP
F-763
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
fac08427e5
|
Fix missing op validation in EVP_PKEY_decrypt
F-747
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
5f7bc0f3a6
|
Clear sensitive stack buffers in ed448 signing
F-765
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
109e765b5b
|
Clear sensitive stack buffers in ed25519 signing
F-764
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
e4b55be65a
|
Use mp_forcezero for DH private key in async path
F-766
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
643427040b
|
Clear seed buffer after dilithium key generation
F-767
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
4ee9a263f0
|
Fix resource leak in wc_InitEccsiKey_ex error path
F-752
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
b168bfaa6a
|
Check wc_ecc_init_ex return value in wc_GetKeyOID
F-749
|
2026-03-16 15:15:11 -07:00 |
|
Juliusz Sosinowicz
|
265fbdb3dd
|
Check wc_InitRsaKey return value in wc_GetKeyOID
F-748
|
2026-03-16 15:15:11 -07:00 |
|
David Garske
|
b5c532703a
|
Merge pull request #9954 from kareem-wolfssl/gh9951
Fix potential overflows in used size calculation in generic, TI and SE050 hash functions.
|
2026-03-16 15:09:22 -07:00 |
|
David Garske
|
da635c9004
|
Merge pull request #9980 from anhu/sphincs_no_elseif
Fixes SPHINCS else-if chain key detection
|
2026-03-16 15:03:59 -07:00 |
|
David Garske
|
90377e10c5
|
Merge pull request #9979 from anhu/falcon_no_elseif
Fixes Falcon else-if chain key detection
|
2026-03-16 15:03:43 -07:00 |
|
David Garske
|
96661a5dab
|
Merge pull request #9977 from JacobBarthelmeh/multi-test
Minor fixes for nightly multi-test tool
|
2026-03-16 14:31:39 -07:00 |
|
JacobBarthelmeh
|
57f416fc43
|
Merge pull request #9961 from sebastian-carpenter/tls-ech-coverity
minor coverity fixes for tls ech code
|
2026-03-16 15:27:27 -06:00 |
|
Daniel Pouzzner
|
416072f298
|
Merge pull request #9969 from Frauschi/mlkem_wconversion
ML-KEM Wconversion fixes
|
2026-03-16 15:03:26 -05:00 |
|
David Garske
|
87906a38ab
|
Merge pull request #9974 from JacobBarthelmeh/oss-fuzz
fix to free CRL reason extension
|
2026-03-16 13:46:34 -06:00 |
|
JacobBarthelmeh
|
7de150eff0
|
Merge pull request #9975 from rlm2002/coverity
20260313 Coverity changes
|
2026-03-16 12:52:27 -06:00 |
|
Anthony Hu
|
2939ab7f6a
|
Fixes SPHINCS else-if chain key detection
F-751
|
2026-03-16 11:20:19 -04:00 |
|
Anthony Hu
|
3b36db0c9d
|
Fixes Falcon else-if chain key detection
F-750
|
2026-03-16 10:55:28 -04:00 |
|
Sean Parkinson
|
9590255ceb
|
XMSS: Fix index copy for signing.
The index is already big-endian encoded but it needs to be front padded
with zeros instead of back end padded.
|
2026-03-16 21:24:08 +10:00 |
|
JacobBarthelmeh
|
8f810c2705
|
clear q with integer.c and mp_div_3 in error case
|
2026-03-16 00:09:37 -06:00 |
|
JacobBarthelmeh
|
73e425923b
|
setting heap pointer based on if key is null
|
2026-03-16 00:08:04 -06:00 |
|
Ruby Martin
|
8b7b6754d9
|
macro guard with WOLFSSL_SMALL_STACK to prevent dead code
|
2026-03-13 17:03:02 -06:00 |
|
Kareem
|
0b26791168
|
Code review feedback
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
3cc15548bc
|
Code review feedback. Error out on len = 0 as well.
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
0a082b08ca
|
Code review feedback
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
42b321a7d3
|
Use safe sum of used size after calculating it. No reason to redo the additions. Fixes unused variable warning as well.
Fix different type addition in hash.c.
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
d205fcac87
|
Fix potential overflows in two additional hash functions.
Thanks to Arjuna Arya for the report.
Fixes #9955.
|
2026-03-13 15:57:18 -07:00 |
|
Kareem
|
091016a149
|
Ensure se050Ctx->used does not overflow in se050_hash_update.
Thanks to Arjuna Arya for the report.
Fixes #9951.
|
2026-03-13 15:57:18 -07:00 |
|
JacobBarthelmeh
|
bbf3beef35
|
fix to free CRL reason extension
|
2026-03-13 16:17:52 -06:00 |
|
Tobias Frauenschläger
|
3b4e51c150
|
ML-KEM Wconversion fixes
* fix -Wconversion warnings
* allow APIs without RNG usage in case WC_NO_RNG is defined
|
2026-03-13 21:22:48 +01:00 |
|
Chris Conlon
|
aa9ee8b4fa
|
Merge pull request #9963 from JacobBarthelmeh/caam
fixes for CAAM port without hash store
|
2026-03-13 13:45:08 -06:00 |
|
sebastian-carpenter
|
47a24d7b90
|
minor coverity fixes for tls ech
|
2026-03-13 11:04:44 -06:00 |
|
JacobBarthelmeh
|
156db7dd2d
|
Merge pull request #9831 from julek-wolfssl/pytho-3.13.4
Fixes to run python with --enable-all
|
2026-03-13 10:50:23 -06:00 |
|
David Garske
|
0792c674c5
|
Merge pull request #9960 from philljj/fix_coverity
asn: fix coverity null deref warnings.
|
2026-03-13 06:58:41 +01:00 |
|
David Garske
|
00cd1a7c22
|
Merge pull request #9962 from night1rider/ecc-dilithium-callback-free-fix
Fix expected callback behavior for ECC/Dilithium for Free Callbacks
|
2026-03-13 06:19:31 +01:00 |
|
David Garske
|
cdacf3a53e
|
Merge pull request #9964 from SparkiDev/asm_gen_fixes_1
SP fixes: 32-bit ARM assembly fixes
|
2026-03-13 06:16:57 +01:00 |
|
Sean Parkinson
|
bac0563669
|
Merge pull request #9919 from anhu/lms-leaf-idx
Fix buffer-overflow in LMS leaf cache indexing
|
2026-03-13 10:02:50 +10:00 |
|
Sean Parkinson
|
d23cb79f18
|
SP fixes: 32-bit ARM assembly fixes
mod_exp: subtract from 32 instread of 64 as n is 32 bits
sp_521_ecc_mulmod_fast: look up the last point in constant time when
required.
|
2026-03-13 09:37:28 +10:00 |
|
JacobBarthelmeh
|
424af6eb5b
|
Merge pull request #9956 from rlm2002/coverity
20260311 Coverity changes
|
2026-03-12 16:53:39 -06:00 |
|
JacobBarthelmeh
|
357c2ad8e9
|
fixes for CAAM port without hash store
|
2026-03-12 15:55:19 -06:00 |
|
night1rider
|
cdbd19551e
|
Have ret initialized to 0 in wc_ecc_free() and wc_dilithium_free()
|
2026-03-12 15:40:38 -06:00 |
|
night1rider
|
2626f976f5
|
Update the PKCS11 ECC and dilithium free handlers so they will now return CRYPTOCB_UNAVAILABLE after attempting the context free so the caller still does software cleanup on the rest of the context that the callback does not handle.
|
2026-03-12 15:18:56 -06:00 |
|
JacobBarthelmeh
|
80ba723e16
|
Merge pull request #9943 from philljj/fix_evp_set_iv_length
evp: check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length.
|
2026-03-12 14:47:32 -06:00 |
|