mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 10:50:53 +02:00
610b109241
linuxkm/Makefile, linuxkm/linuxkm-fips-hash-wrapper.sh, linuxkm/linuxkm_memory.c: refactor coreKey extraction to use ELF tools rather than WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE and user_settings.h. linuxkm/module_hooks.c: add stack measurement for wc_RunAllCast_fips(). tests/api/test_slhdsa.c: frivolous initialization to work around a false positive -Wmaybe-uninitialized in slhdsa_der_roundtrip_one(). wolfcrypt/src/wc_slhdsa.c, wolfssl/wolfcrypt/wc_slhdsa.h: * refactor lifecycle management for SHA-2 objects to fix a leak via wc_SlhDsaKey_CheckKey(). * add support for WC_SLHDSA_NO_ASM. * add WOLFSSL_SLHDSA_VERIFY_ONLY gates around prototypes, to get compile-time failures for misuse. wolfcrypt/test/test.c: * clean up myFipsCb() and restore usability of TEST_ALWAYS_RUN_TO_END with bad FIPS hash (useful test coverage). * add wc_RunAllCast_fips() to wolfcrypt_test(). * when WOLFSSL_KERNEL_MODE or BENCH_EMBEDDED, force on WOLFSSL_SLHDSA_VERIFY_ONLY unless WOLFSSL_SLHDSA_FORCE_FULL_TESTS is defined. wolfssl/wolfcrypt/settings.h: * add WC_MLKEM_NO_ASM to WOLFSSL_LINUXKM section to work around asm bug. * remove clause in WOLFSSL_KERNEL_MODE section that forced on WOLFSSL_SLHDSA_VERIFY_ONLY.
Before creating any new configure files (.conf) read the CONF_FILES_README.md