Files
wolfssl/wolfcrypt
Daniel Pouzzner 610b109241 fixes for fips#379 and related:
linuxkm/Makefile, linuxkm/linuxkm-fips-hash-wrapper.sh, linuxkm/linuxkm_memory.c: refactor coreKey extraction to use ELF tools rather than WOLFCRYPT_FIPS_CORE_DYNAMIC_HASH_VALUE and user_settings.h.

linuxkm/module_hooks.c: add stack measurement for wc_RunAllCast_fips().

tests/api/test_slhdsa.c: frivolous initialization to work around a false positive -Wmaybe-uninitialized in slhdsa_der_roundtrip_one().

wolfcrypt/src/wc_slhdsa.c,  wolfssl/wolfcrypt/wc_slhdsa.h:
* refactor lifecycle management for SHA-2 objects to fix a leak via wc_SlhDsaKey_CheckKey().
* add support for WC_SLHDSA_NO_ASM.
* add WOLFSSL_SLHDSA_VERIFY_ONLY gates around prototypes, to get compile-time failures for misuse.

wolfcrypt/test/test.c:
* clean up myFipsCb() and restore usability of TEST_ALWAYS_RUN_TO_END with bad FIPS hash (useful test coverage).
* add wc_RunAllCast_fips() to wolfcrypt_test().
* when WOLFSSL_KERNEL_MODE or BENCH_EMBEDDED, force on WOLFSSL_SLHDSA_VERIFY_ONLY unless WOLFSSL_SLHDSA_FORCE_FULL_TESTS is defined.

wolfssl/wolfcrypt/settings.h:
* add WC_MLKEM_NO_ASM to WOLFSSL_LINUXKM section to work around asm bug.
* remove clause in WOLFSSL_KERNEL_MODE section that forced on WOLFSSL_SLHDSA_VERIFY_ONLY.
2026-05-05 11:02:13 -05:00
..
2026-05-05 11:02:13 -05:00
2026-05-05 11:02:13 -05:00