Merge branch 'master' into lpc55s69_crypto

Author: twcook86

.github/workflows/hostap-files/configs/07c9f183ea744ac04585fb6dd10220c75a5e2e74/tests

@@ -248,9 +248,6 @@ ap_wpa2_eap_tls_check_cert_subject_neg
 ap_wpa2_eap_tls_diff_ca_trust2
 ap_wpa2_eap_tls_domain_mismatch_cn
 ap_wpa2_eap_tls_domain_suffix_mismatch_cn
-ap_wpa2_eap_tls_intermediate_ca_ocsp_multi_missing_resp
-ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1
-ap_wpa2_eap_tls_intermediate_ca_ocsp_sha1
 ap_wpa2_eap_tls_neg_incorrect_trust_root
 ap_wpa2_eap_tls_ocsp_multi
 ap_wpa2_eap_tls_ocsp_multi_revoked
@@ -649,9 +646,6 @@ dpp_config_dpp_gen_secp521r1
 dpp_config_dpp_gen_secp521r1_prime256v1
 dpp_config_dpp_gen_secp521r1_secp384r1
 dpp_config_dpp_gen_secp521r1_secp521r1
-dpp_config_dpp_override_prime256v1
-dpp_config_dpp_override_secp384r1
-dpp_config_dpp_override_secp521r1
 dpp_config_error_legacy_invalid_psk
 dpp_config_error_legacy_no_pass
 dpp_config_error_legacy_no_pass_for_sae
@@ -691,7 +685,6 @@ dpp_config_no_discovery
 dpp_config_no_discovery_ssid
 dpp_config_no_signed_connector
 dpp_config_no_wi_fi_tech
-dpp_config_override_objects
 dpp_config_root_not_an_object
 dpp_config_save
 dpp_config_save2
@@ -748,12 +741,6 @@ dpp_hostapd_configurator_enrollee_v1
 dpp_hostapd_configurator_fragmentation
 dpp_hostapd_configurator_override_objects
 dpp_hostapd_configurator_responder
-dpp_hostapd_enrollee_fragmentation
-dpp_hostapd_enrollee_gas_errors
-dpp_hostapd_enrollee_gas_proto
-dpp_hostapd_enrollee_gas_timeout
-dpp_hostapd_enrollee_gas_timeout_comeback
-dpp_hostapd_enrollee_gas_tx_status_errors
 dpp_intro_mismatch
 dpp_invalid_configurator_key
 dpp_invalid_legacy_params
@@ -906,10 +893,6 @@ dpp_qr_code_auth_incompatible_roles2
 dpp_qr_code_auth_incompatible_roles_failure
 dpp_qr_code_auth_incompatible_roles_failure2
 dpp_qr_code_auth_incompatible_roles_failure3
-dpp_qr_code_auth_initiator_either_1
-dpp_qr_code_auth_initiator_either_2
-dpp_qr_code_auth_initiator_either_3
-dpp_qr_code_auth_initiator_enrollee
 dpp_qr_code_auth_mutual
 dpp_qr_code_auth_mutual2
 dpp_qr_code_auth_mutual_bp_256

.github/workflows/hostap-files/configs/b607d2723e927a3446d89aed813f1aa6068186bb/tests

@@ -347,7 +347,6 @@ ap_wpa2_eap_tls_ocsp_server_signed
 ap_wpa2_eap_tls_ocsp_invalid_data
 ap_wpa2_eap_tls_ocsp_invalid
 ap_wpa2_eap_tls_ocsp_unknown_sign
-ap_wpa2_eap_tls_intermediate_ca
 ap_wpa2_eap_tls_ocsp_multi_revoked
 ap_wpa2_eap_tls_domain_suffix_match_cn_full
 ap_wpa2_eap_tls_domain_match_cn
@@ -461,9 +460,6 @@ dpp_qr_code_auth_mutual_not_used
 dpp_qr_code_auth_mutual_curve_mismatch
 dpp_qr_code_auth_hostapd_mutual2
 dpp_qr_code_listen_continue
-dpp_qr_code_auth_initiator_enrollee
-dpp_qr_code_auth_initiator_either_2
-dpp_qr_code_auth_initiator_either_3
 dpp_config_legacy
 dpp_config_legacy_psk_hex
 dpp_config_fragmentation
@@ -475,9 +471,6 @@ dpp_config_dpp_gen_secp521r1
 dpp_config_dpp_gen_expiry
 dpp_config_dpp_gen_expired_key
 dpp_config_dpp_gen_3rd_party
-dpp_config_dpp_override_prime256v1
-dpp_config_dpp_override_secp384r1
-dpp_config_override_objects
 dpp_config_signed_connector_error_no_dot_1
 dpp_config_signed_connector_error_no_dot_2
 dpp_config_signed_connector_error_unexpected_signature_len
@@ -579,12 +572,6 @@ dpp_pkex_nak_curve_change2
 dpp_hostapd_configurator
 dpp_hostapd_configurator_responder
 dpp_hostapd_configurator_fragmentation
-dpp_hostapd_enrollee_fragmentation
-dpp_hostapd_enrollee_gas_timeout
-dpp_hostapd_enrollee_gas_timeout_comeback
-dpp_hostapd_enrollee_gas_errors
-dpp_hostapd_enrollee_gas_proto
-dpp_hostapd_enrollee_gas_tx_status_errors
 dpp_hostapd_configurator_override_objects
 dpp_own_config
 dpp_own_config_group_id

.github/workflows/hostap-vm.yml

@@ -2,14 +2,10 @@ name: hostap and wpa-supplicant Tests
 
 # START OF COMMON SECTION
 on:
-    workflow_dispatch: # Allows people to run it manually if they want but
-                       # disables it from running automatically when broken
-# To restore this to an auto test delete the above workflow_dispatch line and
-# comments and uncomment the below lines for push and pull_request
-#  push:
-#    branches: [ 'master', 'main', 'release/**' ]
-#  pull_request:
-#    branches: [ '*' ]
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -230,16 +226,6 @@ jobs:
         working-directory: hostap
         run: git checkout ${{ matrix.config.hostap_ref }}
 
-      - name: Update certs
-        working-directory: hostap/tests/hwsim/auth_serv
-        run: |
-          ./update.sh
-          ./sha512-generate.sh
-          # Force regeneration of rsa3072-ca.key to get rsa3072-generate.sh to
-          # correctly update all the certs
-          rm rsa3072-ca.key
-          ./rsa3072-generate.sh
-
       - if: ${{ matrix.config.osp_ref }}
         name: Checkout OSP
         uses: actions/checkout@v4
@@ -258,6 +244,20 @@ jobs:
             patch -p1 < $f
           done
 
+      - name: Update certs
+        working-directory: hostap/tests/hwsim/auth_serv
+        run: |
+          mkdir -p rootCA/newcerts
+          ./update.sh
+          ./ec-generate.sh
+          ./ec2-generate.sh
+          ./sha512-generate.sh
+          # Force regeneration of rsa3072-ca.key to get rsa3072-generate.sh to
+          # correctly update all the certs
+          rm rsa3072-ca.key
+          ./rsa3072-generate.sh
+          ./ica-generate.sh
+
       - name: Apply extra patches
         working-directory: hostap
         run: |

.github/workflows/pr-commit-check.yml

@@ -0,0 +1,41 @@
+name: PR commit message checks
+
+on:
+  pull_request:
+    branches: [ '**' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  commit-messages:
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Reject AI attribution trailers
+        env:
+          BASE_SHA: ${{ github.event.pull_request.base.sha }}
+          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+        run: |
+          set -euo pipefail
+          fail=0
+          while IFS= read -r sha; do
+            [ -z "$sha" ] && continue
+            if git log -1 --format=%B "$sha" | git interpret-trailers --parse | \
+               grep -iE '^(Co-authored-by|Signed-off-by):.*<?noreply@anthropic\.com>?' >/dev/null; then
+              echo "::error::Commit $sha contains a Co-authored-by or Signed-off-by trailer for noreply@anthropic.com"
+              git log -1 --format='  %h %s' "$sha"
+              fail=1
+            fi
+          done < <(git rev-list "$BASE_SHA".."$HEAD_SHA")
+          if [ "$fail" -ne 0 ]; then
+            echo "One or more commits contain disallowed AI attribution trailers; please amend them out."
+            exit 1
+          fi
+          echo "No disallowed AI attribution trailers found."

.github/workflows/puf.yml

@@ -0,0 +1,37 @@
+name: PUF Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  puf_host_test:
+    name: PUF host test
+    if: github.repository_owner == 'wolfssl'
+    runs-on: ubuntu-24.04
+    timeout-minutes: 6
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout wolfSSL
+
+      - name: Build and test PUF
+        run: |
+          ./autogen.sh
+          ./configure --enable-puf --enable-puf-test
+          make
+          ./wolfcrypt/test/testwolfcrypt
+
+      - name: Print errors
+        if: ${{ failure() }}
+        run: |
+          if [ -f test-suite.log ] ; then
+            cat test-suite.log
+          fi

.github/workflows/se050-sim.yml

@@ -12,15 +12,16 @@ concurrency:
   cancel-in-progress: true
 # END OF COMMON SECTION
 
-# Build the SE050 software simulator (https://github.com/LinuxJedi/SE050Sim),
-# build wolfSSL against its NXP Plug&Trust SDK + simulator bridge, and run the
-# wolfCrypt SE050 test binary against the simulator TCP server.
+# Build the SE050 software simulator (https://github.com/wolfSSL/simulators,
+# SE050Sim/ subdirectory), build wolfSSL against its NXP Plug&Trust SDK +
+# simulator bridge, and run the wolfCrypt SE050 test binary against the
+# simulator TCP server.
 #
 # The simulator's own Dockerfile (Dockerfile.wolfcrypt) clones wolfSSL master.
 # We patch it to COPY the PR checkout instead so CI reflects the PR's source.
 
 env:
-  SE050SIM_REF: 8fda9212c306fbee0dcd66f2dd52b13f65f13e00
+  SIMULATORS_REF: 745893640e21a15b7df8c70567c522953aba2f2c
 
 jobs:
   se050_sim:
@@ -36,14 +37,14 @@ jobs:
 
       - name: Clone SE050 simulator
         run: |
-          git clone https://github.com/LinuxJedi/SE050Sim se050sim
-          cd se050sim && git checkout "$SE050SIM_REF"
+          git clone https://github.com/wolfSSL/simulators simulators
+          cd simulators && git checkout "$SIMULATORS_REF"
 
       - name: Stage PR wolfSSL into simulator build context
-        run: mv wolfssl-src se050sim/wolfssl
+        run: mv wolfssl-src simulators/SE050Sim/wolfssl
 
       - name: Patch Dockerfile to use PR wolfSSL instead of upstream master
-        working-directory: se050sim
+        working-directory: simulators/SE050Sim
         run: |
           sed -i 's|^RUN git clone --depth 1 https://github.com/wolfSSL/wolfssl.git /app/wolfssl$|COPY wolfssl /app/wolfssl|' Dockerfile.wolfcrypt
           # Fail fast if the pattern drifted upstream -- better a clear error
@@ -56,8 +57,8 @@ jobs:
       - name: Build wolfCrypt-SE050 test image
         uses: docker/build-push-action@v5
         with:
-          context: se050sim
-          file: se050sim/Dockerfile.wolfcrypt
+          context: simulators/SE050Sim
+          file: simulators/SE050Sim/Dockerfile.wolfcrypt
           push: false
           load: true
           tags: wolfssl-se050-sim:ci

.wolfssl_known_macro_extras

@@ -652,6 +652,7 @@ WC_NO_VERBOSE_RNG
 WC_PKCS11_FIND_WITH_ID_ONLY
 WC_PKCS12_PBKDF_USING_MP_API
 WC_PROTECT_ENCRYPTED_MEM
+WC_PUF_SHA3
 WC_RNG_BANK_NO_DEFAULT_SUPPORT
 WC_RNG_BLOCKING
 WC_RSA_NONBLOCK
@@ -732,6 +733,7 @@ WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC
 WOLFSSL_DILITHIUM_SIGN_SMALL_MEM_PRECALC_A
 WOLFSSL_DILITHIUM_SMALL_MEM_POLY64
 WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+WOLFSSL_DRBG_SHA256
 WOLFSSL_DTLS_DISALLOW_FUTURE
 WOLFSSL_DTLS_RECORDS_CAN_SPAN_DATAGRAMS
 WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT
@@ -829,6 +831,7 @@ WOLFSSL_NO_KCAPI_HMAC_SHA256
 WOLFSSL_NO_KCAPI_HMAC_SHA384
 WOLFSSL_NO_KCAPI_HMAC_SHA512
 WOLFSSL_NO_KCAPI_SHA224
+WOLFSSL_NO_KTRI_ORACLE_WARNING
 WOLFSSL_NO_OCSP_DATE_CHECK
 WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
 WOLFSSL_NO_OCSP_OPTIONAL_CERTS
@@ -1131,3 +1134,4 @@ ssize_t
 sun
 versal
 wc_Tls13_HKDF_Expand_Label
+WOLFSSL_NO_LMS_SHAKE256_256

CMakeLists.txt

@@ -1772,6 +1772,28 @@ endif()
 
 # TODO: - XCHACHA
 
+# SRAM PUF
+add_option("WOLFSSL_PUF"
+    "Enable SRAM PUF support (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_PUF)
+    list(APPEND WOLFSSL_DEFINITIONS
+        "-DWOLFSSL_PUF"
+        "-DWOLFSSL_PUF_SRAM"
+        "-DHAVE_HKDF")
+    override_cache(WOLFSSL_HKDF "yes")
+endif()
+
+# PUF test mode (synthetic SRAM data injection)
+add_option("WOLFSSL_PUF_TEST"
+    "Enable PUF test mode with synthetic data (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_PUF_TEST)
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_PUF_TEST")
+endif()
+
 # Hash DRBG
 add_option("WOLFSSL_HASH_DRBG"
     "Enable Hash DRBG support (default: enabled)"

ChangeLog.md

@@ -1,3 +1,17 @@
+# wolfSSL Release (unreleased)
+
+## Enhancements
+
+* TLS 1.3: zero traffic key staging buffers in `SetKeysSide()` once a
+  CryptoCB callback has imported the AES key into a Secure Element
+  (`aes->devCtx != NULL`).  Clears `keys->{client,server}_write_key`
+  on the provisioned side(s) after cipher init succeeds.  The static
+  IV buffers (`keys->{client,server}_write_IV`,
+  `keys->aead_{enc,dec}_imp_IV`) are intentionally left intact because
+  `BuildTls13Nonce()` reads them on every AEAD record to construct the
+  per-record nonce.  Scoped to TLS 1.3, non-DTLS, non-QUIC; requires
+  `WOLF_CRYPTO_CB` and `WOLF_CRYPTO_CB_AES_SETKEY`.
+
 # wolfSSL Release 5.9.1 (Apr. 8, 2026)
 
 Release 5.9.1 has been developed according to wolfSSL's development and QA

IDE/WIN10/wolfssl-fips.vcxproj

@@ -318,6 +318,12 @@
     <ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
     <ClCompile Include="..\..\wolfcrypt\src\wolfevent.c" />
     <ClCompile Include="..\..\wolfcrypt\src\pkcs12.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\dilithium.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_lms.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_lms_impl.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_xmss.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_xmss_impl.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\wc_slhdsa.c" />
   </ItemGroup>
   <ItemGroup>
     <CustomBuild Include="..\..\wolfcrypt\src\aes_asm.asm">