| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
fix(crypto/bsl): fix bsl and ml-kem security check Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
Fix insufficient buffer size calculation for base64 encoding Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1392 | 1 个月前 | |
Remove libboundscheck (securec) dependency and harden sensitive data cleansing Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1086 | 2 个月前 | |
fix: remove duplicate #include Remove duplicate #include found across some source files. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1343 | 1 个月前 | |
fix(crypto/bsl): fix bsl and ml-kem security check Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
fix: remove hash erase shrink and harden resize boundary checks - remove shrink-on-erase behavior from the hash table - avoid partial split state advancement on level-transition realloc failure - fix NULL-hash handling in BSL_HASH_At and iterator value accessors - make create-time allocation checks match the actual list-array allocation size - use proper uint32_t overflow checks in resize arithmetic - free the last removed raw-list node through freeFunc - add SDV coverage for no-shrink erase iteration and hash boundary cases Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1314 | 1 个月前 | |
fix: resolve aarch64 assembly compatibility on macOS fix: add macOS AArch64 build support - Introduce CRYPT_AARCH64_* macros (crypt_arm.h) to abstract ELF/Mach-O differences in assembly (symbol declarations, section directives, and PC-relative addressing with adrp+add vs. adrp+lo12). - Prefix bsl_module_list.h list macros with BSL_ (LIST_INIT → BSL_LIST_INIT, etc.) to resolve name conflicts with macOS sys/queue.h definitions. - Add macOS-specific ARM CPU feature detection via sysctlbyname as an alternative to Linux getauxval/HWCAP, and fix register x18 usage in x25519_armv8.S (x18 is reserved by macOS ABI). | 2 个月前 | |
Support Pure cmake build build: Migrate build system from Python/JSON/CMake hybrid to pure CMake The previous build system mixed Python scripts and JSON configuration files with CMake, scattering build logic across multiple languages and formats. This made the system hard to understand and maintain, and required a Python interpreter at configure time. The build system has been rewritten entirely in CMake. Feature flags, dependency resolution, platform detection, compiler options, and config-header generation are now all expressed natively in CMake. For more details, see the "Build and Installation" section in README.md. | 2 个月前 | |
fix(crypto/bsl): fix bsl and ml-kem issue Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
Add independent BSL version API Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1623 | 3 天前 | |
Add SAN URI-ID and SRV-ID support for X.509 certificates Body Extend X.509 SAN handling to support URI-ID and SRV-ID per RFC 6125, including parsing, generation, and identity verification. Verification runs only when the corresponding SAN entries are present in the certificate. Add public verification helpers for URI-ID and SRV-ID, and register the id-on-dnsSRV OID for SRVName handling. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1592 | 11 天前 | |
Fixed missing validation and memory issues Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1597 | 11 天前 | |
Fix code review issues The main issues are concentrated on: the strictness of CMS attributes, the PBKDF2 iteration count for enc decryption file headers, the length estimation of stream-based Base64 encoding and decoding, the length accumulation of BSL_ParamMaker, the input length accumulation of PAKE KDF, the length accumulation of SPAKE2+ transcript, the UIO handle leakage in configuration files, and the issuance policy risk of x509 -copy_extensions copyall. Multiple alerts such as PAKE register stack overflow and double-free, ElGamal output length, one-time Base64 encoding, etc., are no longer valid in the current source code. It is suspected that these are false positives caused by old code results or repeated/truncated automated reports. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1394 | 1 个月前 | |
Remove libboundscheck (securec) dependency and harden sensitive data cleansing Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1086 | 2 个月前 | |
fix: guard termios.h and FSetAttr/FGetAttr with HITLS_BSL_UI Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1557 | 30 天前 | |
Remove libboundscheck (securec) dependency and harden sensitive data cleansing Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1086 | 2 个月前 | |
fix:Clean up sensitive data and fix some code issues Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1497 | 1 个月前 | |
fix(bsl/uio): support zero-length UDP datagrams - allow UDP UIO read to return success with readLen == 0 for valid empty datagrams - allow SAL sendto wrappers to send zero-length UDP datagrams - only record errno for sendto/recvfrom on real failures - add a UDP UIO regression testcase that sends and receives an empty datagram through SAL/UIO wrappers Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1444 | 1 个月前 | |
Add independent BSL version API Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1623 | 3 天前 | |
Add independent BSL version API Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1623 | 3 天前 |