TTaylorGao3558fix(crypto/bsl): fix bsl and ml-kem issue
| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
fix(crypto/bsl): fix bsl and ml-kem security check Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
Fix compilation issues in test cases. Signed-off-by: Dongjianwei001 <dongjianwei1@huawei.com> Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/647 | 8 个月前 | |
Correction of crypto error stack Co-authored-by: xuzhengyi<xuzhengyi1@h-partners.com> # message auto-generated for no-merge-commit merge: !944 merge FIX_BUG into main Correction of crypto error stack Created-by: libiaoliang Commit-by: xuzhengyi Merged-by: liwei3013 Description: Correction of crypto error stack See merge request: openHiTLS/openhitls!944 | 5 个月前 | |
openhitls repo init | 1 年前 | |
Remove libboundscheck (securec) dependency and harden sensitive data cleansing Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1086 | 2 个月前 | |
feat: Add cross-platform support for Darwin/macOS **Core Platform Support:** - Add Darwin/macOS platform detection and conditional compilation - Implement platform-specific library extensions (.dylib for macOS, .so for Linux) - Enhanced dynamic library loading with cross-platform error handling - Platform-optimized time functions (clock_gettime_nsec_np for macOS) - Add App module support for Darwin/macOS **Threading & Synchronization:** - BSL: Migrate from simple integer flags to proper pthread_once_t implementation - Add BSL_SAL_OnceControl type with platform-specific implementations - Implement thread-safe one-time initialization across platforms - Fix memory initialization patterns for thread-once controls **Build System Improvements:** - Remove GNU ld-specific flags for test-framework use c function pointer replace or stub_utils.h to hook target function - Boundcheck components will linked as static library for tests, reduce tests dynamic library deps - Update CMake configurations for Darwin support **Test Framework Enhancements:** - Replace jmp_buf with sigjmp_buf for better signal handling - Update time handling to avoid platform-specific gmtime issues - Improve entropy test stability across platforms - Add proper RAND initialization/deinitialization **Entropy & Cryptographic Updates:** - Temporarily disable CPU jitter entropy on macOS (pending validation) - Add cross-platform entropy source management - Update DRBG configuration for improved compatibility - Enhance hardware entropy detection and handling **Network & I/O:** - Extend POSIX network functions to support both Linux and Darwin - Add file accessibility checks before dynamic loading - Improve error handling for symbol resolution across platforms - Update socket and I/O operations for cross-platform compatibility Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/677 | 7 个月前 | |
Correction of crypto error stack Co-authored-by: xuzhengyi<xuzhengyi1@h-partners.com> # message auto-generated for no-merge-commit merge: !944 merge FIX_BUG into main Correction of crypto error stack Created-by: libiaoliang Commit-by: xuzhengyi Merged-by: liwei3013 Description: Correction of crypto error stack See merge request: openHiTLS/openhitls!944 | 5 个月前 | |
openhitls repo init | 1 年前 | |
fix(pki/bsl): harden X509 verification, fix IPv6 string length, and add ASN.1 overflow check - Reject empty issuer DN with HITLS_X509_ERR_ISSUE_CERT_NOT_FOUND instead of silently skipping - Check validity period of partial-chain trust anchors before accepting them - Change HITLS_VerifyCb parameter from isPreverifyOk to errCode for better error diagnostics - Fix MAX_IP_STR_LEN from 39 to 45 for IPv4-embedded IPv6 address literals - Add overflow check in ASN.1 UTF-8 encoding to prevent outLen wrap-around - Fix KU check skipped when EKU is absent in purpose verification (RFC 5280 4.2.1.12) Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1423 | 1 个月前 | |
fix(pki/bsl): harden X509 verification, fix IPv6 string length, and add ASN.1 overflow check - Reject empty issuer DN with HITLS_X509_ERR_ISSUE_CERT_NOT_FOUND instead of silently skipping - Check validity period of partial-chain trust anchors before accepting them - Change HITLS_VerifyCb parameter from isPreverifyOk to errCode for better error diagnostics - Fix MAX_IP_STR_LEN from 39 to 45 for IPv4-embedded IPv6 address literals - Add overflow check in ASN.1 UTF-8 encoding to prevent outLen wrap-around - Fix KU check skipped when EKU is absent in purpose verification (RFC 5280 4.2.1.12) Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1423 | 1 个月前 | |
fix(crypto/bsl): fix bsl and ml-kem security check Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
fix(crypto/bsl): fix bsl and ml-kem security check Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
fix(crypto/bsl): fix bsl and ml-kem issue Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1424 | 1 个月前 | |
Algorithm performance optimization and code refactoring. Co-authored-by: Dongjianwei001<dongjianwei1@huawei.com> # message auto-generated for no-merge-commit merge: !807 merge sync_main into main Algorithm performance optimization and code refactoring. Created-by: Dongjianwei001 Commit-by: Dongjianwei001 Merged-by: liwei3013 Description: Synchronize HiTLS code See merge request: openHiTLS/openhitls!807 | 6 个月前 |