| fix(crypto): harden ChaCha20 counter wrap, McEliece constant-time, XTS data-unit limit, RSA blinding default, and misc bug fixes MLKEM_ARMV8 depends on SHA3_ARMV8 Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1344 | 1 个月前 |
| Modify the return value for the RSA512 salt length anomaly. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1398 | 1 个月前 |
| | 1 个月前 |
| fix(crypto): harden ChaCha20 counter wrap, McEliece constant-time, XTS data-unit limit, RSA blinding default, and misc bug fixes MLKEM_ARMV8 depends on SHA3_ARMV8 Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1344 | 1 个月前 |
| fix security and correctness bugs - OTP: constant-time compare, cap validWindow to prevent DoS - PAKE: null checks, clear sensitive buffers, fix ECC_PARAM_N - DRBG: fix fork detection on failed reseed - CFB: add missing include - X509: use TLS-specific RSA PKCS#1v1.5 scheme Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1329 | 1 个月前 |
| feat(sm9): remove key exchange capability Remove all SM9 key exchange functionality including algorithm implementation, EAL layer, CTRL commands, test cases, and cmake options. Sign and encrypt operations remain fully functional. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1400 | 1 个月前 |
| fix: fix PKCS#1 v1.5 Type-1 hash recovery capability Implement CRYPT_RSA_Recover to recover the raw hash value from a PKCS#1 v1.5 Type-1 encoded signature using the public key. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1316 | 1 个月前 |