| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
Fix some external interfaces to allow setting null callbacks. Co-authored-by: balabala-123<guozhang4@huawei.com> # message auto-generated for no-merge-commit merge: !796 merge temp1 into main Fix some external interfaces to allow setting null callbacks. Created-by: balabala-123 Commit-by: balabala-123 Merged-by: liwei3013 Description: Fix some external interfaces to allow setting null callbacks. See merge request: openHiTLS/openhitls!796 | 7 个月前 | |
Remove libboundscheck (securec) dependency and harden sensitive data cleansing Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1086 | 2 个月前 | |
tls: reject duplicate registered custom extensions Add duplicate detection for registered custom extensions during parsing. Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1317 | 2 个月前 | |
fix:Code optimization and refactoring Co-authored-by: hanzhiyang<hanzhiyang4@h-partners.com> # message auto-generated for no-merge-commit merge: !961 merge main into main fix:Code optimization and refactoring Created-by: hanzhiyang Commit-by: hanzhiyang Merged-by: liwei3013 Description: <!-- Thanks for sending a pull request! Here are some tips for you: 1) If this is your first time, please read our contributor guidelines: https://gitcode.com/openHiTLS/openhitls/wiki/FAQ-社区需求贡献流程.md --> **What does this PR do / why do we need it**: **Self-checklist**:(**请自检,在[ ]内打上x**) + - [ ] **测试**:PR中的代码是否已有UT/ST测试用例进行充分的覆盖,新增测试用例是否随本PR一并上库或已经上库 + - [ ] **接口**:是否涉及对外接口变更,相应变更已得到接口评审组织的通过,API对应的注释信息已经刷新正确 + - [ ] **文档**:是否涉及官网文档修改,如果涉及请及时提交资料到Doc仓 <!-- **Special notes for your reviewers**: --> <!-- + - [ ] 是否导致无法前向兼容 --> <!-- + - [ ] 是否涉及依赖的三方库变更 --> See merge request: openHiTLS/openhitls!961 | 6 个月前 | |
fix:Code optimization and refactoring Co-authored-by: hanzhiyang<hanzhiyang4@h-partners.com> # message auto-generated for no-merge-commit merge: !961 merge main into main fix:Code optimization and refactoring Created-by: hanzhiyang Commit-by: hanzhiyang Merged-by: liwei3013 Description: <!-- Thanks for sending a pull request! Here are some tips for you: 1) If this is your first time, please read our contributor guidelines: https://gitcode.com/openHiTLS/openhitls/wiki/FAQ-社区需求贡献流程.md --> **What does this PR do / why do we need it**: **Self-checklist**:(**请自检,在[ ]内打上x**) + - [ ] **测试**:PR中的代码是否已有UT/ST测试用例进行充分的覆盖,新增测试用例是否随本PR一并上库或已经上库 + - [ ] **接口**:是否涉及对外接口变更,相应变更已得到接口评审组织的通过,API对应的注释信息已经刷新正确 + - [ ] **文档**:是否涉及官网文档修改,如果涉及请及时提交资料到Doc仓 <!-- **Special notes for your reviewers**: --> <!-- + - [ ] 是否导致无法前向兼容 --> <!-- + - [ ] 是否涉及依赖的三方库变更 --> See merge request: openHiTLS/openhitls!961 | 6 个月前 | |
Branch merge # message auto-generated for no-merge-commit merge: merge baoyi_main into main Branch merge Created-by: baoyi84930 Author-id: 1168581 MR-id: 4353327 Commit-by: baoyi84930 Merged-by: liwei3013 E2E-issues: Description: 分支合并 See merge request: openHiTLS/openhitls!38 | 1 年前 | |
Branch merge # message auto-generated for no-merge-commit merge: merge baoyi_main into main Branch merge Created-by: baoyi84930 Author-id: 1168581 MR-id: 4353327 Commit-by: baoyi84930 Merged-by: liwei3013 E2E-issues: Description: 分支合并 See merge request: openHiTLS/openhitls!38 | 1 年前 | |
fix:Fix the failure to obtain the peer certificate during the handshake process && fix the issue of not ignoring duplicate certificates when loading them - In the certificate verification phase, users need to obtain the peer certificate by calling HITLS_GetPeerCertChain. Currently, the peer certificate is stored in the finish phase, which needs to be modified. - When certificates are duplicated, an error should not be reported. Instead, the duplicated certificates should be ignored and a success message should be returned. Signed-off-by: balabala-123 <guozhang4@huawei.com> Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1248 | 2 个月前 | |
fix:Fixing uncleaned sensitive information && memory leaks - The plaintext message is not cleared when the encryption of the app or handshake message fails in the RecConnCbcEncryptThenMac function. - In the SESSMGR_Find function, when retrieving sess from the sess hash table, the retrieved sess is not subject to reference counting. This may lead to other threads freeing this sess, posing a risk of dangling pointers when using this sess subsequently. Signed-off-by: balabala-123 <guozhang4@huawei.com> Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1384 | 2 个月前 | |
openhitls repo init | 1 年前 | |
feat:Adapt to AEAD limits function Section 5.5 of RFC 8446 defines key usage restrictions for the TLS 1.3 record layer, with the following core requirements: Encryption Limits: There should be a limit on the number of records encrypted with the same key to maintain confidentiality and security boundaries. Integrity/Authorization Limits: The specific values of integrity limits are reflected in RFC 9147 (DTLS 1.3) Key update mechanism (§ 4.6.3): RFC 8446 defines KeyUpdate messages to trigger key updates. KeyUpdate has two modes: Update_not_deasked: Only update the local sending key Update.requested: Update the local key and request the other end to update the key as well Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1658 | 4 天前 | |
feat: enforce record boundary on TLS1.3 read key switches Co-authored-by: pi_ixeL<xuzhewei2@huawei.com> # message auto-generated for no-merge-commit merge: !1012 merge fix-record-boundary into main feat: enforce record boundary on TLS1.3 read key switches Created-by: pi_ixeL Commit-by: pi_ixeL Merged-by: liwei3013 Description: tls: enforce record boundary on TLS1.3 read key switches Enforce TLS1.3 read-side key activation to occur only at record boundaries by checking for unconsumed decrypted handshake bytes before switching pending->current state. Emit fatal unexpected_message, return HITLS_REC_ERR_NOT_ON_RECORD_BOUNDARY. See merge request: openHiTLS/openhitls!1012 | 5 个月前 | |
feat:Adapt to AEAD limits function Section 5.5 of RFC 8446 defines key usage restrictions for the TLS 1.3 record layer, with the following core requirements: Encryption Limits: There should be a limit on the number of records encrypted with the same key to maintain confidentiality and security boundaries. Integrity/Authorization Limits: The specific values of integrity limits are reflected in RFC 9147 (DTLS 1.3) Key update mechanism (§ 4.6.3): RFC 8446 defines KeyUpdate messages to trigger key updates. KeyUpdate has two modes: Update_not_deasked: Only update the local sending key Update.requested: Update the local key and request the other end to update the key as well Cherry-picked from: https://gitcode.com/openHiTLS/openhitls/merge_requests/1658 | 4 天前 |
| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
| 7 个月前 | ||
| 2 个月前 | ||
| 2 个月前 | ||
| 6 个月前 | ||
| 6 个月前 | ||
| 1 年前 | ||
| 1 年前 | ||
| 2 个月前 | ||
| 2 个月前 | ||
| 1 年前 | ||
| 4 天前 | ||
| 5 个月前 | ||
| 4 天前 |