Files
libsmx/SECURITY.md
T
huangxt 8ad52ecac0 准备发布 v0.1.0
- 添加 Apache-2.0 许可证
- 添加 CHANGELOG.md 变更日志
- 添加 SECURITY.md 安全策略
- 添加 README.zh-CN.md 中文文档
- 添加 rustfmt.toml 代码格式配置
- 添加 scripts/pre_publish_check.sh 发布检查脚本
- 更新 Cargo.toml 元数据(分类、关键词、文档链接)
- 完善 README.md 示例代码
- 优化 SM2/SM9 性能和测试覆盖率
2026-03-07 19:27:41 +08:00

2.0 KiB

Security Policy

Supported Versions

Version Supported
0.3.x Yes
< 0.3 No

Reporting a Vulnerability

If you discover a security vulnerability in libsmx, please report it responsibly:

Email: kintai@foxmail.com

Please include:

  • Description of the vulnerability
  • Steps to reproduce
  • Affected versions
  • Any potential impact assessment

Response timeline:

  • Acknowledgment within 48 hours
  • Initial assessment within 7 days
  • Fix release within 30 days for confirmed issues

Scope

The following areas are considered in-scope for security reports:

  • Timing side-channels: Any operation whose execution time depends on secret data (private keys, plaintext, nonces)
  • Memory safety: Buffer overflows, use-after-free, or uninitialized memory reads (note: this crate uses #![forbid(unsafe_code)])
  • Key material leakage: Private keys or intermediate secret values not properly zeroized
  • Cryptographic correctness: Deviations from GB/T standards that weaken security guarantees
  • Authentication bypass: Incorrect MAC/tag verification in GCM/CCM modes

Out of Scope

  • Performance issues that don't affect security
  • Dependencies' vulnerabilities (report upstream)
  • Attacks requiring physical access to the device

Security Design

libsmx employs the following defenses:

  • Constant-time operations: All secret-dependent code uses subtle::ConstantTimeEq, ConditionallySelectable, and fixed-iteration loops
  • No table lookups for S-boxes: SM4 uses boolean circuit bitslice implementation to prevent cache-timing attacks
  • Automatic key zeroization: All private key types derive ZeroizeOnDrop
  • No unsafe code: #![forbid(unsafe_code)] is enforced at the crate level
  • Complete EC formulas: SM2 point addition uses branch-free complete addition formulas (Renes-Costello-Batina 2016)

Disclosure Policy

We follow coordinated disclosure. Please do not open public GitHub issues for security vulnerabilities.