* ASN.1: use stack for small generator for small use cases
* X.509: Updates required to support the shim boot loader
* X.509: add lc_gmtime to convert Epoch to time format
* ASN.1: added to Linux kernel (for 64 bit systems only)
* Added AES-GCM and AES-XTS
* Availability: remove assert() calls throughout the code - in case of a self
test error, disable the algorithm. Instead of using assert, apply a centrally
managed test manager that stores the test status. This implies that some
initalization APIs like lc_hash_init, lc_sym_init, lc_hmac_init are changed
such that they return an error code if self tests failed. Thus, the version
is now changed as this is considered to be an ABI change. Although this
sounds heavy, the test manager is relatively small and the runtime state
should be smaller than the old approach considering the old approach uses one
global 32 bit integer per self test to maintain the state. This is now
replaced with a set of 32 bit atomic integers that hold a 3-bit field for
each algorithm. This change also adds the API call of lc_rerun_one_selftest
which allows triggering the reruning of a self test for one given algorithm.
* FIPS: Rearchitect integrity test control value generator: The build process now
uses the host’s objcopy to extract the ELF sections of interest into a separate
file, use a build_machine compiled version of sha3-256sum to generate the
digest of it and reinsert it into the leancrypto-fips.so. This now allows
cross-compilation with FIPS integrity test support. There is no functional
change to leancrypto though.
* Significant reduction of compilation units by almost half by not having
global, but per-test compiled C files.
* Linux kernel: add /proc/leancrypto
* FIPS: Add negative testing support
* Add SHAKE-512 and XDRBG-512 support
* FIPS: Add FIPS indicator which implies that libleancrypto.so has the same
OBS-URL: https://build.opensuse.org/package/show/security:tls/leancrypto?expand=0&rev=23
* Enable SHA3 CE 2x implementation for SLH-DSA and ML-DSA (performance increases 2 to 3 fold)
* Fix lookup of RDRAND support in CPUID
* Catch Y2038 issue on 32-bit systems that do not have 64 bit time_t support
* Start Python interface
* Add ED448 / X448 for use in hybrid PQC constructions, ED448 implementation verified with NIST ACVP
* Add ML-KEM-X448 and ML-DSA-ED448 support
* ASN.1: Add ML-DSA-ED448 certificate support
* RUST: Add ML-DSA-ED448 support
* Linux kernel: Add ML-KEM-X448 and ML-DSA-ED448 support
* Ascon AEAD: Bug fix when calculating the tag for plaintext that is not multiples of 128 bits
* Composite X.509 signatures: update implementation to match draft revision 5
* Add support for the Linux kernel updated scatterwalk API in 6.15 for leancrypto_kernel_aead_ascon.ko
- Includes changes from 1.4.0:
* ML-DSA: add signature generation rejection test cases and enable them during self tests
* add HQC following reference implementation (https://pqc-hqc.org/implementation.html (versions from 2025-02-19)) but derived from PQClean implementation. NOTE: HQC is not yet considered stable as the implementation currently does not exhibit the IND-CCA2 property. Moreover, the FIPS standardization of HQC is pending. Changes to the HQC algorithm until standardization will need to be expected. I.e. the versioning rules of the library do not apply to the HQC algorithm until being announced in the CHANGES.md file.
* ARMv8: properly save/restore SIMD registers v8 through v15 for ML-DSA/ML-KEM, X25519 and SHA3-CE (reported by Alexander Sosedkin)
* Rust: add wrapper allowing a native interaction with the leancrypto library - the API offered by the Rust wrappers is not yet defined to be stable and may change to the next version - i.e. the versioning rules of the library do not apply to the Rust API until being announced in the CHANGES.md file.
* Add “secure_execution” compile-time option
* Add HQC AVX2 implementation derived from https://pqc-hqc.org/
- Remove patch fix-aarch64.patch
OBS-URL: https://build.opensuse.org/package/show/security:tls/leancrypto?expand=0&rev=17
