9cef7142f7
- Update to 1.6.0: * ASN.1: use stack for small generator for small use cases * X.509: Updates required to support the shim boot loader * X.509: add lc_gmtime to convert Epoch to time format * ASN.1: added to Linux kernel (for 64 bit systems only) * Added AES-GCM and AES-XTS * Availability: remove assert() calls throughout the code - in case of a self test error, disable the algorithm. Instead of using assert, apply a centrally managed test manager that stores the test status. This implies that some initalization APIs like lc_hash_init, lc_sym_init, lc_hmac_init are changed such that they return an error code if self tests failed. Thus, the version is now changed as this is considered to be an ABI change. Although this sounds heavy, the test manager is relatively small and the runtime state should be smaller than the old approach considering the old approach uses one global 32 bit integer per self test to maintain the state. This is now replaced with a set of 32 bit atomic integers that hold a 3-bit field for each algorithm. This change also adds the API call of lc_rerun_one_selftest which allows triggering the reruning of a self test for one given algorithm. * FIPS: Rearchitect integrity test control value generator: The build process now uses the host’s objcopy to extract the ELF sections of interest into a separate file, use a build_machine compiled version of sha3-256sum to generate the digest of it and reinsert it into the leancrypto-fips.so. This now allows cross-compilation with FIPS integrity test support. There is no functional change to leancrypto though. * Significant reduction of compilation units by almost half by not having global, but per-test compiled C files. * Linux kernel: add /proc/leancrypto * FIPS: Add negative testing support * Add SHAKE-512 and XDRBG-512 support * FIPS: Add FIPS indicator which implies that libleancrypto.so has the same
Pedro Monreal Gonzalez2025-10-28 09:21:35 +00:00
0ce775616d
Accepting request 1311459 from security:tls
Ana Guerrero2025-10-16 15:38:06 +00:00
a6aeaf0c86
- Add patch to fix BTI on aarch64: * leancrypto-fix-aarch64-BTI.patch
Pedro Monreal Gonzalez2025-10-15 09:04:07 +00:00
2c27749ccb
- Split kernel module into to a separate package as to allow leancrypto to be part of ring1 following replacement of liboqs in gnutls [jsc#PED-3176]
Pedro Monreal Gonzalez2025-07-17 08:41:52 +00:00
9a0b57ec5d
Accepting request 1290982 from security:tls
Ana Guerrero2025-07-07 12:48:59 +00:00
ad4b9fc02f
- Update to 1.5.0: * Enable SHA3 CE 2x implementation for SLH-DSA and ML-DSA (performance increases 2 to 3 fold) * Fix lookup of RDRAND support in CPUID * Catch Y2038 issue on 32-bit systems that do not have 64 bit time_t support * Start Python interface * Add ED448 / X448 for use in hybrid PQC constructions, ED448 implementation verified with NIST ACVP * Add ML-KEM-X448 and ML-DSA-ED448 support * ASN.1: Add ML-DSA-ED448 certificate support * RUST: Add ML-DSA-ED448 support * Linux kernel: Add ML-KEM-X448 and ML-DSA-ED448 support * Ascon AEAD: Bug fix when calculating the tag for plaintext that is not multiples of 128 bits * Composite X.509 signatures: update implementation to match draft revision 5 * Add support for the Linux kernel updated scatterwalk API in 6.15 for leancrypto_kernel_aead_ascon.ko - Includes changes from 1.4.0: * ML-DSA: add signature generation rejection test cases and enable them during self tests * add HQC following reference implementation (https://pqc-hqc.org/implementation.html (versions from 2025-02-19)) but derived from PQClean implementation. NOTE: HQC is not yet considered stable as the implementation currently does not exhibit the IND-CCA2 property. Moreover, the FIPS standardization of HQC is pending. Changes to the HQC algorithm until standardization will need to be expected. I.e. the versioning rules of the library do not apply to the HQC algorithm until being announced in the CHANGES.md file. * ARMv8: properly save/restore SIMD registers v8 through v15 for ML-DSA/ML-KEM, X25519 and SHA3-CE (reported by Alexander Sosedkin) * Rust: add wrapper allowing a native interaction with the leancrypto library - the API offered by the Rust wrappers is not yet defined to be stable and may change to the next version - i.e. the versioning rules of the library do not apply to the Rust API until being announced in the CHANGES.md file. * Add “secure_execution” compile-time option * Add HQC AVX2 implementation derived from https://pqc-hqc.org/ - Remove patch fix-aarch64.patch
Pedro Monreal Gonzalez2025-07-07 07:37:01 +00:00
2685bff1df
Accepting request 1269629 from security:tls
Ana Guerrero2025-04-16 18:39:26 +00:00
264854b6bb
* ML-KEM: use common poly_tobytes / poly_compress including fix for kyberslash for ARMv8 (thus all ML-KEM implementations have proper protections against it) * ML-KEM: reduce code duplication * Big-Endian: fixes on X.509 key usage processing, ML-KEM modulus tester
Marcus Meissner2025-04-10 09:52:26 +00:00
137e4a9164
* ML-KEM: use common poly_tobytes / poly_compress including fix for kyberslash for ARMv8 (thus all ML-KEM implementations have proper protections against it) * ML-KEM: reduce code duplication * Big-Endian: fixes on X.509 key usage processing, ML-KEM modulus tester
Marcus Meissner2025-04-10 09:48:40 +00:00
Ana Guerrero
Angel Yankov
Lucas Mulling
Pedro Monreal Gonzalez
Marcus Meissner