Leancrypto 1.1.0
Post-Quantum Cryptographic Library
|
The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. The algorithm implementations have the following properties:
linux_kernel
for replacing the POSIX calls)meson configure
,If you want to build the leancrypto shared library, use the provided Meson
build system:
meson setup build
meson compile -C build
meson test -C build
meson install -C build
The leancrypto library can also be built as an independent Linux kernel module. This kernel module offers the same APIs and functions as the user space version of the library. This implies that a developer wanting to develop kernel and user space users of cryptographic mechanisms do not need to adjust to a new API.
Note: The user space and kernel space versions of leancrypto are fully independent of each other. Neither requires the presence of the other for full operation.
To build the leancrypto Linux kernel module, use the Makefile
in the directory linux_kernel
:
linux_kernel
leancrypto.ko
Note, the compiled test kernel modules are only provided for regression testing and are not required for production use. Insert the kernel modules and check dmesg
for the results. Unload the kernel modules afterwards.
The API specified by the header files installed as part of the meson install -C build
command for the user space library is applicable to the kernel module as well. When compiling kernel code, the flag -DLINUX_KERNEL
needs to be set.
For more details, see linux_kernel/README.md
in the source code distribution.
The leancrypto
library can be built on Windows using MSYS2. Once MSYS2
is installed along with meson
and the mingw
compiler, the standard compilation procedure outlined above for meson
can be used.
The support for full assembler acceleration is enabled.
The leancrypto API is documented in the exported header files. The only header file that needs to be included in the target code is #include <leancrypto.h>
. This header file includes all algorithm-specific header files for the compiled and supported algorithms.
To fully understand the API, please consider the following base concept of leancrypto: Different algorithm implementations are accessible via common APIs. For example, different random number generator algorithms are accessible via the RNG API. To ensure the common APIs act on the proper algorithm, the caller must use algorithm-specific initialization functions. The initialization logic returns a "cipher handle" that can be used with the common API for all subequent operations.