Leancrypto Version 1.1.0
Code
Changes 1.1.0
-
ML-KEM remove modulus check of decapsulation key (not required by FIPS 203)
-
ML-KEM: add key pair PCT API - leancrypto cannot invoke it itself as it does not know when both keys are provided from outside
-
ML-DSA: add consistency with FIPS 204 - the signature changes as the input data handling is added (if you want to apply the old signature, use the new lc_dilithium_[sign|verify]_ctx API with ctx->ml_dsa_internal = 1)
-
ML-DSA: add API to allow caller to provide a user context as allowed by FIPS 204, to invoke ML-DSA.Sign_internal, ML-DSA.Verify_internal and HashML-DSA
-
ML-KEM: rename source code directory to ml-kem
-
ML-DSA: rename source code directory to ml-dsa
-
BIKE: Add NIST round 4 KEM candiate
-
ML-DSA: Add support to retain the expanded key to increase the performance of signature operations by 15 to 20%
-
ML-DSA: add key pair PCT API - leancrypto will not invoke it, but provides it for FIPS 140 support
-
SLH-DSA: Add SLH-DSA-SHAKE-256s, SLH-DSA-SHAKE-256f, SLH-DSA-SHAKE-192s, SLH-DSA-SHAKE-192f, SLH-DSA-SHAKE-128s, SLH-DSA-SHAKE-128f
-
ML-DSA, ML-KEM, SLH-DSA, BIKE, Hash, AEAD, RNG, HMAC, HKDF, symmetric: move API implementation from H to C file - this implies that no RUST wrappers are needed
-
Linux kernel: ML-DSA / SLH-DSA sigver input changed to be compliant to existing kernel structures: req->src SGL contains signature || msg, req->dst SGL is not processed