1ce734a -
Locking für seeded_rng added to avoid requiring the caller providing a lock
-
Addition of ASN.1 decoder, X.509 parser, PKCS#7 / CMS parser
-
Addition of ASN.1 encoder, X.509 generator, PKCS#7 / CMS generator for ML-DSA, SLH-DSA, ML-DSA-ED25519
-
ML-DSA-ED25519: Hybrid implementation changed to match definition https://www.ietf.org/archive/id/draft-ietf-lamps-pq-composite-sigs-03.html
-
RISCV64: Keccak - add assembler and ZBB implementation
-
RISCV64: ML-KEM - add assembler implementation
-
RISCV64: ML-DSA - add assembler implementation
-
Add FIPS 140 mode (as of now, it does not yet implement full FIPS 140 compliance)
-
Ascon AEAD, Hash, XOF, Ascon-Keccak: Update to comply with SP800-232
-
Dilithium AVX2: Add side channel analysis
-
leancrypto passes X.509 IETF-Hackathon tests: https://ietf-hackathon.github.io/pqc-certificates/pqc_hackathon_results_certs_r4_automated_tests.html
-
Add compilation support for (U)EFI environment
-
RISCV64 RVV: ML-KEM, ML-DSA - add assembler implementation using RVV support
-
Seeded DRNG: Require a reseed after 2**14 bytes to comply with AIS20/31 3.0 DRG.4 and the discussed upcoming changes to SP800-90A.
-
SHA-512 / 384 / 256: Addition of AVX2, SHA_NI, SHA_NI-512, ARMv8 Neon, ARMv8 CE, RISCV ASM, RISCV ZBB acceleration
-
Add lc_init API
-
Intel non-AVX2 systems: remove all SIGILL causes by ensuring no AVX2 code is executed
-
Linux kernel: support version 6.13 kernel crypto signature API
-
Allow switching the central leancrypto seeded RNG instance with a caller-provided RNG