10 KiB
Change Log
All notable changes to this project will be documented in this file.
2023-11-20
Added
-
support for Windows platform:
-
pre-processor condition with Windows headers winsock2.h, afunix.h, ws2tcpip.h in tls_sockets.h
-
pre-processor condition in int setclientsock() function - changing input argument in setsockopt() function for Windows compatibility in tls_sockets.cpp
-
WSA structure inicialization and cleanup in client.cpp file
-
linking -lws2_32 in CMakeLists.txt
-
-
-lstdc++ in CMakeLists.txt for compatibility with gcc
2023-11-20
Added
-
Header file oqs/oqs.h and oqs/oqsconfig.h from liboqs library
-
linking liboqs library with -loqs in CMakeLists.txt
Changed
- Library name in *char SAL_name()
- Random number generator OQS_randombytes() in bool SAL_initLib()
Removed
- Unused conditions and functions
2023-12-22
Added
- Notes for dilithium3 functions from liboqs
2024-01-13
Changed
-
void SAL_generateKeyPair() for kyber768 now working with function from liboqs
-
both static bool DILITHIUM3_VERIFY() and static void DILITHIUM3_SIGN() now working with functions from liboqs
Removed
- Unused declarations and variables
2024-01-15
Changed
- bool SAL_generateSharedSecret() for kyber768 now working with function from liboqs
Removed
- Header file kyber.h
- Unused declarations and variables
2024-01-25
Added
- New CA certificate for https://test.openquantumsafe.org/ in tls_cacerts.cpp
Changed
- Client certificate update
2024-02-17
Added
-
TLS IDs for PQ KEM algorithms based on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md in tls1_3.h
-
new PQ KEM algorithms in int SAL_groups()
-
functions for key generating for kyber512, kyber1024, bikel1, bikel3, bikel5, hqc128, hqc192, hqc256, FrodoKEM-640-AES, FrodoKEM-640-SHAKE, FrodoKEM-976-AES, FrodoKEM-976-SHAKE, FrodoKEM-1344-AES, FrodoKEM-1344-SHAKE in void SAL_generateKeyPair() function
-
decapsulation functions for kyber512, kyber1024, bikel1, bikel3, bikel5, hqc128, hqc192, hqc256, FrodoKEM-640-AES, FrodoKEM-640-SHAKE, FrodoKEM-976-AES, FrodoKEM-976-SHAKE, FrodoKEM-1344-AES, FrodoKEM-1344-SHAKE in bool SAL_generateSharedSecret()
Changed
- variables for PQ crypto_setting in tls1_3.h file:
- TLS_MAX_KEX_PUB_KEY_SIZE - according the biggest public key size from all available KEM algorithm (FrodoKEM-1344-SHAKE)
- TLS_MAX_KEX_CIPHERTEXT_SIZE - according the biggest ciphertext size from all available KEM algorithm (FrodoKEM-1344-SHAKE)
- TLS_MAX_KEX_SECRET_KEY_SIZE - according the biggest secret key size from all available KEM algorithm (FrodoKEM-1344-SHAKE)
- TLS_MAX_SUPPORTED_GROUPS - need to raise the variable because of adding more KEM algorithms
27-29
2024-02-26
Added
-
listing of KEM key sizes (public and private keys) in client.cpp
-
TLS IDs for PQ signature algorithms in tls1_3.h based on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
-
Object IDs for dilitihum2 and dilitihum3 in tls_x509.cpp based on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
-
PQ curve variables for dilitihum2, dilitihum3 and dilitihum5 in tls_x509.h for recognizing used algorithm in further processing
-
PQ signature algorithms dilithium2 and dilithium5 in int SAL_sigs() and int SAL_sigCerts()
-
verification functions for PQ signature algorithms dilithium2, dilithium5; calling them in bool SAL_tlsSignatureVerify()
-
signing functions for PQ signature algorithms dilithium2, dilithium5; calling them in void SAL_tlsSignature()
-
listing of all new KEM and dilithium signature algorithms in tls_logger.cpp and client.cpp
-
conditions for certificate verification for dilitihum2, dilithium3 and dilithium5 in tls_cert_chain.cpp
-
functions for public and private key from PQ certificates, setting PQ curve for further processing
2024-02-27
Added
-
verification functions for PQ signature algorithms falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple; ; calling them in bool SAL_tlsSignatureVerify()
-
signing functions for PQ signature algorithms falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple; ; calling them in void SAL_tlsSignature()
2024-02-28
Added
-
PQ curve variables for falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHA2-192f-simple
-
Object IDs for falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHA2-192f-simple
-
conditions for certificate verification for falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHA2-192f-simple
-
functions for public and private key from PQ certificates, setting PQ curve for further processing
-
listing of all new PQ signature algorithms in tls_logger.cpp and client.cpp
Removed
-
TLS IDs for unsupported PQ signature algorithms (unsupported by oqsprovider (unable to test them)) - SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
-
verification functions for unsupported PQ signature algorithms (unsupported by oqsprovider (unable to test them)) - SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
-
signing functions for unsupported PQ signature algorithms (unsupported by oqsprovider (unable to test them)) - SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
Changed
-
Linux pre-processor condition for BIKE signature algorithm (BIKE is not supported on Windows platform (yet)) in void SAL_generateKeyPair()
-
variables for PQ crypto_setting in tls1_3.h file:
- TLS_MAX_SIG_PUB_KEY_SIZE - according the biggest public key size from all available signature algorithms (dilithium5)
- TLS_MAX_SIG_SECRET_KEY_SIZE - according the biggest secret key size from all available signature algorithms (dilithium5)
- TLS_MAX_SIGNATURE_SIZE - according the biggest signature size from all available signature algorithms (SPHINCS+-SHA2-128f-simple or SPHINCS+-SHAKE-128f-simple)
- TLS_MAX_SUPPORTED_SIGS - need to raise the variable because of adding more signature algorithms
- MAX_IBUFF_SIZE - need to raise the variable because of bigger size of certchain (SPHINCS+-SHAKE-128f-simple)
- TLS_X509_MAX_FIELD - need to raise the variable because of bigger size of certchain (SPHINCS+-SHAKE-128f-simple)
Tested
-
all KEM protocols and signature algorithms with OpenSSL native server and test.openquantumsafe.org server
-
correct behaviour on Linux and Windows x64 platform
2024-02-29
Changed
- same PQ curve for SPHINCS+-SHA2-128f-simple and SPHINCS+-SHAKE-128f-simple (same size)
- calling verification functions for both SPHINCS+-SHA2-128f-simple and SPHINCS+-SHAKE-128f-simple
Removed
- sign and verify function for SPHINCS+-SHA2-192f-simple (return of wrong expiration date; bug?)
- removed all added changes associated with SPHINCS+-SHA2-192f-simple (ID, OID, curve, conditions)
2024-03-01
Added
- OQS_TEST_results.txt with results of testing on test.openquantumsafe.org server
Removed
- unused functions and variables for unsupported algorithms by liboqs or oqsprovider (unable to test them)
2024-03-03
Added
-
comments about changes of functions and variables
-
comments on the beggining of every changed file
-
readme with information about building and using the client, summary of all changes, details of testing
Removed
-
arduino conditions in files: tls_octads.h, tls_sockets.h, tls_logger.cpp, tls_octads.cpp, tls_sockets.cpp
-
files for arduino - arduino/client.cpp, wifi.h
-
removed unnecessery files: blogs, unused .xpp files
2024-03-03
Changed
- OQS_randombytes() used as seed for original miracl rng
2024-03-04
Added
-
.exe file for Windows x64 generated with CMake 'MinGW file' instead 'Unix MakeFile'
-
miracl core folders for Windows x64, Windows x86 and Linux Ubuntu 22.04 in sal folder
-
readme in sal folder with guideline for generating miracl core files
-
permanent library linking -lws2_32 in CMakeLists.txt for Windows compatibility (remove in case of Linux platform)
Removed
- unused conditions and variables from CMakeLists.txt
2024-04-14
Added
-
IDs for ML-KEM and ML-DSA
-
functions for key generating for ml-kem512, ml-kem768, ml-kem1024
-
decapsulation functions for ml-kem512, ml-kem768, ml-kem1024
-
object IDs for ML-KEM and ML-DSA
-
signing functions for PQ signature algorithms ml-dsa44, ml-dsa65, ml-dsa87; calling them in void SAL_tlsSignature()
-
listing of ML-KEMs and ML-DSAs in tls_logger.cpp and client.cpp
-
conditions for certificate verification for ml-dsa44, ml-dsa65, ml-dsa87 in tls_cert_chain.cpp
-
functions for public and private key from PQ certificates, setting PQ curve for further processing
-
new PQ curve to distinguish SPHINCS+-SHA2-128f-simple and SPHINCS+-SHAKE-128f-simple
Changed
-
IDs for HQC and Falcon algorithms according to https://github.com/open-quantum-safe/oqs-provider/releases/tag/0.6.0
-
PQ curves for all PQ signature schemes
2024-04-15
Added
- OQS_TEST_results2.txt with results of testing on test.openquantumsafe.org server with new
2024-04-18
Added
- RDTSC instruction for time measuring of signature verification
- condition in function SAL_initLib() for correct compilation without PQ settings