249 lines
10 KiB
Markdown
249 lines
10 KiB
Markdown
# Change Log
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
## 2023-11-20
|
|
### Added
|
|
|
|
- support for Windows platform:
|
|
- pre-processor condition with Windows headers *winsock2.h*, *afunix.h*, *ws2tcpip.h* in tls_sockets.h
|
|
|
|
- pre-processor condition in *int setclientsock()* function - changing input argument in *setsockopt()* function for Windows compatibility in tls_sockets.cpp
|
|
|
|
- WSA structure inicialization and cleanup in client.cpp file
|
|
|
|
- linking *-lws2_32* in CMakeLists.txt
|
|
|
|
- *-lstdc++* in CMakeLists.txt for compatibility with gcc
|
|
|
|
|
|
## 2023-11-20
|
|
### Added
|
|
|
|
- Header file *oqs/oqs.h* and *oqs/oqsconfig.h* from liboqs library
|
|
|
|
- linking liboqs library with *-loqs* in CMakeLists.txt
|
|
|
|
### Changed
|
|
|
|
- Library name in *char *SAL_name()*
|
|
- Random number generator *OQS_randombytes()* in *bool SAL_initLib()*
|
|
|
|
### Removed
|
|
- Unused conditions and functions
|
|
|
|
## 2023-12-22
|
|
### Added
|
|
|
|
- Notes for dilithium3 functions from liboqs
|
|
|
|
## 2024-01-13
|
|
### Changed
|
|
|
|
- *void SAL_generateKeyPair()* for kyber768 now working with function from liboqs
|
|
|
|
- both *static bool DILITHIUM3_VERIFY()* and *static void DILITHIUM3_SIGN()* now working with functions from liboqs
|
|
|
|
### Removed
|
|
|
|
- Unused declarations and variables
|
|
|
|
## 2024-01-15
|
|
### Changed
|
|
|
|
- *bool SAL_generateSharedSecret()* for kyber768 now working with function from liboqs
|
|
|
|
### Removed
|
|
|
|
- Header file *kyber.h*
|
|
- Unused declarations and variables
|
|
|
|
## 2024-01-25
|
|
### Added
|
|
|
|
- New CA certificate for https://test.openquantumsafe.org/ in tls_cacerts.cpp
|
|
|
|
### Changed
|
|
- Client certificate update
|
|
|
|
## 2024-02-17
|
|
### Added
|
|
|
|
- TLS IDs for PQ KEM algorithms based on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md in tls1_3.h
|
|
|
|
- new PQ KEM algorithms in *int SAL_groups()*
|
|
|
|
- functions for key generating for kyber512, kyber1024, bikel1, bikel3, bikel5, hqc128, hqc192, hqc256, FrodoKEM-640-AES, FrodoKEM-640-SHAKE, FrodoKEM-976-AES, FrodoKEM-976-SHAKE, FrodoKEM-1344-AES, FrodoKEM-1344-SHAKE in *void SAL_generateKeyPair()* function
|
|
|
|
- decapsulation functions for kyber512, kyber1024, bikel1, bikel3, bikel5, hqc128, hqc192, hqc256, FrodoKEM-640-AES, FrodoKEM-640-SHAKE, FrodoKEM-976-AES, FrodoKEM-976-SHAKE, FrodoKEM-1344-AES, FrodoKEM-1344-SHAKE in *bool SAL_generateSharedSecret()*
|
|
|
|
### Changed
|
|
|
|
- variables for PQ crypto_setting in tls1_3.h file:
|
|
- TLS_MAX_KEX_PUB_KEY_SIZE - according the biggest public key size from all available KEM algorithm (FrodoKEM-1344-SHAKE)
|
|
- TLS_MAX_KEX_CIPHERTEXT_SIZE - according the biggest ciphertext size from all available KEM algorithm (FrodoKEM-1344-SHAKE)
|
|
- TLS_MAX_KEX_SECRET_KEY_SIZE - according the biggest secret key size from all available KEM algorithm (FrodoKEM-1344-SHAKE)
|
|
- TLS_MAX_SUPPORTED_GROUPS - need to raise the variable because of adding more KEM algorithms
|
|
|
|
27-29
|
|
## 2024-02-26
|
|
### Added
|
|
|
|
- listing of KEM key sizes (public and private keys) in client.cpp
|
|
|
|
- TLS IDs for PQ signature algorithms in tls1_3.h based on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
|
|
|
|
- Object IDs for dilitihum2 and dilitihum3 in tls_x509.cpp based on https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md
|
|
|
|
- PQ curve variables for dilitihum2, dilitihum3 and dilitihum5 in tls_x509.h for recognizing used algorithm in further processing
|
|
|
|
- PQ signature algorithms dilithium2 and dilithium5 in *int SAL_sigs()* and *int SAL_sigCerts()*
|
|
|
|
- verification functions for PQ signature algorithms dilithium2, dilithium5; calling them in *bool SAL_tlsSignatureVerify()*
|
|
|
|
- signing functions for PQ signature algorithms dilithium2, dilithium5; calling them in *void SAL_tlsSignature()*
|
|
|
|
- listing of all new KEM and dilithium signature algorithms in tls_logger.cpp and client.cpp
|
|
|
|
- conditions for certificate verification for dilitihum2, dilithium3 and dilithium5 in tls_cert_chain.cpp
|
|
|
|
- functions for public and private key from PQ certificates, setting PQ curve for further processing
|
|
|
|
## 2024-02-27
|
|
### Added
|
|
|
|
- verification functions for PQ signature algorithms falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple; ; calling them in *bool SAL_tlsSignatureVerify()*
|
|
|
|
- signing functions for PQ signature algorithms falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHA2-192f-simple, SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple; ; calling them in *void SAL_tlsSignature()*
|
|
|
|
## 2024-02-28
|
|
### Added
|
|
|
|
- PQ curve variables for falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHA2-192f-simple
|
|
|
|
- Object IDs for falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHA2-192f-simple
|
|
|
|
- conditions for certificate verification for falcon512, falcon1024, SPHINCS+-SHA2-128f-simple, SPHINCS+-SHA2-128s-simple, SPHINCS+-SHAKE-128f-simple, SPHINCS+-SHA2-192f-simple
|
|
|
|
- functions for public and private key from PQ certificates, setting PQ curve for further processing
|
|
|
|
- listing of all new PQ signature algorithms in tls_logger.cpp and client.cpp
|
|
|
|
### Removed
|
|
- TLS IDs for unsupported PQ signature algorithms (unsupported by oqsprovider (unable to test them)) - SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
|
|
|
|
- verification functions for unsupported PQ signature algorithms (unsupported by oqsprovider (unable to test them)) - SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
|
|
|
|
- signing functions for unsupported PQ signature algorithms (unsupported by oqsprovider (unable to test them)) - SPHINCS+-SHA2-192s-simple, SPHINCS+-SHA2-256f-simple, SPHINCS+-SHA2-256s-simple, SPHINCS+-SHAKE-128s-simple, SPHINCS+-SHAKE-192f-simple, SPHINCS+-SHAKE-192s-simple, SPHINCS+-SHAKE-256f-simple, SPHINCS+-SHAKE-256s-simple
|
|
|
|
### Changed
|
|
|
|
- Linux pre-processor condition for BIKE signature algorithm (BIKE is not supported on Windows platform (yet)) in *void SAL_generateKeyPair()*
|
|
|
|
- variables for PQ crypto_setting in tls1_3.h file:
|
|
- TLS_MAX_SIG_PUB_KEY_SIZE - according the biggest public key size from all available signature algorithms (dilithium5)
|
|
- TLS_MAX_SIG_SECRET_KEY_SIZE - according the biggest secret key size from all available signature algorithms (dilithium5)
|
|
- TLS_MAX_SIGNATURE_SIZE - according the biggest signature size from all available signature algorithms (SPHINCS+-SHA2-128f-simple or SPHINCS+-SHAKE-128f-simple)
|
|
- TLS_MAX_SUPPORTED_SIGS - need to raise the variable because of adding more signature algorithms
|
|
- MAX_IBUFF_SIZE - need to raise the variable because of bigger size of certchain (SPHINCS+-SHAKE-128f-simple)
|
|
- TLS_X509_MAX_FIELD - need to raise the variable because of bigger size of certchain (SPHINCS+-SHAKE-128f-simple)
|
|
|
|
### Tested
|
|
|
|
- all KEM protocols and signature algorithms with OpenSSL native server and test.openquantumsafe.org server
|
|
|
|
- correct behaviour on Linux and Windows x64 platform
|
|
|
|
## 2024-02-29
|
|
### Changed
|
|
|
|
- same PQ curve for SPHINCS+-SHA2-128f-simple and SPHINCS+-SHAKE-128f-simple (same size)
|
|
- calling verification functions for both SPHINCS+-SHA2-128f-simple and SPHINCS+-SHAKE-128f-simple
|
|
|
|
### Removed
|
|
|
|
- sign and verify function for SPHINCS+-SHA2-192f-simple (return of wrong expiration date; bug?)
|
|
- removed all added changes associated with SPHINCS+-SHA2-192f-simple (ID, OID, curve, conditions)
|
|
|
|
## 2024-03-01
|
|
### Added
|
|
|
|
- *OQS_TEST_results.txt* with results of testing on test.openquantumsafe.org server
|
|
|
|
### Removed
|
|
|
|
- unused functions and variables for unsupported algorithms by liboqs or oqsprovider (unable to test them)
|
|
|
|
## 2024-03-03
|
|
### Added
|
|
|
|
- comments about changes of functions and variables
|
|
|
|
- comments on the beggining of every changed file
|
|
|
|
- readme with information about building and using the client, summary of all changes, details of testing
|
|
|
|
### Removed
|
|
|
|
- arduino conditions in files: tls_octads.h, tls_sockets.h, tls_logger.cpp, tls_octads.cpp, tls_sockets.cpp
|
|
|
|
- files for arduino - arduino/client.cpp, wifi.h
|
|
|
|
- removed unnecessery files: blogs, unused .xpp files
|
|
|
|
## 2024-03-03
|
|
### Changed
|
|
|
|
- *OQS_randombytes()* used as seed for original miracl rng
|
|
|
|
## 2024-03-04
|
|
### Added
|
|
|
|
- .exe file for Windows x64 generated with CMake 'MinGW file' instead 'Unix MakeFile'
|
|
|
|
- miracl core folders for Windows x64, Windows x86 and Linux Ubuntu 22.04 in sal folder
|
|
|
|
- readme in sal folder with guideline for generating miracl core files
|
|
|
|
- permanent library linking *-lws2_32* in CMakeLists.txt for Windows compatibility (remove in case of Linux platform)
|
|
|
|
### Removed
|
|
|
|
- unused conditions and variables from CMakeLists.txt
|
|
|
|
## 2024-04-14
|
|
### Added
|
|
|
|
- IDs for ML-KEM and ML-DSA
|
|
|
|
- functions for key generating for ml-kem512, ml-kem768, ml-kem1024
|
|
|
|
- decapsulation functions for ml-kem512, ml-kem768, ml-kem1024
|
|
|
|
- object IDs for ML-KEM and ML-DSA
|
|
|
|
- signing functions for PQ signature algorithms ml-dsa44, ml-dsa65, ml-dsa87; calling them in *void SAL_tlsSignature()*
|
|
|
|
- listing of ML-KEMs and ML-DSAs in tls_logger.cpp and client.cpp
|
|
|
|
- conditions for certificate verification for ml-dsa44, ml-dsa65, ml-dsa87 in tls_cert_chain.cpp
|
|
|
|
- functions for public and private key from PQ certificates, setting PQ curve for further processing
|
|
|
|
- new PQ curve to distinguish SPHINCS+-SHA2-128f-simple and SPHINCS+-SHAKE-128f-simple
|
|
|
|
### Changed
|
|
|
|
- IDs for HQC and Falcon algorithms according to https://github.com/open-quantum-safe/oqs-provider/releases/tag/0.6.0
|
|
|
|
- PQ curves for all PQ signature schemes
|
|
|
|
## 2024-04-15
|
|
### Added
|
|
|
|
- *OQS_TEST_results2.txt* with results of testing on test.openquantumsafe.org server with new
|
|
|
|
## 2024-04-18
|
|
### Added
|
|
|
|
- RDTSC instruction for time measuring of signature verification
|
|
- condition in function *SAL_initLib()* for correct compilation without PQ settings |