Prepare v0.9.0 release #5
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964214c1a165e0d31b785245d724d12e36f
Corrects a typo in the changelog section header related to libcrux algorithm registration. No code changes. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964f799ac84781b8f0e32def364f8a1da37
Using `+dev` instead of `-dev` means that we are appending build-metadata suffix, rather than a pre-release. The former does not break semver checks in cargo, whcih means that in workspaces we can patch to use a local path. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964c850072241353e6e19294498e7a0b8f3
Clarify decoder return values by introducing `STOP_DECODING_PROCESS` and `CONTINUE_DECODING_PROCESS` constants, replacing the previous `ERROR_RET`. Now, non-authoritative parse errors return `CONTINUE_DECODING_PROCESS` instead of `STOP_DECODING_PROCESS`, allowing fallback to other decoders. This fixes a bug where only the first decoder was tried. Also standardizes error handling and logging across decoders in the pqclean, rustcrypto, and slhdsa_c adapters. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964bf900edaa5776b0c15eaaa7a250cdd75
Changed `NAME` to use "mldsa{65,44}_ed25519" and `LONG_NAME` to use
"id-MLDSA{44,65}-Ed25519-SHA512" in the pqclean adapter for
MLDSA65_Ed25519 and MLDSA44_Ed25519.
This is to improve consistency with oqs-provider naming conventions.
BREAKING_CHANGE: when configuring enabled tls sigalgs, after this change users must use
`mldsa{65,44}_ed25519` instead of `id-MLDSA{44,65}-Ed25519-SHA512`.
Due to this breaking change for our users, we bump the aurora version to
0.9.0+dev.
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com>
Change-Id: I6a6a6964bcb22f68896423572f73883dd9d016d7
…_selection_fn!() invocations Bumps the openssl_provider_forge dependency to 0.9.0 with the updated transcoders::make_does_selection_fn!() definition. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69640051fbfe75592102072a097c855f61d0
This commit replaces all usages of the `OpenSSLProvider` type with `ProviderInstance` across the codebase. The change affects struct definitions, function signatures, trait implementations, and macro invocations. The update improves naming clarity for the provider context abstraction. No functional changes are introduced. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69643a8ab246d47b7f75fffa9d5373218027
Simplifies trace macro usage by removing unnecessary formatting braces in log messages within `gettable_params` and related functions. This improves code clarity and maintains consistent logging style. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69646e221bae07a0bbe9614245ad66c29b5d
- Make adapter modules and initialization in `src/adapters.rs` feature-gated - Add new features in Cargo.toml for fine-grained adapter/test control - Make dependencies optional and grouped by adapter in Cargo.toml - Use #[cfg(feature = "...")] for test structs and macro invocations - Refactor test macros to allow conditional test generation - Add #[allow(unused_macros)] and #[allow(dead_code)] where appropriate Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69644e3474906e74276ee760f58fafa6bb5c
The `openssl_aurora_list_all_algorithms` test is now ignored because the regex used only captures encoders/decoders, making the test incomplete or misleading in its current form. This change ensures test runs are not blocked by this limitation. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69646785337027be3eadfc34609f7c995a46
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964b83d19b5ce133deb028fe21a124156ba
Introduce macro-based unit tests to verify OID consistency across signature algorithm adapters. This ensures that OID, OID_PKCS8, and SIGALG_OID values remain synchronized and correct. Tests are added to all relevant adapter modules. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69644854e3d9d39c967b18295c7efac03467
Replaces fragile symlink-based module inclusion with Rust's #[path] attribute for signature and signature_functions modules in all affected adapters. Removes redundant signature.rs and signature_functions.rs files, reducing duplication and improving maintainability. This change affects MLDSA44, MLDSA44_Ed25519, MLDSA65, MLDSA65_Ed25519, MLDSA87, SLHDSASHAKE128f, SLHDSASHAKE192f, SLHDSASHAKE256s, and related adapters. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69643e9457470c76bc2bbd1d1ef0bab0880f
…n + verify functions
…l OIDs AFAIK the OIDs have changed but the sign and verify algorithms haven't, so we can still use the same keymgmt module.
Move feature-dependent OID and related constants for MLDSA44_Ed25519 and MLDSA65_Ed25519 into dedicated modules. This reduces repetition and improves maintainability. Ensures all OID values are grouped and exported per feature, with clear documentation and consistent naming. No functional change, just reordering stuff around Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964de761692ea3abfeb060fcafdf6c54d77
Switched the default feature from `_composite_sigs_draft_12` to `_composite_sigs_draft_12_postWGLC` in Cargo.toml. This enables the post-WGLC composite signatures by default for builds. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69640893def043973b385899d2ef7c8695c1
Add a directive in build.rs to rerun the build script whenever the FORCE_REBUILD environment variable changes. This ensures that builds are properly refreshed when this variable is updated. For example one could run `FORCE_REBUILD="$(date +%s)" cargo build` to force rebuilding aurora (without having to clean all the dependencies) Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69642c6f1207843df45a541b28c23f7b8e10
Update Cargo.toml to set version to 0.9.0-rc1. Refactor the Cargo.toml features for clarity, including ntoes on "private/experimental" features (prefixed with `_`). Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a696492dfc7bb4b97019381a53b4b36505380
Made an edit pass across the repo to ensure that we consistently use links like: `https://datatracker.ietf.org/doc/html/draft-ietf-tls-mldsa-01#name-ml-dsa-signaturescheme-valu` rather than `https://www.ietf.org/archive/id/draft-ietf-tls-mldsa-01.html#name-ml-dsa-signaturescheme-valu` It's a nit, but with the former: - it is easier to navigate, - compare to other versions, and also - it has quick links to the datatracker page to check if there are updates. The rationale should apply every time we refer to drafts on ietf datatracker, does not matter if it is a comment in the code or a markdown documentation file. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a696463b4a09a8ffcac314d900ec31ee6cd61
Co-authored-by: Akif Mehmood <akif.mehmood@tuni.fi> Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a696435d3f324b80357f835319aea95e1dd4a
…S group capability Add documentation notes to the X25519Kyber768Draft00 TLS group indicating that it used a pre-standards version of Kyber768 and was obsoleted by draft-kwiatkowski-tls-ecdhe-mlkem-03. This clarifies the status of the group for future reference. Co-authored-by: Akif Mehmood <akif.mehmood@tuni.fi> Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I738fcc7fe0b920e7681dbbae050d123f6a6a6964
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964cb6fc92cdfdebb23435fe45ca7fda0da
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69641f8d4b6fd15106188c63e522ad6214c8
romen
force-pushed
the
nt/relprep/0.9.0
branch
from
d6617db to
d9ff450
Compare
Remove all vestiges of the disabled SLHDSASHAKE192f and SLHDSASHAKE256s algorithms from the rustcrypto adapter. This remove all the related module files. No associated code remains for these parameter sets within the rustcrypto adapter, which, effectively, only supports SLH-DSA-SHAKE-128f. Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a6964d33b7e7a359f09aa46dc03ab4c45c273
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69644779e234c673434e1d039c5fe48946e2
Signed-off-by: Nicola Tuveri <nic.tuv@gmail.com> Change-Id: I6a6a69640f5fd13f98cde190065c649f7ab74bc3
romen
force-pushed
the
nt/relprep/0.9.0
branch
from
d9ff450 to
71f6865
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.