All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to CalVer.
Nothing yet. :)
- Breaking: add ML-DSA and ML-KEM (3855df8e).
- Dilithium and Kyber are replaced by ML-DSA and ML-KEM respectively. This includes updating the reference implementation and the test vectors.
- The wrappers usage is simplified, adopting a similar approach to the
harness mode: the wrapper defines functions recognized by crypto-condor
such as
CC_MLKEM_512_encaps(), removing the need for passing parameters through the CLI, and thus allowing to test more than one set of parameters at a time. This change will be propagated to other primitives eventually. - Additionally, the language of the wrapper is inferred from the file extension.
- Now both primitives support the
outputmode (encapsulation for ML-KEM and signing for ML-DSA). - The protocols have been updated, particularly for ML-DSA, taking the signature and message separately instead of concatenated (the previous signed message).
- Method guides have not been updated yet.
- utils: add protobuf and parsing script templates (8df71abc, 33676c1b, fb43ae12)
- The protobuf template defines the common set of fields test vectors should have.
- The parsing script template serves as a base for writing the script, along with the function that generates a JSON file that defines which vectors are available depending on the parameter selected.
- The CONTRIBUTING page has been updated to use ML-KEM as an example of these new templates.
- common:
new_from_testmethod forTestInfo, which takes a test vector directly instead of unpacking its values. Relies on the new test vectors template (e256bf23).
- Typo in method guide template, which prevented the docs from building (dae27832).
- CLI: display help when running
testu01command without arguments (6920307f). - README: bump minimum Python version to 3.10 (abf1f822).
- The minimum supported version was already 3.10, this only updates the README.
- SHA: ensure key uniqueness for test results (e5bce86d).
- Test results of different algorithms (but not two implementations of the same algorithm) can be safely combined.
- docs: links to ANSSI documents (1d9b0a73).
- Test harness mode (eb8b73e4).
- New feature to test primitives from a shared library. Currently supports AES, SHA, SHAKE, Kyber, and Dilithium. For more information, read the docs
- Updated
cryptographyto 43.0.0 (c75811db).- This is potentially breaking as 43.0.0 drops supports for OpenSSL less than 1.1.1e and LibreSSL less than 3.8.
- Packaging of the C implementations of AES, Kyber, and Dilithium (dbe30575).
- Instead of compiling an executable, these implementations are compiled as shared libraries, used with CFFI. It should improve the performance without changing the user experience.
- AES: support for the
segment_sizeoption is removed (dbe30575).- Instead, it is directly inferred from the mode of operation used.
- ECDH: Wrong test attribute in Wycheproof test (#11, 83204324).
- common: Missing
importlib.metadataimport (a1b55d6f). - common: Small improvements to result display (d4cf7ea8).
- cli: --debug option to save debug data (#10, 8e4b295f).
- docs: Documentation for
common.Console(#9, 0d907ca1).
- common: Passing
NonetoConsole.process_resultsdoes not work as documented (#7, 3b6fef74).
- ECDSA:
test_signfails to verify signature when using thepre_hashedoption (#4, 6871c6e5, b1c1ddc5). - ECDSA: Verify test crashes when saving the results (#5, 1d7019df).
- Breaking: changed the usage of the AES and SHA wrappers.
- The C wrapper templates no longer come with a Makefile and are no longer compiled by crypto-condor. Instead, the user must compile the wrapper themselves.
- The names of the AES and SHA wrapper files are no longer hard-coded: now both the Python API and the CLI expect a filename pointing to a Python wrapper or a compiled C wrapper.
- Add support for Python 3.10.
- Fix long tracebacks on uncaught exceptions. This was because local variables were included, such as the entire list of current test vectors. Local variables are now omitted from tracebacks by default, but can be added back by increasing the verbosity.
- Changed the requirements for TestU01: no longer depends on a TeX Live
installation, just a C compiler that defaults to
/usr/bin/cc. - Fixed a bug with SHA wrappers that caused swapping until the program crashes.
- Add support for XDG_DATA_HOME and %LOCALAPPDATA% to choose where to store application data.
Small update to fix some issues.
- Fixed missing folders in the package, preventing Kyber and Dilithium from being installed.
- Fixed an error in the docs for the CLI quickstart,
get-wrapper/test wrapperexample. - Fixed a bug that resulted in an exception when saving debug data to a file.
- Added some debugging information when installing TestU01 by not capturing the subprocess output under some conditions such as using -vv (debug-level logging).
The first public release of crypto-condor!