summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/mlkem (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Fix buffer size in MLKEM1024_marshal_public_key()kenjiro2025-05-211-2/+2
| | | | | | | Initialize the output buffer with MLKEM1024_PUBLIC_KEY_BYTES instead of MLKEM768_PUBLIC_KEY_BYTES. ok tb@
* Make MLKEM1024_marshal_private_key consistent with the public_key funcitonsbeck2025-05-202-27/+44
| | | | | | | | Even though this should remain internal, make it the same as the public key marshal function, and make the needed fallout changes in regress. ok kenjiro@, tb@
* Whitespace nits from tbbeck2025-05-201-1/+4
| | | | ok tb@
* Fix up MLKEM768_marshal_private_key to not use a passed in CBBbeck2025-05-192-27/+43
| | | | | | | | | | | | Even though this should remain internal, make it the same as the public key marshal function, and make the needed fallout changes in regress. This does not yet do the bikeshed of renaming the structure field in the regress ctx, that will wait until a follow on to convert 1024 in a similar manner ok tb@
* Remove the boringssl if || ideom from mlkembeck2025-05-192-34/+46
| | | | ok jsing@, joshua@
* API changes for ML-KEMbeck2025-05-194-78/+126
| | | | | | | | | - Get rid of CBB/CBS usage in public api - Make void functions return int that can fail if malloc fails. Along with some fallout and resulting bikeshedding in the regress tests. ok jsing@, tb@
* CTASSERT that internal pub/priv keys match the sizes exposed in mlkem.htb2025-05-032-2/+10
| | | | | | | This will need reworking (especially deduplicating) anyway, but it doesn't hurt now. From Kenjiro Nakayama
* typos: us -> is, te -> the (twice)tb2025-03-281-3/+3
|
* Fix typo: multipy -> multiplytb2025-01-032-18/+18
| | | | | Reflow the comment to avoid some very unfortunate line wraps. "Note that" is like "literally" a bunch of generally useless noise and best omitted.
* Do not assume mlkem.h and bytestring.h are public in libcryptotb2024-12-194-14/+8
| | | | | | | As long as is not quite clear what we want to do about the public API aspect of MLKEM, keep things internal for now. discussed with beck and jsing
* mlkem: fix whitespacetb2024-12-182-4/+6
|
* Avoid a reduce once that can cause Clang misoptomization.beck2024-12-172-22/+54
| | | | | | | | Some versions of Clang compile this to non-constant time code. The fix is adapted from boring. For full details see: https://boringssl-review.googlesource.com/c/boringssl/+/74447 ok tb@
* Plug two memory leaks in MLKEM*_generate_key_external_entropy()tb2024-12-172-2/+6
| | | | | | | This needs more thinking. These are void functions that allocate... Left an XXX for now. From Kenjiro Nakayama
* mlkem: clean up top matter in headerstb2024-12-172-8/+14
|
* Add ML-KEM 1024 from BoringSSLbeck2024-12-133-0/+1279
| | | | | | | | | | | | | | | Changes include conversion from C++, basic KNF, then adaptation to use our sha3 functions for sha3 and shake instead of the BorinSSL version. This Adds units tests to run against BoringSSL and NIST test vectors. The future public API is the same as Boring's - but is not yet exposed pending making bytestring.h public (which will happen separately) and a minor bump Currently this will just ensure we build and run regress. ok tb@ to get it into the tree and massage from there.
* KNF nit tb wanted me to fixbeck2024-12-131-2/+4
|
* Add ML-KEM 768 from BoringSSLbeck2024-12-133-0/+1364
Changes include conversion from C++, basic KNF, then adaptation to use our sha3 functions for sha3 and shake instead of the BorinSSL version. This Adds units tests to run against BoringSSL and NIST test vectors. The future public API is the same as Boring's - but is not yet exposed pending making bytesring.h public (which will happen separately) and a minor bump Currently this will just ensure we build and run regress. ok tb@ to get it into the tree and massage from there.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-08 07:34:28 +0000