Skip to content

v0.6.0

Choose a tag to compare

View all tags
@MagicalTux MagicalTux released this 03 Jun 22:12
· 217 commits to master since this release
v0.6.0
023c1ac
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Added

  • enable ascon/lms/xmss by default

Fixed

  • fix CI: rustfmt build_subtree signature + sm2 rustdoc link errors

Other

  • retry serial lock on Windows delete-pending PermissionDenied
  • fix rustdoc intra-doc links broken by security-audit fixes
  • document no-policy verify on AnyPublicKey/CSR entry points (Finding 4)
  • hash full Name TLV + reject CA delegated responder (Findings 2, 3)
  • enforce inner/outer signatureAlgorithm consistency in verify (Finding 1)
  • validate GCM/CCM nonce length for AEAD parity
  • zeroize recovered plaintext in pc_sm2_decrypt
  • enforce RFC 8452 §6 input-length caps
  • guard AES-KWP unwrap against <16-byte ciphertext
  • silently drop per-packet AEAD failures (RFC 9000 §12.2)
  • stash digest of over-long HMAC key instead of asserting
  • zeroize secret k and v on drop
  • reject over-long Export + poison context after message limit
  • checked_mul the V-buffer size to avoid 32-bit overflow DoS
  • verify leaf hostname against server_name (auth bypass)
  • fail closed on multi-level HSS to stop LM-OTS key reuse
  • manual rotate to avoid non-inlined intrinsic in debug
  • cache built subtrees + PRF midstate so signing is O(h)
  • mark AnyPublicKey/CertSigner/CurveId/SigningKey non_exhaustive
  • document AEGIS/GMAC/SM4/Ascon/KBKDF/SM2/LMS/XMSS
  • declare new pc_* + CLI round-trip tests
  • wire SM2 and stateful LMS/XMSS signatures
  • wire SP 800-108 KBKDF + Ascon hashes/XOFs
  • wire AEGIS-128L/256, Ascon-AEAD128, and GMAC
  • reject SM2 curve keys in generic ECDSA sign/verify
  • add XMSS/XMSS^MT stateful hash-based signatures (RFC 8391)
  • add LMS/HSS stateful hash-based signatures (RFC 8554)
  • add Ascon-AEAD128 + Ascon-Hash256/XOF128/CXOF128 (NIST SP 800-232)
  • add SM2 curve + signature + encryption (GB/T 32918, RFC 8998)
  • add SP 800-108 KBKDF (counter + feedback, HMAC/CMAC PRF)
  • add SM4 (GB/T 32907 / RFC 8998)
  • add GMAC (NIST SP 800-38D)
  • add AEGIS-128L/256 (draft-irtf-cfrg-aegis-aead)
  • add ascon/lms/xmss feature gates + placeholder modules
  • gate AES-SIV behind alloc and CMAC Mac impl behind hash
  • document AES-CMAC/SIV/GCM-SIV/XChaCha20-Poly1305 and X448/Ed448
  • add Ed448 (SignatureScheme 0x0808) certificate auth
  • expose Ed448/X448
  • register Ed448/X448 (OID, SPKI, signature registry)
  • add curve448 backend + Ed448 (RFC 8032)
  • add X448 Diffie-Hellman (RFC 7748)
  • wire new AEADs into C ABI and enc verb
  • add XChaCha20-Poly1305 (draft-irtf-cfrg-xchacha-03)
  • add AES-GCM-SIV (RFC 8452)
  • add AES-SIV (RFC 5297)
  • add AES-CMAC (RFC 4493)

Added

  • (cipher) AES-CMAC (RFC 4493) — generic over the block cipher, also exposed as a Mac
  • (cipher) AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) nonce-misuse-resistant AEADs
  • (cipher) XChaCha20-Poly1305 (extended 24-byte nonce, draft-irtf-cfrg-xchacha-03)
  • (ec) X448 key agreement (RFC 7748) and Ed448 signatures (RFC 8032), with PKCS#8 DER/PEM
  • (x509,ec) Ed448 SPKI parsing, signature-registry + cert-chain verify, self-signed/CA issuance (id-Ed448 1.3.101.113)
  • (tls) Ed448 certificate authentication (TLS 1.3 SignatureScheme ed448 = 0x0808)
  • (ffi,cli) expose the new AEADs (enc, pc_aead_*), AES-CMAC (mac -alg cmac, pc_cmac), Ed448 (genpkey -alg ED448, pkeyutl, pc_ed448_*) and X448 (kex -alg X448, pc_x448)
  • (cipher) AEGIS-128L / AEGIS-256 (draft-irtf-cfrg-aegis-aead) and SM4 block cipher (GB/T 32907 / RFC 8998)
  • (cipher) GMAC (NIST SP 800-38D)
  • (ascon) Ascon (NIST SP 800-232): Ascon-AEAD128 + Ascon-Hash256 / Ascon-XOF128 / Ascon-CXOF128 — on by default
  • (kdf) SP 800-108 KBKDF in counter and feedback modes, with HMAC and AES-CMAC PRFs
  • (ec) SM2 signature (SM2DSA over SM3) + public-key encryption (GB/T 32918 / RFC 8998); sm2p256v1 curve, SPKI/cert-chain verify (id-sm2 1.2.156.10197.1.301, sm2sign-with-sm3 1.2.156.10197.1.501)
  • (lms) LMS / HSS stateful hash-based signatures (RFC 8554, NIST SP 800-208) — on by default
  • (xmss) XMSS / XMSS^MT stateful hash-based signatures (RFC 8391, NIST SP 800-208) — on by default
  • (ffi,cli) expose AEGIS / Ascon-AEAD / SM4 (enc), GMAC (mac -alg gmac, pc_gmac), KBKDF (kdf kbkdf, pc_kbkdf_*), Ascon hashes (hash, pc_ascon_xof/cxof), SM2 (genpkey -alg SM2, pkeyutl, pc_sm2_*), and LMS/XMSS (genpkey, pkeyutl with persist-after-sign, pc_lms_*/pc_xmss_*)
Assets 7
Loading