To download and unpack the latest version of libmceliece:
wget -m https://lib.mceliece.org/libmceliece-latest-version.txt
version=$(cat lib.mceliece.org/libmceliece-latest-version.txt)
wget -m https://lib.mceliece.org/libmceliece-$version.tar.gz
tar -xzf lib.mceliece.org/libmceliece-$version.tar.gz
cd libmceliece-$version
Archives and changelog (reverse chronological)
libmceliece-20240812.tar.gz
browse
Restructure gf
for simpler code:
gf.h
is now shared across all parameter sets;
each of the two field sizes has one gf_params.h
, one gf.c
, one gf_2m_mul.c
, and one gf_2m_mul2.c
;
each of the four extension-field sizes has one gf_2mt_mul.c
.
Support finer-grained command-line splits in mceliece-test
,
and use those for more parallelization inside mceliece-fulltest
.
Proactively rewrite many 1-bit data paths via cryptoint
.
Update to latest cryptoint
from SUPERCOP (renamed from inttypes
).
Fix comment on minmax_rows
.
Remove some unused #include
lines.
libmceliece-20240726.tar.gz
browse
Add mceliece-fulltest
script, and designate passing mceliece-fulltest
as required for support.
Make --valgrind
default, and designate disabling it as unsupported.
Split off doc/test.md
.
Update to latest inttypes
from SUPERCOP.
Use inttypes
more in pk_gen.c
.
Move comments to the top in encrypt.c
.
Rename --no
as --no-
.
Rename ALIGN
as CRYPTO_ALIGN
.
Document more subroutines in doc/internals.md
.
libmceliece-20240513.tar.gz
browse
Support valgrind
in mceliece-test
,
with help from configure
.
(Subsequent plans:
use variable-length malloc
for variable-length functions.)
Cover shared
directories for checkinsns
and checknamespace
.
Sort ofiles
for reproducibility.
Thanks to Jan Mojzis for the suggestion.
Hide more symbols in .so
.
MacOS X port:
dylib
;
deal with s
and S
in checknamespace
;
use -flat_namespace
so mceliece-test
can substitute randombytes
.
(Infrastructure copied from lib25519.)
Support empty compiler lists. (Infrastructure copied from lib25519.)
For compatibility with musl etc.,
support constructor
as an alternative to ifunc
for dispatch.
Select constructor
automatically if an ifunc
compile-time test fails,
or if --notryifunc
is passed to ./configure
.
(Infrastructure copied from lib25519.)
Add note.GNU-stack
to assembly.
Recognize sun4v
as sparc64
.
Port to CPUs that do not allow unaligned access.
Revamp inttypes
support.
Make more use of the inttypes
functions.
Factor crypto_xof/bitwrite16
out of */encrypt.c
,
and add new bitwrite16
implementations.
Also support nooverlap
option in mceliece-test
,
and increase maxtest
for xof
to 16384.
Switch avx/encrypt.c
from syndrome_asm
to new xor_mat_vec256
.
Add support functions such as
vec256_8x_shr
.
Factor crypto_sort_int16
out of vec/encrypt.c
.
(Subsequent plans:
add faster crypto_sort/int16
implementations,
and switch avx/encrypt.c
from int32
to int16
.)
Factor crypto_sort_int64
out of pk_gen.c
.
Use crypto_sort_int32
directly without the int32_sort
renaming.
Split vec128_gf.h
and vec256_gf.h
out of vec128.h
and vec256.h
.
Distinguish vec_mul_gf
from vec_mul_gf_using_64
to allow more .h
merging across sizes.
In autogen/speed
,
allocate only mceliece_kem_BYTES
for T
rather than mceliece_kem_CIPHERTEXTBYTES
.
Switch speed measurements from medians to interquartile means.
Add page with examples of current speeds.
Add auto-generation warnings
for mceliece*.c
.
Add manual pages for mceliece-test
and mceliece-speed
.
Improve readability of code blocks in HTML.
Remove unused KAT
code segments.
Remove unused bitrev
.
Remove unused perm_check
.
Thanks to Simon Josefsson for the suggestion.
More explicitly initialize pivots
to silence an incorrect compiler warning.
Thanks to Simon Josefsson for the suggestion.
libmceliece-20230612.tar.gz
browse
In */avx/pk_gen.c
,
use merge exchange in sort_rows()
and slightly reduce the number of lines of minmax_rows()
.
Rename encrypt()
as pke_encrypt()
,
to more portably avoid name collision with POSIX encrypt()
.
Add more 0-initialization in the to_bitslicing
functions.
This doesn't help a full correctness proof,
but it does make it easier to see that undefined data is not used.
Thanks to Thom Wiggers for the suggestion.
For MacOS portability,
move #include "encrypt.h"
after other inclusions,
and change .hidden
to .private_extern
(via a new ASM_HIDDEN
)
if __APPLE__
is defined.
Thanks to Thom Wiggers for the suggestions.
Specify 32-byte alignment for some arrays passed to .S
files
in the avx
implementations.
The .S
files use movdqu
instead of movdqa
,
so they don't need alignment,
but the alignment could avoid warnings
from a compiler that checks for potentially inadequate alignment.
Thanks to Thom Wiggers for the suggestion.
Remove an unused pointer increment at the end of benes.c
.
Thanks to Thom Wiggers for the suggestion.
Add various linker
lines in .c
files and .S
files;
split operations.c
into kem_{keypair,enc,dec}.c
and wrap_{keypair,enc,dec}.c
;
and split big constant arrays from fft.c
, fft_tr.c
into separate shared-*.c
files.
The linker
lines trigger an infrastructure mechanism
to unify compiled code across implementations,
reducing .so
size;
the splits improve the effectiveness of this mechanism,
and reduce the amount of code linked
into programs that use only one or two of {keypair,enc,dec}
.
Further changes to the infrastructure may remove the need for wrap*.c
.
Add const
to prototypes for input pointers for some functions.
More can be done here.
Change prototypes from *
and []
to, e.g., [GFBITS]
when necessary to eliminate compiler warnings.
Move gf_mul2
to crypto_kem/6688128/avx/gf.h
from gf.c
.
Consistently define nBlocksI
as a macro rather than a const.
This is a step towards portability to compilers that fail to support C99.
Extend information in architectures
files.
This supports libmceliece's run-time selection of implementations.
Switch from CRYPTO_NAMESPACE
to CRYPTO_SHARED_NAMESPACE
for symbols defined in .S
files.
Rename crypto_hash.h
as hash.h
,
and rewrite hash.h
as a wrapper around crypto_xof_shake256()
.
Switch keypair
return value to void
.
Remove namespacing
files, goal-*
files, and api.h
.
Rename kem/mceliece*
as kem/*
.
Starting point:
vec
and avx
implementations
from official round-4 software release
(in supercop-20221025
),
plus crypto_sort/int32
and crypto_xof/shake256
,
plus infrastructure based on lib25519 infrastructure.
Version: This is version 2024.08.12 of the "Download" web page.