To download and unpack the latest version of libmceliece:
wget -m https://lib.mceliece.org/libmceliece-latest-version.txt
version=$(cat lib.mceliece.org/libmceliece-latest-version.txt)
wget -m https://lib.mceliece.org/libmceliece-$version.tar.gz
tar -xzf lib.mceliece.org/libmceliece-$version.tar.gz
cd libmceliece-$version
Archives and changelog (reverse chronological)
libmceliece-20240726.tar.gz browse
Add mceliece-fulltest script, and designate passing mceliece-fulltest as required for support.
Make --valgrind default, and designate disabling it as unsupported.
Split off doc/test.md.
Update to latest inttypes from SUPERCOP.
Use inttypes more in pk_gen.c.
Move comments to the top in encrypt.c.
Rename --no as --no-.
Rename ALIGN as CRYPTO_ALIGN.
Document more subroutines in doc/internals.md.
libmceliece-20240513.tar.gz browse
Support valgrind in mceliece-test,
with help from configure.
(Subsequent plans:
use variable-length malloc
for variable-length functions.)
Cover shared directories for checkinsns and checknamespace.
Sort ofiles for reproducibility.
Thanks to Jan Mojzis for the suggestion.
Hide more symbols in .so.
MacOS X port:
dylib;
deal with s and S in checknamespace;
use -flat_namespace so mceliece-test can substitute randombytes.
(Infrastructure copied from lib25519.)
Support empty compiler lists. (Infrastructure copied from lib25519.)
For compatibility with musl etc.,
support constructor as an alternative to ifunc for dispatch.
Select constructor automatically if an ifunc compile-time test fails,
or if --notryifunc is passed to ./configure.
(Infrastructure copied from lib25519.)
Add note.GNU-stack to assembly.
Recognize sun4v as sparc64.
Port to CPUs that do not allow unaligned access.
Revamp inttypes support.
Make more use of the inttypes functions.
Factor crypto_xof/bitwrite16
out of */encrypt.c,
and add new bitwrite16 implementations.
Also support nooverlap option in mceliece-test,
and increase maxtest for xof to 16384.
Switch avx/encrypt.c
from syndrome_asm to new xor_mat_vec256.
Add support functions such as
vec256_8x_shr.
Factor crypto_sort_int16
out of vec/encrypt.c.
(Subsequent plans:
add faster crypto_sort/int16 implementations,
and switch avx/encrypt.c from int32 to int16.)
Factor crypto_sort_int64
out of pk_gen.c.
Use crypto_sort_int32 directly without the int32_sort renaming.
Split vec128_gf.h and vec256_gf.h
out of vec128.h and vec256.h.
Distinguish vec_mul_gf
from vec_mul_gf_using_64
to allow more .h merging across sizes.
In autogen/speed,
allocate only mceliece_kem_BYTES for T
rather than mceliece_kem_CIPHERTEXTBYTES.
Switch speed measurements from medians to interquartile means.
Add page with examples of current speeds.
Add auto-generation warnings
for mceliece*.c.
Add manual pages for mceliece-test and mceliece-speed.
Improve readability of code blocks in HTML.
Remove unused KAT code segments.
Remove unused bitrev.
Remove unused perm_check.
Thanks to Simon Josefsson for the suggestion.
More explicitly initialize pivots
to silence an incorrect compiler warning.
Thanks to Simon Josefsson for the suggestion.
libmceliece-20230612.tar.gz browse
In */avx/pk_gen.c,
use merge exchange in sort_rows()
and slightly reduce the number of lines of minmax_rows().
Rename encrypt() as pke_encrypt(),
to more portably avoid name collision with POSIX encrypt().
Add more 0-initialization in the to_bitslicing functions.
This doesn't help a full correctness proof,
but it does make it easier to see that undefined data is not used.
Thanks to Thom Wiggers for the suggestion.
For MacOS portability,
move #include "encrypt.h" after other inclusions,
and change .hidden to .private_extern (via a new ASM_HIDDEN)
if __APPLE__ is defined.
Thanks to Thom Wiggers for the suggestions.
Specify 32-byte alignment for some arrays passed to .S files
in the avx implementations.
The .S files use movdqu instead of movdqa,
so they don't need alignment,
but the alignment could avoid warnings
from a compiler that checks for potentially inadequate alignment.
Thanks to Thom Wiggers for the suggestion.
Remove an unused pointer increment at the end of benes.c.
Thanks to Thom Wiggers for the suggestion.
Add various linker lines in .c files and .S files;
split operations.c into kem_{keypair,enc,dec}.c and wrap_{keypair,enc,dec}.c;
and split big constant arrays from fft.c, fft_tr.c
into separate shared-*.c files.
The linker lines trigger an infrastructure mechanism
to unify compiled code across implementations,
reducing .so size;
the splits improve the effectiveness of this mechanism,
and reduce the amount of code linked
into programs that use only one or two of {keypair,enc,dec}.
Further changes to the infrastructure may remove the need for wrap*.c.
Add const to prototypes for input pointers for some functions.
More can be done here.
Change prototypes from * and [] to, e.g., [GFBITS]
when necessary to eliminate compiler warnings.
Move gf_mul2 to crypto_kem/6688128/avx/gf.h from gf.c.
Consistently define nBlocksI as a macro rather than a const.
This is a step towards portability to compilers that fail to support C99.
Extend information in architectures files.
This supports libmceliece's run-time selection of implementations.
Switch from CRYPTO_NAMESPACE to CRYPTO_SHARED_NAMESPACE
for symbols defined in .S files.
Rename crypto_hash.h as hash.h,
and rewrite hash.h as a wrapper around crypto_xof_shake256().
Switch keypair return value to void.
Remove namespacing files, goal-* files, and api.h.
Rename kem/mceliece* as kem/*.
Starting point:
vec and avx implementations
from official round-4 software release
(in supercop-20221025),
plus crypto_sort/int32
and crypto_xof/shake256,
plus infrastructure based on lib25519 infrastructure.
Version: This is version 2024.07.26 of the "Download" web page.