Native ML-KEM768 implementation

for cryptographic backends that do not have support for ML-KEM (old OpenSSL and Gcrypt; MbedTLS). Based on the libcrux implementation used in OpenSSH, taken from this revision: https://github.com/openssh/openssh-portable/blob/6aba700/libcrux_mlkem768_sha3.h But refactored to separate C and header file to support testing and removed unused functions (to make compiler happy). Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Pavol Žáčik <pzacik@redhat.com>
2026-02-12 03:00:26 +09:00 · 2025-12-19 12:00:41 +01:00
parent 9780fa2f01
commit 34db488e4d
27 changed files with 9569 additions and 91 deletions
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -282,7 +282,7 @@ static void torture_options_get_key_exchange(void **state)
                            "diffie-hellman-group16-sha512,"
                            "diffie-hellman-group18-sha512");
    } else {
-#ifdef HAVE_MLKEM
+#ifdef HAVE_MLKEM1024
        assert_string_equal(value,
                            "mlkem768x25519-sha256,"
                            "mlkem768nistp256-sha256,"
@@ -296,6 +296,8 @@ static void torture_options_get_key_exchange(void **state)
                            "diffie-hellman-group14-sha256");
 #else
        assert_string_equal(value,
+                            "mlkem768x25519-sha256,"
+                            "mlkem768nistp256-sha256,"
                            "sntrup761x25519-sha512,"
                            "sntrup761x25519-sha512@openssh.com,"
                            "curve25519-sha256,curve25519-sha256@libssh.org,"