Skip to content

0.7.0-rc1

Pre-release
Pre-release
Compare
Choose a tag to compare
@praveksharma praveksharma released this 07 Oct 18:34

oqs-provider 0.7.0 release candidate 1

About

The Open Quantum Safe (OQS) project has the goal of developing and prototyping quantum-resistant cryptography. More information on OQS can be found on the website: https://openquantumsafe.org/ and on Github at https://github.com/open-quantum-safe/.

oqs-provider is a standalone OpenSSL 3 provider enabling liboqs-based quantum-safe and hybrid key exchange for TLS 1.3, as well as quantum-safe and hybrid X.509 certificate generation, CMS, CMP and dgst (signature) operations.

When deployed, the oqs-provider binary (shared library) thus adds support for quantum-safe cryptographic operations to any standard OpenSSL(v3) installation. The ultimate goal is that all openssl functionality shall be PQC-enabled.

In general, the oqs-provider main branch is meant to be usable in conjunction with the main branch of liboqs and the master branch of OpenSSL.

Further details on building, testing and use can be found in README.md. See in particular limitations on intended use.

Release notes

This is release candidate 1 of version 0.7.0 of oqs-provider which continues from the earlier 0.6.1 release. This release is fully tested to be used in conjunction with the main branch of liboqs and is guaranteed to be in sync with v0.11.0 of liboqs.

Errata

This release candidate was updated on October 10, 2024 after being first published on October 07, 2024. Prior to being updated the release notes heading incorrectly reported the release candidate version number to be 0.7.1 release candidate 1; this error was limited to oqs-provider 0.7.0 release candidate 1 release notes and did not affect any oqs-provider functionality.

Security considerations

None.

What's New

In addition to updating documentation, improving the CI, and fixing issues uncovered by compiler warnings and static analysis, this release of oqs-provider:

What's Changed

  • Point CI back to liboqs main by @SWilson4 in #431
  • Fix a typo in NOTES-Windows.md by @qnfm in #436
  • Fix #439: install the static library under $PREFIX/lib. by @thb-sb in #441
  • Fix #440: disable tests and examples using BUILD_TESTING. by @thb-sb in #442
  • Add MAYO by @bhess in #413
  • update the composite to draft-ietf-lamps-pq-composite-sigs-02 by @feventura in #454
  • Update codeowners by @baentsch in #458
  • Remove external encoding lib by @baentsch in #460
  • update coding style and test facilities by @baentsch in #477
  • Fix various warnings. by @ashman-p in #480
  • A note about key encapsulation/decapsulation support in OpenSSL by @beldmit in #486
  • Force liboqs as a debian package dependency requirement only if it is not a static linked library. by @fwh-dc in #493
  • openssl and contribution documentation updates [skip ci] by @baentsch in #499
  • Adds note on supported openssl versions for tls certificates. by @fwh-dc in #498
  • add support for the CMAKE_PARAMS environment variable by @jschauma in #510
  • update MLKEM code points by @baentsch in #511
  • Actionlint workflow checking by @jplomas in #516
  • add explicit usage warning [skip ci] by @baentsch in #515
  • Address some Static Analysis Issues #519 by @ashman-p in #521
  • Only overwrite default library prefix for module library type build. by @fwh-dc in #525
  • Add build option to toggle libjade implementations in liboqs by @praveksharma in #529
  • Reverse TLS hybrid keyshares for x25519/x448-mlkem hybrids by @bhess in #524
  • Rebase and add CROSS by @praveksharma in #530
  • Remove unmanaged KEM OIDs by @baentsch in #522
  • Use more future-proof hash for signature by @beldmit in #532

New Contributors

Full Changelog: 0.6.1...0.7.0-rc1