BBS:      TELESC.NET.BR
Assunto:  src/ssh/kex/libcrux_mlkem768_sha3.h mlkem768.c mlkem768.h mlkem768x255
De:       Deuc¨
Data:     Thu, 26 Mar 2026 03:45:38 -0700
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/2eea8a78fa3f28b81c861559
Added Files:
	src/ssh/kex/libcrux_mlkem768_sha3.h mlkem768.c mlkem768.h mlkem768x25519-sha256.c
Modified Files:
	src/ssh/CMakeLists.txt client.c deucessh-algorithms.h src/ssh/test/CMakeLists.txt test_alloc.c test_auth.c test_conn.c test_dhgex_provider.h test_selftest.c test_transport.c
Log Message:
Implement mlkem768x25519-sha256 post-quantum hybrid KEX

Adds mlkem768x25519-sha256 key exchange combining ML-KEM-768
(FIPS 203) with X25519, hashed with SHA-256. Supported in OpenSSH
since 9.9; verified interop against OpenSSH 9.9.

New files:
- kex/libcrux_mlkem768_sha3.h: ML-KEM-768 implementation from
  libcrux (Cryspen, MIT license). Self-contained with its own
  SHA-3/SHAKE. 23 -Wconversion casts fixed, stdbool.h added,
  KRML_HOST_EXIT changed from fatal_f to abort.
- kex/mlkem768.h, kex/mlkem768.c: thin wrappers providing a
  byte-array API with RAND_bytes for randomness. Public key
  validation via libcrux validate_public_key. Error propagation
  on RAND_bytes failure.
- kex/mlkem768x25519-sha256.c: KEX handler module following the
  sntrup761x25519-sha512 pattern. SHA-256 hash, string-encoded K.

Test matrix expanded from 6 to 8 variants (mlkem, mlkem_rsa).
4277 tests passing.

Co-Authored-By: Claude Opus 4.6 (1M context) 
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]