v1.5.26

Release Summary

• Adds async public key support: s2n_pkey_verify() can be performed asynchronously through the async offloading callback.
• Add new s2n_connection_get_signature_scheme method to retrieve the IANA description of the server signature scheme

What's Changed

• chore(nix): Move nix integ jobs to ec2 fleets by @dougch in #5461
• chore: Adds build file to get new codebuild project running in CI by @maddeleine in #5476
• build(deps): bump the all-gha-updates group across 1 directory with 3 updates by @dependabot[bot] in #5479
• chore(nix): switch to nixpkgs libressl by @dougch in #5467
• chore(release): release s2n-tls v0.3.25 by @boquan-fang in #5486
• ci: tweak ruff ci failure message by @lrstewart in #5485
• refactor: signature scheme name adjustment by @lrstewart in #5472
• feat: add method to get signature scheme name by @lrstewart in #5471
• Fix HKDF on big-endian by @sertonix in #5478
• refactor(tls-harness): avoid implicit shutdown of ossl connection by @jmayclin in #5474
• fix: no server signature scheme expected with rsa kex by @lrstewart in #5481
• feat: add pure mlkem_1024 definition by @johubertj in #5468
• feat(integration): add utilities for capability assertions by @jmayclin in #5475
• build(deps): bump nixbuild/nix-quick-install-action from 32 to 33 in /.github/workflows in the all-gha-updates group by @dependabot[bot] in #5487
• feat: 'latest' option for strict policy by @lrstewart in #5488
• chore: pin to older pytest-rerunfailures by @dougch in #5494
• refactor: move new default policies to separate file by @lrstewart in #5492
• feat: basic security policy builder interface by @lrstewart in #5493
• chore: bump instance size for Valgrind by @dougch in #5500
• chore(nix): Flip awslc to upstream flake. by @dougch in #5317
• ci: only use git fetch for nix jobs by @jmayclin in #5506
• feat: add async public key support by @CarolYeh910 in #5473

New Contributors

• @sertonix made their first contribution in #5478

Full Changelog: v1.5.25...v1.5.26