All Versions
41
Latest Version
Avg Release Cycle
36 days
Latest Release
845 days ago

Changelog History
Page 2

  • v0.14.1 Changes

    May 27, 2019

    Date: May 27, 2019.

    ๐Ÿ”„ Changelog:

    • โšก๏ธ Update zeroize dependency.
    • ๐Ÿ‘Œ Improvements to documentation.

  • v0.14.0 Changes

    May 04, 2019

    [Breaking change] Function as_bytes() for public newtypes are replaced with AsRef<> trait implementations. This means all as_bytes() calls need to be replaced with as_ref().

    [Breaking change] The SecretKey for BLAKE2b is longer padded with zeroes to the length of the blocksize. Thus, the SecretKey no longer has a get_original_length() function, but the same result will be represented by the get_length() function instead.

    [Breaking change] All calls to as_ref() and unprotected_as_bytes() return the newtypes data with what it was initialized, regardless of padding. (With the exception of HMAC)

    ๐Ÿ‘ป [Breaking change] All calls to get_length() return the length of the newtype with what is what initialized, regardless of padding. (With the exception of HMAC)

    [Breaking change] All newtypes that offer generate() now panic if the RNG fails to initialize of read from its source. This also means that newtype generate() functions, that do not take in a size parameter, no longer return a Result.

    ๐Ÿ‘€ [Breaking change] ValidationCryptoError and FinalizationCryptoError have been removed. Though this doesn't mean that there is less information available, see issue here.

    ๐Ÿ‘ [Breaking change] Support for cSHAKE256 has been dropped, also meaning orion no longer depends on tiny-keccak. 8% decrease in unsafe code in dependencies.

    ๐Ÿ—„ All fuzzing targets in fuzz that used libFuzzer have been deprecated in favor of those in orion-fuzz using honggfuzz-rs.

    ๐Ÿ‘Œ Improvements to fuzzing targets in orion-fuzz.

    โœ… Automated testing in CI, for constant-time execution.

    โž• Added From<[u8; C]> trait implementations for C-length fixed-sized newtypes, so that the caller may avoid using Result when not working with slices.

    ๐Ÿ‘€ [Breaking change] Module hazardous::constants has been removed and all types made private. Only a select number of constants have been re-exported in their respective modules. See here for more information.

    ๐Ÿš€ It is now strictly advised agianst using orion in debug mode, for what is meant to be production use. Using opt-level = 0 with orion, is also advised against. See security section.

    rand_os has been replaced with getrandom.

    ๐Ÿ‘Œ Improvements to documentation examples as they no longer use .unwrap() but ? instead.

  • v0.13.4 Changes

    April 01, 2019

    Date: April 1, 2019.

    ๐Ÿ”„ Changelog:

    • ๐Ÿ›  Fix build for latest nightly.

  • v0.13.3 Changes

    March 31, 2019

    Date: March 31, 2019.

    ๐Ÿ”„ Changelog:

    • โšก๏ธ Updated zeroize to 0.6.0.
    • โž• Added a small number of tests.
    • ๐Ÿ‘Œ Improvement to constant-time interfaces (#66).

  • v0.13.2 Changes

    March 13, 2019

    Date: March 13, 2019.

    ๐Ÿ”„ Changelog:

    • PBKDF2 and BLAKE2b now panic on lengths exceeding (232-1) * 64 and 2*(264-1), respectively.
    • ChaCha20 length constrictions are now equivalent to those of the RFC and panics on trying to process more than 232-1 keystream blocks.
    • ๐Ÿ“š Documentation improvements.
    • โœ… OpenSSL test vectors for BLAKE2b.

    Note: Strictly speaking, the first two changes are breaking, but because of the unlikeliness that this has an effect on anybody, they were not marked as such.

  • v0.13.1 Changes

    February 16, 2019

    Date: February 16, 2019.

    ๐Ÿ”„ Changelog:

    • ๐Ÿ“š Documentation improvements (#60).

  • v0.13.0 Changes

    February 10, 2019

    Date: February 10, 2019.

    ๐Ÿ”„ Changelog:

    • ๐Ÿ›  [Breaking change]: orion::hazardous::hash::sha512 previously used the same Digest as BLAKE2b. This is no longer the case, making it impossible to specify a non fixed-length hash as Digest with SHA512.
    • [Breaking change]: HLEN constant renamed to SHA512_OUTSIZE and SHA2_BLOCKSIZE constant renamed to SHA512_BLOCKSIZE.
    • โž• Added POLY1305_OUTSIZE constant.
    • ๐Ÿ‘Œ Improved documentation for high-level Password, SecretKey in hazardouss hmac and blake2b, as well as Password in pbkdf2 of hazardous.
    • โž• Added AppVeyor builds and testing for Windows MSVC with Visual Studio 2017.

  • v0.12.6 Changes

    February 08, 2019

    Date: February 8, 2019.

    ๐Ÿ”„ Changelog:

    • Switched to zeroize in favor of clear_on_drop, such that using orion on stable Rust no longer requires a C compiler.
    • Fuzzing with honggfuzz-rs.

  • v0.12.5 Changes

    Date: February 4, 2019.

    ๐Ÿ”„ Changelog:

    • ๐ŸŽ Refactored HMAC and improved performance for PBKDF2 by ~50%.
    • โœ‚ Removed byteorder dependency using instead the endianness conversion functions that came with Rust 1.32.

  • v0.12.4 Changes

    Date: January 31, 2019.

    ๐Ÿ”„ Changelog:

    • ๐Ÿ›  Fixes a bug where hashing, with BLAKE2b, over 264-1 bytes of data would cause an overflowing addition on debug builds.
    • ๐Ÿ›  Fixes a bug where hashing, with SHA512, over 264-1 bytes of data would not result in the counter being correctly incremented.
    • โž• Added property-based testing, using QuickCheck, to most of the library and improved testing for the library in general.
    • PartialEq is now implemented for orion::kdf::Salt and Nonce in both chacha20 and xchacha20.
    • โž• Added get_length() for blake2b::Digest.
    • โšก๏ธ Updated fuzzing dependencies.