Changelog History
Page 2
-
v0.14.1 Changes
May 27, 2019Date: May 27, 2019.
๐ Changelog:
- โก๏ธ Update
zeroize
dependency. - ๐ Improvements to documentation.
- โก๏ธ Update
-
v0.14.0 Changes
May 04, 2019[Breaking change] Function
as_bytes()
for public newtypes are replaced withAsRef<>
trait implementations. This means allas_bytes()
calls need to be replaced withas_ref()
.[Breaking change] The
SecretKey
for BLAKE2b is longer padded with zeroes to the length of the blocksize. Thus, theSecretKey
no longer has aget_original_length()
function, but the same result will be represented by theget_length()
function instead.[Breaking change] All calls to
as_ref()
andunprotected_as_bytes()
return the newtypes data with what it was initialized, regardless of padding. (With the exception of HMAC)๐ป [Breaking change] All calls to
get_length()
return the length of the newtype with what is what initialized, regardless of padding. (With the exception of HMAC)[Breaking change] All newtypes that offer
generate()
now panic if the RNG fails to initialize of read from its source. This also means that newtypegenerate()
functions, that do not take in a size parameter, no longer return aResult
.๐ [Breaking change]
ValidationCryptoError
andFinalizationCryptoError
have been removed. Though this doesn't mean that there is less information available, see issue here.๐ [Breaking change] Support for cSHAKE256 has been dropped, also meaning orion no longer depends on tiny-keccak. 8% decrease in
unsafe
code in dependencies.๐ All fuzzing targets in
fuzz
that used libFuzzer have been deprecated in favor of those in orion-fuzz using honggfuzz-rs.๐ Improvements to fuzzing targets in orion-fuzz.
โ Automated testing in CI, for constant-time execution.
โ Added
From<[u8; C]>
trait implementations for C-length fixed-sized newtypes, so that the caller may avoid usingResult
when not working with slices.๐ [Breaking change] Module
hazardous::constants
has been removed and all types made private. Only a select number of constants have been re-exported in their respective modules. See here for more information.๐ It is now strictly advised agianst using orion in debug mode, for what is meant to be production use. Using
opt-level = 0
with orion, is also advised against. See security section.rand_os
has been replaced withgetrandom
.๐ Improvements to documentation examples as they no longer use
.unwrap()
but?
instead. -
v0.13.4 Changes
April 01, 2019Date: April 1, 2019.
๐ Changelog:
- ๐ Fix build for latest nightly.
-
v0.13.3 Changes
March 31, 2019Date: March 31, 2019.
๐ Changelog:
- โก๏ธ Updated
zeroize
to0.6.0
. - โ Added a small number of tests.
- ๐ Improvement to constant-time interfaces (#66).
- โก๏ธ Updated
-
v0.13.2 Changes
March 13, 2019Date: March 13, 2019.
๐ Changelog:
- PBKDF2 and BLAKE2b now panic on lengths exceeding (232-1) * 64 and 2*(264-1), respectively.
- ChaCha20 length constrictions are now equivalent to those of the RFC and panics on trying to process more than 232-1 keystream blocks.
- ๐ Documentation improvements.
- โ OpenSSL test vectors for BLAKE2b.
Note: Strictly speaking, the first two changes are breaking, but because of the unlikeliness that this has an effect on anybody, they were not marked as such.
-
v0.13.1 Changes
February 16, 2019 -
v0.13.0 Changes
February 10, 2019Date: February 10, 2019.
๐ Changelog:
- ๐ [Breaking change]:
orion::hazardous::hash::sha512
previously used the sameDigest
as BLAKE2b. This is no longer the case, making it impossible to specify a non fixed-length hash asDigest
with SHA512. - [Breaking change]:
HLEN
constant renamed toSHA512_OUTSIZE
andSHA2_BLOCKSIZE
constant renamed toSHA512_BLOCKSIZE
. - โ Added
POLY1305_OUTSIZE
constant. - ๐ Improved documentation for high-level
Password
,SecretKey
inhazardous
shmac
andblake2b
, as well asPassword
inpbkdf2
ofhazardous
. - โ Added AppVeyor builds and testing for Windows MSVC with Visual Studio 2017.
- ๐ [Breaking change]:
-
v0.12.6 Changes
February 08, 2019Date: February 8, 2019.
๐ Changelog:
- Switched to zeroize in favor of clear_on_drop, such that using orion on stable Rust no longer requires a C compiler.
- Fuzzing with honggfuzz-rs.
-
v0.12.5 Changes
Date: February 4, 2019.
๐ Changelog:
- ๐ Refactored HMAC and improved performance for PBKDF2 by ~50%.
- โ Removed
byteorder
dependency using instead the endianness conversion functions that came with Rust 1.32.
-
v0.12.4 Changes
Date: January 31, 2019.
๐ Changelog:
- ๐ Fixes a bug where hashing, with BLAKE2b, over 264-1 bytes of data would cause an overflowing addition on debug builds.
- ๐ Fixes a bug where hashing, with SHA512, over 264-1 bytes of data would not result in the counter being correctly incremented.
- โ Added property-based testing, using QuickCheck, to most of the library and improved testing for the library in general.
PartialEq
is now implemented fororion::kdf::Salt
andNonce
in bothchacha20
andxchacha20
.- โ Added
get_length()
forblake2b::Digest
. - โก๏ธ Updated fuzzing dependencies.