orion v0.10.0 Release Notes
-
Date: November 23, 2018.
🔄 Changelog:
- 🆕 New types for secret keys, nonces, tags, etc. This greatly increases misuse-resistance, usability and safety. To read more about the types and how they are implemented, see the wiki section.
- 0️⃣
default
API has been dropped. All high-level functionality is now accessible through these interfaces:orion::aead
,orion::auth
,orion::kdf
andorion::pwhash
. - 0️⃣ AEAD interfaces in
hazardous
and in the high-level API (previouslydefault::encrypt
, etc.) have been renamed toseal
andopen
to reflect the authentication and hopefully increase familiarity. finalize_to_dst()
has been dropped for HMAC.- Adaption of the
#[must_use]
attribute. - 📚 Documentation improvements.
- HKDF and cSHAKE dropped from high-level API.
- High-level PBKDF2 now uses 64 byte salts and 64 byte password hashes and the iteration count has been made available for users to control.
- Argument
info
for HKDF andad
for AEADs are nowOption
. util::gen_rand_key
andutil::compare_ct
are nowutil::secure_rand_bytes
andutil::secure_cmp
.- 🚚 The password length enforcement in high-level PBKDF2 API has been removed.
- All other public types (eg.
CShake
,Hmac
andPoly1305
) now implementDebug
. - Using
clear_on_drop
to wipe memory in favor ofseckey
. - New features
nightly
andno_std
. To use orion in ano_std
context, some dependency specifications are needed. Refer to the README for these. - Major improvements to error propagation.