ยซ Changelog History


orion v0.15.0 Release Notes

Release Date: 2020-02-25 // about 4 years ago

  • Date: February 25, 2020.

    ๐Ÿ”„ Changelog:

    • [Breaking change] secure_cmp and all verification functions now return Result<(), UnknownCryptoError> instead of Result<bool, UnknownCryptoError> (#97).
    • [Breaking change] HChaCha20 is no longer public.
    • 0๏ธโƒฃ [Breaking change] The default size of a randomly generated secret key in hazardous::hash::blake2b is now 32 bytes instead of 64 bytes (#88).
    • [Breaking change] orion::auth now uses BLAKE2b in keyed-mode as MAC (#88, by Vince Mutolo).
    • [Breaking change] The public API for structs used with incremental processing has been changed (#106 and #87).
    • ๐Ÿ‘ [Breaking change] Support for Argon2i(single-threaded) has been added. This is now used in the orion::kdf and orion::pwhash modules (#113).
    • [Breaking change] chacha20::keystream_block is no longer available.
    • [Breaking change] Uses of (X)ChaCha20Poly1305 will return an error if a usize to u64 conversion would be lossy.
    • [Breaking change] orion is now no_std-compatible on stable Rust and the no_std and nightly features have been removed (#111).
    • libsodium-compatible, streaming AEAD based on XChaCha20Poly1305 (libsodiums "secretstream") (#99 and #108, by snsmac).
    • Switch to Criterion for benchmarks.
    • โž• Add contribution guidelines in CONTRIBUTING.md.
    • ๐Ÿšš Move the changelog to a CHANGELOG.md file.
    • โž• Add test vectors to XChaCha20.
    • ๐Ÿ‘Œ Improvements to secure_cmp (#93, by snsmac)
    • โž• Add explicit security warnings to #[must_use] public APIs that return a Result (#95, by Cole Lawrence)
    • โœ… Cleanup in the orion-dudect tests and add tests for newtype PartialEq<&[u8]> impl.
    • โœ‚ Remove hardcoded docs.rs links in the documentation (#100, by Kyle Schreiber).
    • Previously, the documentation for util::secure_rand_bytes stated that a panic would occur if the function failed to generate random bytes without throwing an error, which was not the case. This has been corrected.
    • โž• Add Blake2b::verify to fuzzing targets.
    • ๐Ÿ orion-dudect now also tests for constant-time execution in CI on OSX and Windows platforms.
    • โœ… Testing constant-time execution with WASM at orion-sidefuzz.
    • ๐Ÿ†• New testing framework which has greatly reduced the amount of duplicate testing code (#96).
    • โœ… Document and test MSRV (#104).
    • orion is now listed as an alternative to the old rust-crypto crate on RustSec.
    • ๐Ÿ‘ UnknownCryptoError now implements std::error::Error for better interoperability with error-handling crates.
    • โž• Added new test vectors from Wycheproof for ChaCha20Poly1305, XChaCha20Poly1305, HMAC-SHA512 and HKDF-HMAC-SHA512 (#116).
    • ๐Ÿ— #![deny(warnings)] has been removed and replaced with flags in CI build jobs.
    • ๐Ÿ”’ GitHub actions are used for daily security audit for the crates-published branch. Travis CI runs only weekly on crates-published branch now (daily before).
    • โœ‚ Removed inlining attributes that did not provide any performance improvements when tested with benchmarks (commit).
    • ๐ŸŽ Various performance improvements.
    • Various improvements to fuzzing targets.
    • โœ… Various improvements to tests.