0.14.2

Changelog:

• Improved performance on all implementations, most notably: ~30% in ChaCha20/XChaCha20 and ~20% in ChaCha20Poly1305/XChaCha20Poly1305.
• Updated zeroize dependency.
• Testing WebAssembly (wasm32-unknown-unknown) support in CI.
• Improved documentation.

0.14.1

Changelog:

• Update zeroize dependency.
• Improvements to documentation.

0.14.0

• [Breaking change] Function as_bytes() for public newtypes are replaced with AsRef<> trait implementations. This means all as_bytes() calls need to be replaced with as_ref().

• [Breaking change] The SecretKey for BLAKE2b is longer padded with zeroes to the length of the blocksize. Thus, the SecretKey no longer has a get_original_length() function, but the same result will be represented by the get_length() function instead.

• [Breaking change] All calls to as_ref() and unprotected_as_bytes() return the newtypes data with what it was initialized, regardless of padding. (With the exception of HMAC)

• [Breaking change] All calls to get_length() return the length of the newtype with what is what initialized, regardless of padding. (With the exception of HMAC)

• [Breaking change] All newtypes that offer generate() now panic if the RNG fails to initialize of read from its source. This also means that newtype generate() functions, that do not take in a size parameter, no longer return a Result.

• [Breaking change] ValidationCryptoError and FinalizationCryptoError have been removed. Though this doesn't mean that there is less information available, see issue here.

• [Breaking change] Support for cSHAKE256 has been dropped, also meaning orion no longer depends on tiny-keccak. 8% decrease in unsafe code in dependencies.

• All fuzzing targets in fuzz that used libFuzzer have been deprecated in favor of those in orion-fuzz using honggfuzz-rs.

• Improvements to fuzzing targets in orion-fuzz.

• Automated testing in CI, for constant-time execution.

• Added From<[u8; C]> trait implementations for C-length fixed-sized newtypes, so that the caller may avoid using Result when not working with slices.

• [Breaking change] Module hazardous::constants has been removed and all types made private. Only a select number of constants have been re-exported in their respective modules. See here for more information.

• It is now strictly advised agianst using orion in debug mode, for what is meant to be production use. Using opt-level = 0 with orion, is also advised against. See security section.

• rand_os has been replaced with getrandom.

• Improvements to documentation examples as they no longer use .unwrap() but ? instead.

0.13.4

Changelog:

• Fix build for latest nightly.

0.13.3

Changelog:

• Updated zeroize to 0.6.0.
• Added a small number of tests.
• Improvement to constant-time interfaces (#66).

0.13.2

Changelog:

• PBKDF2 and BLAKE2b now panic on lengths exceeding (2^32-1) * 64 and 2*(2^64-1), respectively.
• ChaCha20 length constrictions are now equivalent to those of the RFC and panics on trying to process more than 2^32-1 keystream blocks.
• Documentation improvements.
• OpenSSL test vectors for BLAKE2b.

Note: Strictly speaking, the first two changes are breaking, but because of the unlikeliness that this has an effect on anybody, they were not marked as such.

0.13.1

Changelog:

• Documentation improvements (#60).

0.13.0

Changelog:

• [Breaking change]: orion::hazardous::hash::sha512 previously used the same Digest as BLAKE2b. This is no longer the case, making it impossible to specify a non fixed-length hash as Digest with SHA512.
• [Breaking change]: HLEN constant renamed to SHA512_OUTSIZE and SHA2_BLOCKSIZE constant renamed to SHA512_BLOCKSIZE.
• Added POLY1305_OUTSIZE constant.
• Improved documentation for high-level Password, SecretKey in hazardouss hmac and blake2b, as well as Password in pbkdf2 of hazardous.
• Added AppVeyor builds and testing for Windows MSVC with Visual Studio 2017.

0.12.6

Changelog:

• Switched to zeroize in favor of clear_on_drop, such that using orion on stable Rust no longer requires a C compiler.
• Fuzzing with honggfuzz-rs.

0.12.5

Changelog:

• Refactored HMAC and improved performance for PBKDF2 by ~50%.
• Removed byteorder dependency using instead the endianness conversion functions that came with Rust 1.32.