0.12.4

Changelog:

• Fixes a bug where hashing, with BLAKE2b, over 2^64-1 bytes of data would cause an overflowing addition on debug builds.

• Fixes a bug where hashing, with SHA512, over 2^64-1 bytes of data would not result in the counter being correctly incremented.

• Added property-based testing, using QuickCheck, to most of the library and improved testing for the library in general.

• PartialEq is now implemented for orion::kdf::Salt and Nonce in both chacha20 and xchacha20.

• Added get_length() for blake2b::Digest.

• Updated fuzzing dependencies.

0.12.3

Changelog:

• Improved compilation time.
• Bugfix #50.
• Update byteorder and serde_json dependencies (fixes build-failures related to rand_core).

0.12.2

Changelog:

• Fix a bug that lead to panics when using out parameters, with seal()/open() in hazardous, with a length above a given point.

0.12.1

Changelog:

• Switched rand dependency out with rand_os.

0.12.0

Changelog:

• [Breaking change]: All high-level functions now return a Result.
• [Breaking change]: Password in pbkdf2, SecretKey and hmac() of hmac and extract() of hkdf in hazardous now return a Result.
• [Breaking change]: Limit all generate() taking a length parameter, and orion::kdf calls to a length of less than u32::max_value() as maximum.
• [Breaking change]: orion::kdf and orion::pwhash take a new Password parameter that is heap-allocated and returns a Result.
• Removed sha2 dependency and ring dev-dependency. sha2 has been replaced with orion's own SHA512 implementation.
• Added support for BLAKE2b and SHA512.
• Updated to Rust 2018 Edition.
• Better performance for HMAC, HKDF and PBKDF2.

Thanks to @gabelanglais for valuable feedback, especially on the API design.

0.11.2

Changelog:

• Bugfix: #46.
• Updated subtle dependency.

0.11.0

Changelog:

• Fix missing error propagation in v0.10.

0.10.0

Changelog:

• New types for secret keys, nonces, tags, etc. This greatly increases misuse-reisstance, usability and safety. To read more about the types and how they are implemented, see the wiki section.

• default API has been dropped. All high-level functionality is now accessible through these interfaces: orion::aead, orion::auth, orion::kdf and orion::pwhash.

• AEAD interfaces in hazardous and in the high-level API (previously default::encrypt, etc.) have been renamed to seal and open to reflect the authentication and hopefully increase familiarity.

• finalize_to_dst() has been dropped for HMAC.

• Adaption of the #[must_use] attribute.

• Documentation improvements.

• HKDF and cSHAKE dropped from high-level API.

• High-level PBKDF2 now uses 64 byte salts and 64 byte password hashes and the iteration count has been made available for users to control.

• Argument info for HKDF and ad for AEADs are now Option.

• util::gen_rand_key and util::compare_ct are now util::secure_rand_bytes and util::secure_cmp.

• The password length enforcement in high-level PBKDF2 API has been removed.

• All other public types (eg. CShake, Hmac and Poly1305) now implement Debug.

• Using clear_on_drop to wipe memory in favor of seckey.

• New features nightly and no_std. To use orion in a no_std context, some dependency specfications are needed. Refer to the README for these.

• Major improvements to error propagation.

0.9.1

Changelog:

• Fix bug in double-HMAC verification in the default API
• Documentation improvements

0.9.0

Changelog:

• Added support for HChaCha20, XChaCha20 and AEAD XChaCha20Poly1305.
• The default API's encryption/decryption interface has been reintroduced, now offering
  authenticated encryption through the AEAD XChaCha20Poly1305 implementation.
• Most of the library's structure has been revamped.
• Major additions to the project wiki detailing testing and some information regarding dependencies and security.
• Improved fuzzing targets and overall test suite.
• Documentation improvements.