Note for all versions
Please refer to the note on version 0.0.2
- Add ED448
- Add X448
- Add SM4 (China's Block Cipher which declassified in 2006)
- Add SM3 (China's Hashing algorithm)
Note specifically for version 0.0.2:
My implementation may be unsafe, if you just code it on client
application should be fine. If you want to use it on something which's
online like on virtual private server, you are advised not to use it as
there'll be some unforeseen security issues and problems.
- Fixes some issues that causes by absence of padding in SM4
- Add XOR helper class
- Add PKCS5 padding (https://www.di-mgt.com.au/cryptopad.html)
- Add ECB mode
- Switch the HMAC calculation from SM4 to SM3
- Migrate PKCS5Padding function from CNSM4 to a helper class of its own
- Slight modification to PKCS5Padding
- Add GCM Mode for SM4
- Add GCM Counter Mode for SM4
- Add GCM GMAC function for SM4
- Remove unnecessary code
- Add SHAKEDigest and Keccak Digest
- Add KDF function for shrinking the shared secret calculated from X448 CalculateSharedSecret Function to 32 bytes or 256 bits
- Add function to calculate Signature+Message
- Add function to get Message from SignatureMessage if signature verification succeed
- Add Nonce and Key Generation function into CNSM4
- Convert GCM_CTR_Encrypt,GCM_CTR_Decrypt,GCM_GenerateGMAC from public into private
- sodium_memcmp was used to replace the System.Linq.SequenceEqual() so that it's always constant time compare.
- Uses libsodium PRF to create additional padding in signing and verifying messages (SecureED448).
- Slight rework on ED448RevampedKeyPair and X448RevampedKeyPair.
- Remove libsodium PRF from BCASodium.
- All paddings were centralized and moved into PaddingClass.
- Uses bouncycastle's 6 padding schemes to create additional padding in signing and verifying messages (SecureED448).
- CNSM3Digest,Keccak,SHAKE uses private static when dealing with streams of messages.
- CNSM4 removes all insecure modes of operations.
- CNSM4 now uses Blake2B and 2 secret keys to create domain separation in CTR mode.
- CNSM3Digest,Keccak,SHAKE now uses public/private context to derive 2 subkeys to xor with IPAD and OPAD in calculating HMAC.
- Slight rework on XORHelper.
- BCASodium now uses only .Net Standard 2.0.
- Rename PaddingClass into BlockCipherPaddingClass.
- Add PKCS1V1.5PaddingClass.
- SecureED448 now uses ZeroPadding or PKCS1V1.5PaddingClass.
- SecureED448 now uses bouncycastle's prehash signing and verification.
- Removed PKCS1V1.5PaddingClass.
- Fixes some bug in CTR mode.
- Added a slightly constant time XOR method in XORHelper class.
- CNSM4's CTR mode is now slightly constant time in performance.
From 0.1.0 version onwards, there won't be any more unlisting.
Replacement of XOR operations in HMAC generation will be replaced with slightly constant time method in future updates.
- Added KMAC
- Removed HMAC from Keccak and SHAKE.
- Slightly rework on ComputeHashForNonFinalizedData for SM3Digest,Keccak and SHAKE.
- ED448RevampedKeyPair and X448RevampedKeyPair Clear() function has been slightly reworked.
- Removed HMAC from SM3Digest.
- Added HMACHelper which allows supported digest algorithms to create HMACs.
- SM4's HMACCTREncrypt and HMACCTRDecrypt now uses HMACHelper.
- Switched to .Net 6.0 and extends support for .Net Standard 2.0
- Now uses the official nuget bouncycastle.cryptography instead of Portable.BouncyCastle.
- Change the KMACHelper from the latter library to first library compatible.
- KMACHelper fixes some bug
- Upgrades to use latest ASodium (0.5.9)
- Upgrades to use latest ASodium (0.6.0)
- HMACHelper and KMACHelper both uses latest version of ASodium's Sodium_Memory_Compare.
- Fixes bug in SHAKEDigest ComputeHash function. (For details, kindly read my comments in the code)
- Fixes minor bug in KMACHelper function. (For details, kindly read refer to VerifyKMAC)