New crate versions #43
Comments
|
I think renaming input to update runs contrary to common terminology. |
|
To me the common terminology is Initialize-Update-Finalize (IUF) and |
|
@burdges |
|
After a quick look, it appears terms like input and add are common only for hashmaps, etc., and update wins with it being the term from OpenSSL, libsodium, and Python, while Go and libgcrypt use write, and operators overloading being common too. We'd use |
|
BTW maybe we should bump MSRV to 1.36? It will allow us to use |
|
Can |
|
Maybe you mean What is motivation for such change in your opinion, assuming we will get the |
|
@newpavlov I was referring specifically to the Instead, I think it's reasonable to have an API that allows you to specify IV for each encryption request. I believe |
|
@akhilles I'd be all about finding misuse resistant nonce management strategies at the abstraction level of AEAD crates, but at the level of block ciphers, concerns like this ring hollow to me:
Perhaps we haven't found a way to position block mode crates correctly, but here's how I would advertise them:
|
|
@tarcieri AES-CBC w/o auth tag and w/o reusing IVs is a perfectly legitimate (and common) use case. There is no API that supports it in this project. What are the downsides to allowing IV to be provided in the encryption call? |
|
@akhilles type AesCbc = Cbc<Aes128>;
let cipher = AesCbc::new(key);
let res1 = cipher.encrypt(buf1, pos1, iv1)?;
let res2 = cipher.encrypt(buf2, pos2, iv2)?;You will write: let cipher = Aes128::new(key);
let res1 = Cbc::from_cipher(cipher, iv1).encrypt(buf1, pos1)?;
let res2 = Cbc::from_cipher(cipher, iv2).encrypt(buf2, pos2)?;It's a bit more verbose, but efficiency-wise it will be equivalent. Also it will be more flexible, since |
|
@newpavlov, I'd be perfectly happy with Is there a PR open for the |
I don't know enough about the changes in generic-array 0.12 -> 0.13, but please remember that you can use version ranges if this crate doesn't use any changed APIs. For example, xxhash can work with basically any version of rand because it only uses |
|
Can I bribe one of RustCrypto Developers with a beer next time somebody is in Berlin, Germany to do the |
|
Unfortunately I don't have access to release new crate versions, but in the meantime we can do the work enumerated in this issue |
|
@newpavlov Is there a chance to have some progress here? 👀 |
|
I reached out to @newpavlov a few times now but haven't been able to get ahold of him. |
|
For people interested in new crate releases, I've made a contingency plan for publishing new versions provided @newpavlov doesn't return to do so: #102 It involves picking new names for each of the crates, which is less than ideal. I'm curious what people have to think about this approach. |
|
This would cause significant load on the debian-rust team because we need to get each package re-approved. Preferably crates that are this central in the rust eco system would have multiple maintainers with publish privileges. Maybe this is something we can raise awareness about, collect instructions on how to find backup maintainers that are trusted in the community and encourage people to have multiple people with publish permissions (and/or permissions to assign more uploaders). |
|
@kpcyrd we were in the progress of migrating all of these crates to teams-based permissions rather than individual publishers, but that work was never completed, and at present @newpavlov has sole access to many of the crates. I'm not in a hurry to do any of this so I'll wait until at least Q3 2020 before actually thinking about moving forward with it. |
|
would you please consider doing |
|
@AxelNennker we're getting ready to do a release of all of these crates. Hopefully later this week. One remaining item I think it's worth considering is moving all the crates closer to Initialize-Update-Finalize (IUF) nomenclature (including Several crates (including MAC implementations) use the I'll go ahead and add a checkbox for this at the top. |
|
@newpavlov are there any additional items you think are showstoppers for another release? |
|
I took a look at renaming https://docs.rs/digest/0.8.1/digest/trait.FixedOutput.html |
As discussed in #43, this adopts `finalize` naming, following the "Initialize-Update-Finalize" (IUF) interface naming scheme pervasive throughout cryptography and cryptographic API design.
|
I opened #161 which renames the If that looks good to everyone, I'll do another pass over all of the implementations to update them. After that there are a few small remaining things I'd like to clean up, but that said, I think we're good for a release of many of the crates later this week. |
|
It would be nice to do the |
|
#31 (buffer-to-buffer cipher operations) seems a bit involved and like it could use some more discussion and exploration of possible API designs. I'd rather punt on it for this release so it doesn't hold the releases of other crates back. I can take a look at implementing the |
|
I took a look at RustCrypto/hashes#86 and I'm a little bit confused by it (particularly I wonder if perhaps another trait and a blanket impl are in order? |
|
The idea is that we use a quasi-private method, which could leave hash instance in an incorrect state (well, strictly speaking it's still correct, but should not be used in practice) by passing |
|
Sounds good. In the meantime, I think the following crates can be published:
( I can go ahead and put together CHANGELOG.mds for these. |
|
Sounds good! |
|
I've released new versions of the |
|
I took a stab at addressing RustCrypto/hashes#86 in this PR: https://github.com/RustCrypto/traits/pull/180/files It's slightly different from what @newpavlov originally proposed, but eliminates the need to have an "internal" method on the trait. |
|
Also rust-lang/rfcs#2884 |
|
@burdges cool, nice to see progress is being made on RVO |
|
Alright, with #183 and #184 landed I think we're ready to cut a new release of I'll go ahead and update https://github.com/RustCrypto/hashes first to make sure there's nothing we overlooked. |
|
For future reference, switching from a generic to |
|
@shepmaster did you actually take a look at the relevant changes? They're all |
|
I am upgrading a crate to support 0.9, so, yes, I am looking at the changes. My comment is applicable because you cannot know all the call sites. Maybe you made the decision on purpose and with full knowledge of the effects, I don't know. All I can do is transfer knowledge in case you didn't already know. |
|
For these particular cases, impl Trait in the argument position should be syntactic sugar for the generic parameter. If you have a use case where that isn’t so, I’d be curious to see it, however the only case I can think of is one where you were turbofishing a generic parameter which is now no-longer necessary. That said, I’d be curious to know specific examples where this is actually problematic from the caller’s side. |
Cf. RustCrypto/traits#43 . I believe that we end up re-exporting these APIs, so this is could be a breaking change for API consumers, although it's not an API that we expect many people to be using themselves.
As part of the update to 0.9.0, the RustCrypto suite of crates has changed some function names in their public api: RustCrypto/traits#43 RustCrypto/hashes#157 This commit updates to the 0.9.x version of the sha2 crate from that suite and changes function calls as appropriate. Signed-off-by: Scott Macfarlane <smacfarlane@chef.io>
Migrating to 2018 edition is a long overdue and since it's a good chance to introduce breaking changes, I propose to use this issue to discuss them. Right now I have the following list of changes:
1.361.41 (needed forgeneric-arrayv0.14)generic-arraytov0.13v0.14.crypto-mac v0.8which usessubtle v2. (see Release a 0.8.0 version? #35)crypto_mac::Mac::inputanddigest::Digest::inputmethods toupdate.digest::Inputtodigest::Update.digest::Resettrait in favor of reworkedFixedResulttrait. See this comment.block-cipher-traitand useblock-ciphercrate instead Rename block-cipher-trait to block-cipher on the next breaking change #28.NewBlockCiphertrait (stream-cipher: add FromBlockCipher trait (fixes #32) #164).stream_cipher::FromBlockCiphertrait.impl_write!macro tocrypto-mac.Find solution for buffer-to-buffer cipher operations Consider supporting buffer-to-buffer cipher operations #31Add(closed as wontfix, see *::new to should return Result<T, E> #47)try_newmethodsMacResulttype to something likeCode/Outputand renamecodemethod tointo_bytesfor consistency with theuniversal-hashcrate.Add macro for implementing(dup of above)io::Writetocrypto-macsimilarly to thedigestcrate.opaque-debugto v0.2Support variable length AEAD Nonces aead: support variable-length nonces #65(EDIT: solved by making ciphers generic over theirNonceSize)crypto_mac::Mac::result,digest::Digest::result, anduniversal_hash::UniversalHash::resultto::finalizeor::finishI may have forgotten some changes I had in mind. Feel free to suggest other public API changes.
The text was updated successfully, but these errors were encountered: