Skip to content

1.0.15
Compare
Choose a tag to compare
@jedisct1 jedisct1 released this 01 Oct 15:30
· 1336 commits to master since this release
1.0.15
This tag was signed with the committer’s verified signature.
jedisct1 Frank Denis
GPG key ID: 62F25B592B6F76DA
Learn about vigilant mode.
c5e43f4
  • The default password hashing algorithm is now Argon2id. The pwhash_str_verify() function can still verify Argon2i hashes without any changes, and pwhash() can still compute Argon2i hashes as well.
  • The aes128ctr primitive was removed. It was slow, non-standard, not authenticated, and didn't seem to be used by any opensource project.
  • Argon2id required at least 3 passes like Argon2i, despite a minimum of 1 as defined by the OPSLIMIT_MIN constant. This has been fixed.
  • The secretstream construction was slightly changed to be consistent with forthcoming variants.
  • The Javascript and Webassembly versions have been merged, and the module now returns a .ready promise that will resolve after the Webassembly code is loaded and compiled.
  • Note that due to these incompatible changes, the library version major was bumped up.
Assets 5