Skip to content

0.10.0

Choose a tag to compare

View all tags
@brycx brycx released this 23 Nov 22:48
· 887 commits to master since this release
0.10.0
54592ec
This commit was signed with the committer’s verified signature.
brycx Johannes
GPG key ID: 47DB8906F3124430
Verified
Learn about vigilant mode.

Changelog:

  • New types for secret keys, nonces, tags, etc. This greatly increases misuse-reisstance, usability and safety. To read more about the types and how they are implemented, see the wiki section.

  • default API has been dropped. All high-level functionality is now accessible through these interfaces: orion::aead, orion::auth, orion::kdf and orion::pwhash.

  • AEAD interfaces in hazardous and in the high-level API (previously default::encrypt, etc.) have been renamed to seal and open to reflect the authentication and hopefully increase familiarity.

  • finalize_to_dst() has been dropped for HMAC.

  • Adaption of the #[must_use] attribute.

  • Documentation improvements.

  • HKDF and cSHAKE dropped from high-level API.

  • High-level PBKDF2 now uses 64 byte salts and 64 byte password hashes and the iteration count has been made available for users to control.

  • Argument info for HKDF and ad for AEADs are now Option.

  • util::gen_rand_key and util::compare_ct are now util::secure_rand_bytes and util::secure_cmp.

  • The password length enforcement in high-level PBKDF2 API has been removed.

  • All other public types (eg. CShake, Hmac and Poly1305) now implement Debug.

  • Using clear_on_drop to wipe memory in favor of seckey.

  • New features nightly and no_std. To use orion in a no_std context, some dependency specfications are needed. Refer to the README for these.

  • Major improvements to error propagation.

Assets 2
Loading