Skip to content

v0.6.0

  • v0.6.0
  • 63cf638

  • Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode

  • Choose a tag to compare

    View all tags
Releases v0.6.0 (#71)
  • v0.6.0
  • 63cf638

  • Choose a tag to compare

    View all tags

  • Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
@johnnyt johnnyt tagged this 31 Jan 23:09 
### Changed
- Integration tests now run by default in CI (#68)
- Coverage threshold adjusted from 94% to 92%

### Added
- Comprehensive streaming error tests covering all error paths (#68)
- CMM dispatch tests for RequiredEncryptionContext and Caching CMMs (#68)
- Caching CMM for reducing expensive key provider calls (#61)
- CacheEntry struct with TTL and usage limit tracking
- CryptographicMaterialsCache behaviour defining cache interface
- LocalCache ETS-based implementation with atomic operations
- Encryption materials caching with cache ID computation (SHA-384)
- Decryption materials caching based on EDKs and context
- Identity KDF bypass for deprecated NO_KDF algorithm suites
- Partition ID isolation enabling multiple CMMs to share cache
- Usage limits enforcement (max_messages and max_bytes)
- TTL-based expiration with automatic cleanup on retrieval
- Support for wrapping Default and RequiredEncryptionContext CMMs
- Comprehensive test suite with 42 tests (94.2% coverage)
- Required Encryption Context CMM for enforcing critical AAD keys (#62)
- Wrapping CMM validating required keys in encryption and decryption
- new/2 constructor accepting required keys and underlying CMM
- new_with_keyring/2 constructor auto-wrapping keyring in Default CMM
- Validation ensuring required keys present in caller's context
- Validation ensuring required keys present in reproduced context
- Support for nested CMM composition with layered validation
- Client dispatcher integration for RequiredEncryptionContext CMM
- Comprehensive test suite with 21 tests covering all scenarios
- Streaming encryption and decryption APIs for processing large data incrementally (#60)
- Stream.Encryptor state machine with incremental frame generation
- Stream.Decryptor state machine with incremental frame parsing
- Stream.SignatureAccumulator for ECDSA signing without buffering entire message
- encrypt_stream/3 and decrypt_stream/3 high-level APIs using Elixir Streams
- Support for both signed and unsigned algorithm suites in streaming mode
- fail_on_signed option to reject signed suites during streaming decryption
- Incremental plaintext release for unsigned suites (frame-by-frame)
- Deferred final frame release for signed suites (after signature verification)
- Header authentication module for v1/v2 header tag computation
- Commitment key derivation module for key commitment verification
- Comprehensive test suite with 41 streaming tests (edge cases, integration, signed suites)
- Edge case tests for empty plaintext, single byte, exact frame multiples, byte-by-byte input

### Fixed
- KMS integration tests skip gracefully when AWS credentials unavailable (#68)
- Unused default parameter warning in caching_test.exs (#68)

### Removed
- All temporary coveralls-ignore markers (42 markers across 4 files) (#68)
- Default exclusion of :integration tag from test suite (#68)
Assets 2
Loading