Skip to content

0.14.0
Compare
Choose a tag to compare
@brycx brycx released this 04 May 14:09
· 422 commits to master since this release
0.14.0
2ff356d
This commit was signed with the committer’s verified signature.
brycx Johannes
GPG key ID: 47DB8906F3124430
Verified
Learn about vigilant mode.

  • [Breaking change] Function as_bytes() for public newtypes are replaced with AsRef<> trait implementations. This means all as_bytes() calls need to be replaced with as_ref().

  • [Breaking change] The SecretKey for BLAKE2b is longer padded with zeroes to the length of the blocksize. Thus, the SecretKey no longer has a get_original_length() function, but the same result will be represented by the get_length() function instead.

  • [Breaking change] All calls to as_ref() and unprotected_as_bytes() return the newtypes data with what it was initialized, regardless of padding. (With the exception of HMAC)

  • [Breaking change] All calls to get_length() return the length of the newtype with what is what initialized, regardless of padding. (With the exception of HMAC)

  • [Breaking change] All newtypes that offer generate() now panic if the RNG fails to initialize of read from its source. This also means that newtype generate() functions, that do not take in a size parameter, no longer return a Result.

  • [Breaking change] ValidationCryptoError and FinalizationCryptoError have been removed. Though this doesn't mean that there is less information available, see issue here.

  • [Breaking change] Support for cSHAKE256 has been dropped, also meaning orion no longer depends on tiny-keccak. 8% decrease in unsafe code in dependencies.

  • All fuzzing targets in fuzz that used libFuzzer have been deprecated in favor of those in orion-fuzz using honggfuzz-rs.

  • Improvements to fuzzing targets in orion-fuzz.

  • Automated testing in CI, for constant-time execution.

  • Added From<[u8; C]> trait implementations for C-length fixed-sized newtypes, so that the caller may avoid using Result when not working with slices.

  • [Breaking change] Module hazardous::constants has been removed and all types made private. Only a select number of constants have been re-exported in their respective modules. See here for more information.

  • It is now strictly advised agianst using orion in debug mode, for what is meant to be production use. Using opt-level = 0 with orion, is also advised against. See security section.

  • rand_os has been replaced with getrandom.

  • Improvements to documentation examples as they no longer use .unwrap() but ? instead.

Assets 2
Loading