2024-04-26 02:13:38 +03:00
|
|
|
## 1.0.0
|
|
|
|
|
|
|
|
* Versions follow the standard version policy.
|
|
|
|
* Removing pthread stuff.
|
|
|
|
[#32](https://github.com/kazu-yamamoto/crypton/pull/32)
|
|
|
|
|
2023-11-10 03:31:01 +03:00
|
|
|
## 0.34
|
|
|
|
|
|
|
|
* Hashing getRandomBytes before using as Seed for ChaChaDRG
|
|
|
|
[#24](https://github.com/kazu-yamamoto/crypton/pull/24)
|
|
|
|
* Add support for XChaCha and XChaChaPoly1305
|
|
|
|
[#18](https://github.com/kazu-yamamoto/crypton/pull/18)
|
|
|
|
* Strict byteArray of IV c
|
|
|
|
[#16](https://github.com/kazu-yamamoto/crypton/pull/16)
|
|
|
|
|
2023-07-05 06:03:47 +03:00
|
|
|
## 0.33
|
2023-07-05 04:16:36 +03:00
|
|
|
|
|
|
|
* Add "crypton_" prefix to the final C symbols.
|
|
|
|
[#9](https://github.com/kazu-yamamoto/crypton/pull/9)
|
|
|
|
|
2023-06-20 01:57:24 +03:00
|
|
|
## 0.32
|
|
|
|
|
|
|
|
* All C symbols now have the "crypton_" prefix.
|
|
|
|
[#7](https://github.com/kazu-yamamoto/crypton/pull/7)
|
|
|
|
[#8](https://github.com/kazu-yamamoto/crypton/pull/8)
|
|
|
|
|
2023-06-05 08:49:14 +03:00
|
|
|
## 0.31
|
|
|
|
|
|
|
|
* Crypton is forked from cryptonite with the original authors permission.
|
|
|
|
* Ignoring exceptons from hClose to read the next entropy
|
|
|
|
[#1](https://github.com/kazu-yamamoto/crypton/pull/1)
|
|
|
|
* Enabling the support_pclmuldq flag by default.
|
|
|
|
|
2022-03-13 15:54:14 +03:00
|
|
|
## 0.30
|
|
|
|
|
|
|
|
* Fix some C symbol blake2b prefix to be cryptonite_ prefix (fix mixing with other C library)
|
|
|
|
* add hmac-lazy
|
|
|
|
* Fix compilation with GHC 9.2
|
|
|
|
* Drop support for GHC8.0, GHC8.2, GHC8.4, GHC8.6
|
|
|
|
|
|
|
|
## 0.29
|
|
|
|
|
|
|
|
* advance compilation with gmp breakage due to change upstream
|
|
|
|
* Add native EdDSA support
|
|
|
|
|
2021-01-27 05:48:00 +03:00
|
|
|
## 0.28
|
|
|
|
|
|
|
|
* Add hash constant time capability
|
|
|
|
* Prevent possible overflow during hashing by hashing in 4GB chunks
|
|
|
|
|
2020-06-21 07:07:25 +03:00
|
|
|
## 0.27
|
|
|
|
|
|
|
|
* Optimise AES GCM and CCM
|
|
|
|
* Optimise P256R1 implementation
|
|
|
|
* Various AES-NI building improvements
|
|
|
|
* Add better ECDSA support
|
|
|
|
* Add XSalsa derive
|
|
|
|
* Implement square roots for ECC binary curve
|
|
|
|
* Various tests and benchmarks
|
|
|
|
|
2019-02-22 00:58:57 +03:00
|
|
|
## 0.26
|
|
|
|
|
2019-05-08 11:09:51 +03:00
|
|
|
* Add Rabin cryptosystem (and variants)
|
|
|
|
* Add bcrypt_pbkdf key derivation function
|
|
|
|
* Optimize Blowfish implementation
|
|
|
|
* Add KMAC (Keccak Message Authentication Code)
|
|
|
|
* Add ECDSA sign/verify digest APIs
|
|
|
|
* Hash algorithms with runtime output length
|
2019-02-22 00:58:57 +03:00
|
|
|
* Update blake2 to latest upstream version
|
2019-05-08 11:09:51 +03:00
|
|
|
* RSA-PSS with arbitrary key size
|
|
|
|
* SHAKE with output length not divisible by 8
|
|
|
|
* Add Read and Data instances for Digest type
|
|
|
|
* Improve P256 scalar primitives
|
|
|
|
* Fix hash truncation bug in DSA
|
|
|
|
* Fix cost parsing for bcrypt
|
|
|
|
* Fix ECC failures on arm64
|
|
|
|
* Correction to PKCS#1 v1.5 padding
|
|
|
|
* Use powModSecInteger when available
|
|
|
|
* Drop GHC 7.8 and GHC 7.10 support, refer to pkg-guidelines
|
2019-05-21 10:49:16 +03:00
|
|
|
* Optimise GCM mode
|
|
|
|
* Add little endian serialization of integer
|
2019-02-22 00:58:57 +03:00
|
|
|
|
2018-02-06 18:35:32 +03:00
|
|
|
## 0.25
|
|
|
|
|
|
|
|
* Improve digest binary conversion efficiency
|
|
|
|
* AES CCM support
|
|
|
|
* Add MonadFailure instance for CryptoFailable
|
|
|
|
* Various misc improvements on documentation
|
|
|
|
* Edwards25519 lowlevel arithmetic support
|
|
|
|
* P256 add point negation
|
|
|
|
* Improvement in ECC (benchmark, better normalization)
|
|
|
|
* Blake2 improvements to context size
|
|
|
|
* Use gauge instead of criterion
|
|
|
|
* Use haskell-ci for CI scripts
|
|
|
|
* Improve Digest memory representation to be 2 less Ints and one less boxing
|
|
|
|
moving from `UArray` to `Block`
|
|
|
|
|
2017-07-08 10:07:16 +03:00
|
|
|
## 0.24
|
|
|
|
|
|
|
|
* Ed25519: generateSecret & Documentation updates
|
|
|
|
* Repair tutorial
|
|
|
|
* RSA: Allow signing digest directly
|
|
|
|
* IV add: fix overflow behavior
|
|
|
|
* P256: validate point when decoding
|
|
|
|
* Compilation fix with deepseq disabled
|
|
|
|
* Improve Curve448 and use decaf for Ed448
|
|
|
|
* Compilation flag blake2 sse merged in sse support
|
|
|
|
* Process unaligned data better in hashes and AES, on architecture needing alignment
|
|
|
|
* Drop support for ghc 7.6
|
|
|
|
* Add ability to create random generator Seed from binary data and
|
|
|
|
loosen constraint on ChaChaDRG seed from ByteArray to ByteArrayAccess.
|
|
|
|
* Add 3 associated types with the HashAlgorithm class, to get
|
|
|
|
access to the constant for BlockSize, DigestSize and ContextSize at the type level.
|
|
|
|
the related function that this replaced will be deprecated in later release, and
|
|
|
|
eventually removed.
|
|
|
|
|
|
|
|
API CHANGES:
|
|
|
|
|
|
|
|
* Improve ECDH safety to return failure for bad inputs (e.g. public point in small order subgroup).
|
|
|
|
To go back to previous behavior you can replace `ecdh` by `ecdhRaw`. It's recommended to
|
|
|
|
use `ecdh` and handle the error appropriately.
|
|
|
|
* Users defining their own HashAlgorithm needs to define the
|
|
|
|
HashBlockSize, HashDigest, HashInternalContextSize associated types
|
|
|
|
|
2017-04-25 19:19:31 +03:00
|
|
|
## 0.23
|
|
|
|
|
|
|
|
* Digest memory usage improvement by using unpinned memory
|
|
|
|
* Fix generateBetween to generate within the right bounds
|
|
|
|
* Add pure Twofish implementation
|
|
|
|
* Fix memory allocation in P256 when using a temp point
|
|
|
|
* Consolidate hash benchmark code
|
|
|
|
* Add Nat-length Blake2 support (GHC > 8.0)
|
|
|
|
* Update tutorial
|
|
|
|
|
2017-02-24 19:14:48 +03:00
|
|
|
## 0.22
|
|
|
|
|
|
|
|
* Add Argon2 (Password Hashing Competition winner) hash function
|
|
|
|
* Update blake2 to latest upstream version
|
2017-02-24 19:18:02 +03:00
|
|
|
* Add extra blake2 hashing size
|
2017-02-24 19:14:48 +03:00
|
|
|
* Add faster PBKDF2 functions for SHA1/SHA256/SHA512
|
|
|
|
* Add SHAKE128 and SHAKE256
|
|
|
|
* Cleanup prime generation, and add tests
|
|
|
|
* Add Time-based One Time Password (TOTP) and HMAC-based One Time Password (HOTP)
|
|
|
|
* Rename Ed448 module name to Curve448, old module name still valid for now
|
|
|
|
|
2016-12-17 13:49:45 +03:00
|
|
|
## 0.21
|
|
|
|
|
|
|
|
* Drop automated tests with GHC 7.0, GHC 7.4, GHC 7.6. support dropped, but probably still working.
|
|
|
|
* Improve non-aligned support in C sources, ChaCha and SHA3 now probably work on arch without support for unaligned access. not complete or tested.
|
|
|
|
* Add another ECC framework that is more flexible, allowing different implementations to work instead of
|
|
|
|
the existing Pure haskell NIST implementation.
|
|
|
|
* Add ECIES basic primitives
|
|
|
|
* Add XSalsa20 stream cipher
|
2016-12-18 09:50:29 +03:00
|
|
|
* Process partial buffer correctly with Poly1305
|
2016-12-17 13:49:45 +03:00
|
|
|
|
2016-09-15 23:11:50 +03:00
|
|
|
## 0.20
|
|
|
|
|
|
|
|
* Fixed hash truncation used in ECDSA signature & verification (Olivier Chéron)
|
|
|
|
* Fix ECDH when scalar and coordinate bit sizes differ (Olivier Chéron)
|
|
|
|
* Speed up ECDSA verification using Shamir's trick (Olivier Chéron)
|
|
|
|
* Fix rdrand on windows
|
|
|
|
|
2016-08-12 09:14:15 +03:00
|
|
|
## 0.19
|
|
|
|
|
|
|
|
* Add tutorial (Yann Esposito)
|
|
|
|
* Derive Show instance for better interaction with Show pretty printer (Eric Mertens)
|
|
|
|
|
2016-08-12 08:57:53 +03:00
|
|
|
## 0.18
|
|
|
|
|
|
|
|
* Re-used standard rdrand instructions instead of bytedump of rdrand instruction
|
|
|
|
* Improvement to F2m, including lots of tests (Andrew Lelechenko)
|
2016-08-22 14:50:48 +03:00
|
|
|
* Add error check on salt length in bcrypt
|
2016-08-12 08:57:53 +03:00
|
|
|
|
2016-06-14 09:24:30 +03:00
|
|
|
## 0.17
|
|
|
|
|
|
|
|
* Add Miyaguchi-Preneel construction (Kei Hibino)
|
|
|
|
* Fix buffer length in scrypt (Luke Taylor)
|
|
|
|
* build fixes for i686 and arm related to rdrand
|
|
|
|
|
2016-04-20 05:26:56 +03:00
|
|
|
## 0.16
|
|
|
|
|
|
|
|
* Fix basepoint for Ed448
|
|
|
|
|
2016-04-20 21:22:02 +03:00
|
|
|
* Enable 64-bit Curve25519 implementation
|
|
|
|
|
2016-04-09 19:13:51 +03:00
|
|
|
## 0.15
|
|
|
|
|
|
|
|
* Fix serialization of DH and ECDH
|
|
|
|
|
2016-03-26 13:29:33 +03:00
|
|
|
## 0.14
|
|
|
|
|
|
|
|
* Reduce size of SHA3 context instead of allocating all-size fit memory. save
|
|
|
|
up to 72 bytes of memory per context for SHA3-512.
|
2016-04-09 10:46:30 +03:00
|
|
|
* Add a Seed capability to the main DRG, to be able to debug/reproduce randomized program
|
|
|
|
where you would want to disable the randomness.
|
|
|
|
* Add support for Cipher-based Message Authentication Code (CMAC) (Kei Hibino)
|
2016-04-09 15:45:05 +03:00
|
|
|
* *CHANGE* Change the `SharedKey` for `Crypto.PubKey.DH` and `Crypto.PubKey.ECC.DH`,
|
|
|
|
from an Integer newtype to a ScrubbedBytes newtype. Prevent mistake where the
|
|
|
|
bytes representation is generated without the right padding (when needed).
|
2016-04-09 15:41:40 +03:00
|
|
|
* *CHANGE* Keep The field size in bits, in the `Params` in `Crypto.PubKey.DH`,
|
|
|
|
moving from 2 elements to 3 elements in the structure.
|
2016-03-26 13:29:33 +03:00
|
|
|
|
2016-02-21 12:28:28 +03:00
|
|
|
## 0.13
|
|
|
|
|
|
|
|
* *SECURITY* Fix buffer overflow issue in SHA384, copying 16 extra bytes from
|
|
|
|
the SHA512 context to the destination memory pointer leading to memory
|
|
|
|
corruption, segfault. (Mikael Bung)
|
|
|
|
|
2016-02-20 09:21:07 +03:00
|
|
|
## 0.12
|
|
|
|
|
|
|
|
* Fix compilation issue with Ed448 on 32 bits machine.
|
|
|
|
|
2016-02-12 12:46:31 +03:00
|
|
|
## 0.11
|
|
|
|
|
|
|
|
* Truncate hashing correctly for DSA
|
|
|
|
* Add support for HKDF (RFC 5869)
|
|
|
|
* Add support for Ed448
|
|
|
|
* Extends support for Blake2s to 224 bits version.
|
|
|
|
* Compilation workaround for old distribution (RHEL 4.1)
|
|
|
|
* Compilation fix for AIX
|
|
|
|
* Compilation fix with AESNI and ghci compiling C source in a weird order.
|
|
|
|
* Fix example compilation, typo, and warning
|
|
|
|
|
2015-12-01 01:05:43 +03:00
|
|
|
## 0.10
|
|
|
|
|
2015-12-24 23:38:38 +03:00
|
|
|
* Add reference implementation of blake2 for non-SSE2 platform
|
|
|
|
* Add support\_blake2\_sse flag
|
2015-12-01 01:05:43 +03:00
|
|
|
|
2015-11-02 14:16:48 +03:00
|
|
|
## 0.9
|
|
|
|
|
|
|
|
* Quiet down unused module imports
|
2015-11-02 14:17:19 +03:00
|
|
|
* Move Curve25519 over to Crypto.Error instead of using Either String.
|
2015-11-04 18:23:53 +03:00
|
|
|
* Add documentation for ChaChaPoly1305
|
|
|
|
* Add missing documentation for various modules
|
2015-11-05 18:04:15 +03:00
|
|
|
* Add a way to create Poly1305 Auth tag.
|
2015-11-13 23:55:20 +03:00
|
|
|
* Added support for the BLAKE2 family of hash algorithms
|
2015-11-15 08:07:35 +03:00
|
|
|
* Fix endianness of incrementNonce function for ChaChaPoly1305
|
2015-11-02 14:17:19 +03:00
|
|
|
|
2015-10-11 12:54:54 +03:00
|
|
|
## 0.8
|
|
|
|
|
|
|
|
* Add support for ChaChaPoly1305 Nonce Increment (John Galt)
|
|
|
|
* Move repository to the haskell-crypto organisation
|
|
|
|
|
2015-08-16 18:33:34 +03:00
|
|
|
## 0.7
|
|
|
|
|
2015-08-18 14:03:42 +03:00
|
|
|
* Add PKCS5 / PKCS7 padding and unpadding methods
|
2015-08-16 18:33:34 +03:00
|
|
|
* Fix ChaChaPoly1305 Decryption
|
2015-08-27 12:59:51 +03:00
|
|
|
* Add support for BCrypt (Luke Taylor)
|
2015-08-16 18:33:34 +03:00
|
|
|
|
2015-07-03 14:44:23 +03:00
|
|
|
## 0.6
|
|
|
|
|
2015-07-25 10:52:00 +03:00
|
|
|
* Add ChaChaPoly1305 AE cipher
|
2015-07-03 14:44:23 +03:00
|
|
|
* Add instructions in README for building on old OSX
|
|
|
|
* Fix blocking /dev/random Andrey Sverdlichenko
|
|
|
|
|
2015-06-21 17:18:40 +03:00
|
|
|
## 0.5
|
|
|
|
|
|
|
|
* Fix all strays exports to all be under the cryptonite prefix.
|
|
|
|
|
2015-06-20 17:52:43 +03:00
|
|
|
## 0.4
|
|
|
|
|
|
|
|
* Add a System DRG that represent a referentially transparent of evaluated bytes
|
|
|
|
while using lazy evaluation for future entropy values.
|
|
|
|
|
2015-06-02 16:29:33 +03:00
|
|
|
## 0.3
|
|
|
|
|
2015-06-19 13:06:48 +03:00
|
|
|
* Allow drgNew to run in any MonadRandom, providing cascading initialization
|
2015-06-10 14:29:18 +03:00
|
|
|
* Remove Crypto.PubKey.HashDescr in favor of just having the algorithm
|
|
|
|
specified in PKCS15 RSA function.
|
2015-06-09 16:40:46 +03:00
|
|
|
* Fix documentation in cipher sub section (Luke Taylor)
|
2015-06-09 17:44:12 +03:00
|
|
|
* Cleanup AES dead functions (Luke Taylor)
|
2015-06-09 16:39:20 +03:00
|
|
|
* Fix Show instance of Digest to display without quotes similar to cryptohash
|
2015-06-02 16:29:33 +03:00
|
|
|
* Use scrubbed bytes instead of bytes for P256 scalar
|
|
|
|
|
2015-05-25 11:16:26 +03:00
|
|
|
## 0.2
|
|
|
|
|
2015-06-01 09:52:55 +03:00
|
|
|
* Fix P256 compilation and exactness, + add tests
|
|
|
|
* Add a raw memory number serialization capability (i2osp, os2ip)
|
|
|
|
* Improve tests for number serialization
|
|
|
|
* Improve tests for ECC arithmetics
|
|
|
|
* Add Ord instance for Digest (Nicolas Di Prima)
|
2015-05-25 11:16:26 +03:00
|
|
|
* Fix entropy compilation on windows 64 bits.
|
|
|
|
|
2015-05-22 20:43:22 +03:00
|
|
|
## 0.1
|
|
|
|
|
|
|
|
* Initial release
|