All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Experimental support for Balloon password hashing.
- The minimal required Rust version is now Rust 1.67.
- The minimal required Rust version is now Rust 1.60.
⚠️ BREAKING: All Rust functions that previously returnedResult<_, ErrorCode>now returnResult<_, Error>
- The minimal required Rust version is now Rust 1.57.
- Uses the Rust 2021 edition.
- The password and key generation API are considered stable.
- The minimal required Rust version is now Rust 1.51.
- Fixed compilation issues caused by the
dylibcrate type.
- The HOTP/TOTP key URI feature, which requires an external dependency, can now be deactivated.
- HOTP now support a look-ahead range.
- The HOTP counter can be synchronized (within the look-ahead range) during validation using
is_valid_sync.
- The prototype of the
libreauth_hotp_is_validC-binding function has been changed so it is possible to specify whether or not the counter should be synchronized.
- Optional additional HMAC with an external salt before or after hashing the password.
- The C-bindings documentation has been improved.
- The output base for HOTP and TOTP must now be valid UTF-8.
LIBREAUTH_OATH_CODE_INVALID_UTF8has been renamedLIBREAUTH_OATH_INVALID_UTF8.- The
output_base_lenparameter in thelibreauth_hotp_cfgandlibreauth_totp_cfgstructures has been dropped. - The PBKDF2
hashparameter has been renamedhmac. - The HashFunction has been moved to a dedicated module and its C-bindings renamed accordingly.
- The project now compiles on Microsoft Windows.
- Internal password version number.
- Key URI generation for HOTP and TOTP (with partial C-bindings).
- The crate is now compiled with Rust 2018.
- Each module has now its dedicated feature.
LIBREAUTH_OATH_CFG_NULL_PTR,LIBREAUTH_OATH_CODE_NULL_PTRandLIBREAUTH_OATH_KEY_NULL_PTRhas been replaced byLIBREAUTH_OATH_NULL_PTR.
- In addition to the previous CeCILL license, LibreAuth can now also be used under the CeCILL-C license.
- The build system now also builds a static library.
- A hashing scheme can now be tagged with a version number.
- API for the pass and oath module have slightly changed.
- Password API has been completely rewrote.
- OATH support for sha224, sha384, sha512 trunc 224 and sha512 trunc 256.
- OATH support for sha3-224, sha3-256, sha3-384, sha3-512, Keccak224, Keccak256, Keccak384, Keccak512.
- NFKC normalization for Unicode passwords.
- Identifiers for sha256 and sha512 has been changed (compatibility break).
- base64 key support
- The
keymodule does no more implicitly callgenerate()when requesting the key in a certain form.
- Random key generation module.
- Dependencies have been updated.
- Python test and examples have been removed;
- small documentation improvements.
- Password authentication.
- The
rust-cryptocrate has been replaced by several crates from the RustCrypto project (although the name is very similar, those are two different projects); - the oath module does not not expose sub-modules anymore.
- TOTP tolerance.
- The oath module does not not expose sub-modules anymore;
- header guards now uses "#pragma once";
- C tests now uses C11 standard and clang.
- The project has been renamed LibreAuth (previous name: R2FA);
- the license has been changed to the CeCILL Free Software License Agreement v2.1;
- the otp module has been renamed oath.
- The otp::c (oath::c) module is not public anymore.
This release fixed a buffer overflow in the C-bindings tests. Because this issue did not influence the Rust part of the code in any way, the crate has not be updated.
- C-bindings for OTP validation.
- Errors are now represented by an enumeration instead of strings;
- the C unit test suite has been rewritten.
- An integer overflow has been fixed in code length calculation.
This release is a cleanup release. No public interface has been changed.
- C-bindings are now part of this library and therefore no longer distributed in a separated project.
Last version without a changelog.