Merge pull request #3 from jcape/main

Release 0.9.4
mobilecoinfoundation · Sep 27, 2021 · 9735891 · 9735891
2 parents 5185348 + 826cdb2
commit 9735891
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 16 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.9.4 (2021-08-28)
+### Changed
+- Relax `subtle` and `zeroize` requirements ([#360])
+
+[#360]: https://github.com/RustCrypto/AEADs/pull/360
+
+## 0.9.3 (2021-07-20)
+### Changed
+- Pin `zeroize` dependency to v1.3 and `subtle` to v2.4 ([#349])
+
+[#349]: https://github.com/RustCrypto/AEADs/pull/349
+
 ## 0.9.2 (2021-05-31)
 
 - Initial version, merge of the [original form](https://github.com/mobilecoinofficial/AEADs) into it's own crate based on [upstream](https://github.com/RustCrypto/AEADs).
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "mc-oblivious-aes-gcm"
-version = "0.9.2"
+version = "0.9.4"
 description = """
 WARNING: This crate is not intended for general use, you should use the official RustCrypto crate instead.
 
@@ -18,16 +18,16 @@ repository = "https://github.com/mobilecoinfoundation/oblivious-aes-gcm"
 
 [dependencies]
 aead = { version = "0.4", default-features = false }
-aes = { version = "0.7.2", optional = true }
+aes = { version = "0.7.5", optional = true }
 cipher = "0.3"
-ctr = "0.7"
+ctr = "0.8"
 ghash = { version = "0.4.2", default-features = false }
-subtle = { version = "2", default-features = false }
-zeroize = { version = "1", optional = true, default-features = false }
+subtle = { version = ">=2, <2.5", default-features = false }
+zeroize = { version = ">=1, <1.4", optional = true, default-features = false }
 
 [dev-dependencies]
 aead = { version = "0.4", features = ["dev"], default-features = false }
-hex-literal = "0.2"
+hex-literal = "0.3"
 
 [features]
 default    = ["aes", "alloc"]

diff --git a/src/lib.rs b/src/lib.rs
@@ -1,3 +1,14 @@
+//!
+//! # WARNING
+//!
+//! You should use the [`aes-gcm`](https://github.com/RustCrypto/AEADs) crate,
+//! not this one. This crate is a patch/fork of the execellent RustCrypto crate
+//! to support a very, very niche use-case for MobileCoin, and as such it's
+//! maintenance and security are necessarily going to lag behind that of
+//! RustCrypto's crate.
+//!
+//! # Original README
+//!
 //! AES-GCM: [Authenticated Encryption and Associated Data (AEAD)][1] cipher
 //! based on AES in [Galois/Counter Mode][2].
 //!
@@ -15,13 +26,14 @@
 //!
 //! ## Security Notes
 //!
-//! This crate has received one [security audit by NCC Group][3], with no significant
-//! findings. We would like to thank [MobileCoin][4] for funding the audit.
+//! This crate has received one [security audit by NCC Group][3], with no
+//! significant findings. We would like to thank [MobileCoin][4] for funding the
+//! audit.
 //!
-//! All implementations contained in the crate are designed to execute in constant
-//! time, either by relying on hardware intrinsics (i.e. AES-NI and CLMUL on
-//! x86/x86_64), or using a portable implementation which is only constant time
-//! on processors which implement constant-time multiplication.
+//! All implementations contained in the crate are designed to execute in
+//! constant time, either by relying on hardware intrinsics (i.e. AES-NI and
+//! CLMUL on x86/x86_64), or using a portable implementation which is only
+//! constant time on processors which implement constant-time multiplication.
 //!
 //! It is not suitable for use on processors with a variable-time multiplication
 //! operation (e.g. short circuit on multiply-by-zero / multiply-by-one, such as

diff --git a/tests/aes128gcm.rs b/tests/aes128gcm.rs
@@ -7,8 +7,10 @@ extern crate hex_literal;
 mod common;
 
 use self::common::TestVector;
-use mc_oblivious_aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead, Payload};
-use mc_oblivious_aes_gcm::Aes128Gcm;
+use mc_oblivious_aes_gcm::{
+    aead::{generic_array::GenericArray, Aead, NewAead, Payload},
+    Aes128Gcm,
+};
 
 /// NIST CAVS vectors
 ///

diff --git a/tests/aes256gcm.rs b/tests/aes256gcm.rs
@@ -7,8 +7,10 @@ extern crate hex_literal;
 mod common;
 
 use self::common::TestVector;
-use mc_oblivious_aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead, Payload};
-use mc_oblivious_aes_gcm::Aes256Gcm;
+use mc_oblivious_aes_gcm::{
+    aead::{generic_array::GenericArray, Aead, NewAead, Payload},
+    Aes256Gcm,
+};
 
 /// NIST CAVS vectors
 ///