diff --git a/CHANGELOG.md b/CHANGELOG.md index 6fb7526..6c15c0c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## 0.9.4 (2021-08-28) +### Changed +- Relax `subtle` and `zeroize` requirements ([#360]) + +[#360]: https://github.com/RustCrypto/AEADs/pull/360 + +## 0.9.3 (2021-07-20) +### Changed +- Pin `zeroize` dependency to v1.3 and `subtle` to v2.4 ([#349]) + +[#349]: https://github.com/RustCrypto/AEADs/pull/349 + ## 0.9.2 (2021-05-31) - Initial version, merge of the [original form](https://github.com/mobilecoinofficial/AEADs) into it's own crate based on [upstream](https://github.com/RustCrypto/AEADs). diff --git a/Cargo.toml b/Cargo.toml index e898bde..3416a04 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "mc-oblivious-aes-gcm" -version = "0.9.2" +version = "0.9.4" description = """ WARNING: This crate is not intended for general use, you should use the official RustCrypto crate instead. @@ -18,16 +18,16 @@ repository = "https://github.com/mobilecoinfoundation/oblivious-aes-gcm" [dependencies] aead = { version = "0.4", default-features = false } -aes = { version = "0.7.2", optional = true } +aes = { version = "0.7.5", optional = true } cipher = "0.3" -ctr = "0.7" +ctr = "0.8" ghash = { version = "0.4.2", default-features = false } -subtle = { version = "2", default-features = false } -zeroize = { version = "1", optional = true, default-features = false } +subtle = { version = ">=2, <2.5", default-features = false } +zeroize = { version = ">=1, <1.4", optional = true, default-features = false } [dev-dependencies] aead = { version = "0.4", features = ["dev"], default-features = false } -hex-literal = "0.2" +hex-literal = "0.3" [features] default = ["aes", "alloc"] diff --git a/src/lib.rs b/src/lib.rs index 3128c55..ea9df2c 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,3 +1,14 @@ +//! +//! # WARNING +//! +//! You should use the [`aes-gcm`](https://github.com/RustCrypto/AEADs) crate, +//! not this one. This crate is a patch/fork of the execellent RustCrypto crate +//! to support a very, very niche use-case for MobileCoin, and as such it's +//! maintenance and security are necessarily going to lag behind that of +//! RustCrypto's crate. +//! +//! # Original README +//! //! AES-GCM: [Authenticated Encryption and Associated Data (AEAD)][1] cipher //! based on AES in [Galois/Counter Mode][2]. //! @@ -15,13 +26,14 @@ //! //! ## Security Notes //! -//! This crate has received one [security audit by NCC Group][3], with no significant -//! findings. We would like to thank [MobileCoin][4] for funding the audit. +//! This crate has received one [security audit by NCC Group][3], with no +//! significant findings. We would like to thank [MobileCoin][4] for funding the +//! audit. //! -//! All implementations contained in the crate are designed to execute in constant -//! time, either by relying on hardware intrinsics (i.e. AES-NI and CLMUL on -//! x86/x86_64), or using a portable implementation which is only constant time -//! on processors which implement constant-time multiplication. +//! All implementations contained in the crate are designed to execute in +//! constant time, either by relying on hardware intrinsics (i.e. AES-NI and +//! CLMUL on x86/x86_64), or using a portable implementation which is only +//! constant time on processors which implement constant-time multiplication. //! //! It is not suitable for use on processors with a variable-time multiplication //! operation (e.g. short circuit on multiply-by-zero / multiply-by-one, such as diff --git a/tests/aes128gcm.rs b/tests/aes128gcm.rs index 8d1cba6..3eacd95 100644 --- a/tests/aes128gcm.rs +++ b/tests/aes128gcm.rs @@ -7,8 +7,10 @@ extern crate hex_literal; mod common; use self::common::TestVector; -use mc_oblivious_aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead, Payload}; -use mc_oblivious_aes_gcm::Aes128Gcm; +use mc_oblivious_aes_gcm::{ + aead::{generic_array::GenericArray, Aead, NewAead, Payload}, + Aes128Gcm, +}; /// NIST CAVS vectors /// diff --git a/tests/aes256gcm.rs b/tests/aes256gcm.rs index 8f385c5..468978d 100644 --- a/tests/aes256gcm.rs +++ b/tests/aes256gcm.rs @@ -7,8 +7,10 @@ extern crate hex_literal; mod common; use self::common::TestVector; -use mc_oblivious_aes_gcm::aead::{generic_array::GenericArray, Aead, NewAead, Payload}; -use mc_oblivious_aes_gcm::Aes256Gcm; +use mc_oblivious_aes_gcm::{ + aead::{generic_array::GenericArray, Aead, NewAead, Payload}, + Aes256Gcm, +}; /// NIST CAVS vectors ///