Version 0.3.0 (contains BC breaks)
Pre-release
Pre-release
·
58 commits
to master
since this release
v0.3.0
paragonie-security
P.I.E. Security Team
This tag was signed with the committer’s verified signature.
paragonie-security
P.I.E. Security Team
- (#6)
Sapientis no longer a subclass of the Guzzle HTTP client. BC Break- Instead, it expects an instance of a new
AdapterInterfacepassed to the constructor, which allows multiple HTTP implementations to be used. - Future scope: Make this argument optional, default to a generic adapter (which does not yet exist).
- Instead, it expects an instance of a new
- (#2) Public key encryption is now based on XChaCha20 instead of XSalsa20. BC Break
- Our key and nonce derivation now use a similar construction to libsodium's
crypto_kx- Difference: BLAKE2b output size is 56 bytes instead of 32
- The first 32 are the key, the last 24 are the nonce
- This maps a 32 byte shared secret and two 32 byte public keys, passed through a secure hash function, to a 56-byte pseudorandom output; this should prove to be secure so long as X25519 is secure
- Our key and nonce derivation now use a similar construction to libsodium's