v3.1.0

Please install Geralt via NuGet.

Added

• A Reinitialize() function for the Incremental classes. This saves you having to create another using statement in some scenarios.

Changed

• Added support for iOS, tvOS, and Mac Catalyst. Help is wanted to test this (#7).
• No longer targeting .NET 7 as it's out of support.
• Updated the libsodium version to 1.0.20.
• Minor test improvements.

Deprecated

• .NET 6 support will be dropped in November 2024, which will allow some newer language features to be used.

v3.0.1

Please install Geralt via NuGet.

Changed

• Now targeting .NET 8.
• Now testing on .NET 8.
• Minor test improvements.

v3.0.0

Please install Geralt via NuGet.

Warning

This release contains breaking changes to public constants, function/class renaming, and more validation to improve the API. Please update your code accordingly. Updates to the documentation are in progress.

Added

• AEGIS-128L and AEGIS-256, which are fast, key committing AES-based AEAD schemes that were finalists in the CAESAR competition. They are both preferable to AES-GCM and AES-OCB. The implementations also don't require hardware support to work, although performance will be affected and side-channels may exist.
• FinalizeAndVerify() methods for IncrementalBLAKE2b and IncrementalPoly1305. These are like the non-incremental VerifyTag() methods.
• Validation to prevent updating the state after finalizing or finalizing twice in Incremental classes. This includes after specifying ChunkFlag.Final in IncrementalXChaCha20Poly1305.
• Validation that encoded password hash strings are for Argon2id, not Argon2i/Argon2d.
• A check for counter overflows with XChaCha20 to match ChaCha20.
• A NotGreaterThanMax() validation function.
• A link to the release notes on NuGet.
• GitHub Actions tests on linux-musl-x64.

Changed

• Updated to libsodium v1.0.19.
• The following constants have been changed: BLAKE2b.HashSize, BLAKE2b.MinKeySize, IncrementalBLAKE2b.HashSize, IncrementalBLAKE2b.MinKeySize, X25519.MinPreSharedKeySize, Argon2id.MinKeySize, and Argon2id.MinMemorySize. Argon2id.HashPrefix has also been made private.
• IncrementalEd25519 has been renamed to IncrementalEd25519ph.
• IncrementalEd25519ph.Verify() has been renamed to IncrementalEd25519ph.FinalizeAndVerify().
• Hyphenated words have been removed from the passphrase wordlist.
• Various exception messages have been rephrased.
• Code/test improvements.

v2.1.0

Please install Geralt via NuGet.

Added

• IncrementalEd25519, which uses Ed25519ph.
• Support for an empty salt with BLAKE2b.DeriveKey(). This is equivalent to a 128-bit all-zero salt. This makes sense when you only need to derive a single key or when there's no need for salting (e.g. ephemeral keys are involved in a key exchange).
• Preparations to support iOS in the future.

Changed

• American spellings (initialize, finalize, personalization, capitalize, etc) are now used for consistency.
• More thorough testing.
• Code improvements.

An upcoming release will likely change some constants (e.g. BLAKE2b.HashSize) to be consistent with libsodium. This will be a breaking change.

v2.0.0

Please install Geralt via NuGet.

Added

• IncrementalXChaCha20Poly1305, which is a wrapper around crypto_secretstream_*() for chunked stream/file encryption. You can read the Geralt documentation here.
• Constants for IncrementalBLAKE2b and IncrementalPoly1305, which are identical to the BLAKE2b and Poly1305 constants.
• Support for .NET 7.

Changed

• DeriveSenderSharedSecret() has been renamed to DeriveSenderSharedKey() for clarity.
• DeriveRecipientSharedSecret() has been renamed to DeriveRecipientSharedKey().
• ComputeXCoordinate() has been renamed to ComputeSharedSecret(). The above functions should still be preferred to prevent accidental vulnerabilities.
• The Validation class has been made public because it's useful for custom constructions without having to have hideous if statements everywhere.

Removed

• The BLAKE2bHashAlgorithm class because it returned a byte array. It has been replaced with a BLAKE2b.ComputeHash() function that takes a Stream and IncrementalBLAKE2b for keyed hashing.

v1.3.0

Please install Geralt via NuGet.

Added

• IncrementalBLAKE2b.
• IncrementalPoly1305.

Changed

• BLAKE2bHashAlgorithm now uses IncrementalBLAKE2b.
• The validation has been reordered for ChaCha20-Poly1305 and XChaCha20-Poly1305.

v1.2.0

Please install Geralt via NuGet.

Added

• Non-XOR methods for ChaCha20 and XChaCha20, which can be used to implement (X)ChaCha20-Poly1305.

v1.1.0

Please install Geralt via NuGet.

Added

• The internal counter for ChaCha20 and XChaCha20 can now be accessed. Overflow checking is done for the ChaCha20 counter.

Changed

• Spans.Concat() now accepts empty spans like Arrays.Concat() did.
• The incremental BLAKE2b state handling now matches libsodium-core.

Removed

• The Arrays class because spans and Spans.Concat() should be used instead.

v1.0.3

Please install Geralt via NuGet.

Changed

• The initialisation error messages.

v1.0.2

Please install Geralt via NuGet.

Fixed

• Empty passwords, messages, and plaintexts/ciphertexts are now allowed.
• An exception message typo.