0.14.7 - Hotfix of Wasm-Themis and React-Native-Themis

0.14.7, Aug 12th 2022

React Native Themis

• Upgraded packages versions in package.json (934).
• Trigger JavaScript exception instead of native exceptions for cases like passing empty strings. (930).

WASM Themis

• Fixed the bug with encryption of large files (933).
• Added option to build WASM file.

0.14.6 - Compiler optimization level for building WasmThemis

0.14.6, May 24th 2022

Reduce WasmThemis binary size x3, by increasing the compiler optimization level for WasmThemis build (919).

0.14.5 - WasmThemis improvement

0.14.5, April 14th 2022

Typescript compatibility issues in WasmThemis

• Improved SecureCell Seal in WasmThemis. Added optional context parameters to SecureCell Seal mode instead of using arguments in methods encrypt() and decrypt() to make compilers happy (#909).

0.14.4 – Themis React Native support

React Native Support

• Added React Native Themis with Typescript support (#902, #903, #905, #906).

  react-native-themis is now available on npm! 🎉

  npm install react-native-themis
  

  Read more about React Native support.

0.14.1 - Hotfix for JsThemis on Apple M1

0.14.1, March 18th 2022

Hotfix for JsThemis on Apple M1

Code:

• Node.js

  • JsThemis now works with libthemis installed from Homebrew on Apple M1 (#907).

0.14.0

0.14.0, December 24th 2021

TL;DR:

• JavaThemis for Android has moved to Maven Central (read more).
• JavaThemis for Java is available on Maven Central (read more).
• Themis is now available via Swift Package Manager (read more)
• Themis for iOS and macOS is also available as XCFramework, attached to the release.
• TypeScript definitions and ES6 module are now available for WasmThemis (read more).
• Node.js v16 is now supported.
• Overhaul of documentation once again.
• New Themis Core packages with BoringSSL – libthemis-boringssl.
• OpenSSL 3.0 support is work-in-progress, but not ready yet (read more).
• And as usual: more security hardening, fewer known bugs.

Breaking changes and deprecations:

• Themis Core: private C header files are no longer installed.
• GoThemis: ErrOverflow is now deprecated.
• Rust: themis now requires Rust 1.47 or newer.
• Rust: libthemis-src is no longer supported.
• Installing Themis via Carthage now requires Carthage 0.38 or newer (read more).
• Deprecated CocoaPods subspecs themis/themis-openssl and themis/themis-boringssl have been removed (read more)
• Themis Server (Themis Interactive Simulator) is no longer supported (read more.

Code:

• Core

  • Include embedded BoringSSL into Soter for convenience (#681, #702).

  • make deb and make rpm with ENGINE=boringssl will now produce libthemis-boringssl packages with embedded BoringSSL (#683, #686).

  • secure_session_create() now allows only EC keys, returning an error for RSA (#693).

  • Cleaned up unused private API. Thanks to @luismerino for pointing this out (#714).

  • Cleaned up public header files and API of Themis and Soter (#759).

    Private header files are no longer installed. Private APIs which have been unintentially exported are no longer available. This might be a breaking change for those who have used them. Please refrain from using private API and include only public API:

    #include <themis/themis.h>

    Users of official high-level wrappers are not affected. However, this might affect developers of third-party wrappers. Refer to the detailed description below for a list of removed headers.

    The following Soter headers are no longer available:

    • <soter/soter_container.h>
    • <soter/soter_crc32.h>
    • <soter/soter_ec_key.h>
    • <soter/soter_portable_endian.h>
    • <soter/soter_rsa_key.h>
    • <soter/soter_sign_ecdsa.h>
    • <soter/soter_sign_rsa.h>
    • <soter/soter_t.h>

    All APIs previously exported by them are no longer available as well.

    The following Themis headers are no longer available:

    • <themis/secure_cell_alg.h>
    • <themis/secure_cell_seal_passphrase.h>
    • <themis/secure_comparator_t.h>
    • <themis/secure_message_wrapper.h>
    • <themis/secure_session_peer.h>
    • <themis/secure_session_t.h>
    • <themis/secure_session_utils.h>
    • <themis/sym_enc_message.h>
    • <themis/themis_portable_endian.h>

    All APIs previously exported by them are no longer available as well.

    In addition to that, the following private symbols and definitions previously exported by <themis/secure_session.h> have been hidden:

    • THEMIS_SESSION_ID_TAG
    • THEMIS_SESSION_PROTO_TAG
    • SESSION_MASTER_KEY_LENGTH
    • SESSION_MESSAGE_KEY_LENGTH
    • struct secure_session_peer_type
    • typedef secure_session_peer_t
    • typedef secure_session_handler
    • secure_session_peer_init()
    • secure_session_peer_cleanup()

  • Fixed multiple buffer overflows in Secure Message (#763).

  • Fixed cross-compilation on macOS by setting ARCH and SDK variables (#849).

  • Updated embedded BoringSSL to the latest version (#812).

  • Builds with OpenSSL 3.0 will result in a compilation error for the time being (#872).

  • Hardened EC/RSA key generation and handling in Secure Message and Secure Session (#875, #876)

• Android

  • Example project moved to the main repository – docs/examples/android (#813).
  • Example project is now written in Kotlin (#813).
  • Updated embedded BoringSSL to the latest version (#812).

• C++

  • themispp::secure_message_t::sign() output is a bit smaller now (#775).

• Go

  • Error ErrOverflow is now deprecated in favor of ErrOutOfMemory, new error types were added (#711).
  • SecureMessage.Sign() output is a bit smaller now (#775).

• Java / Kotlin

  • SecureMessage#sign() output is a bit smaller now (#777).

  • JavaThemis for Android and desktop Java is now published in the Maven Central repository (#786, #788).

    Add the Maven Central repository to your build.gradle:

    repositories {
        mavenCentral()
    }

    For Android, use this dependency:

    dependencies {
        implementation 'com.cossacklabs.com:themis:0.14.0'
    }

    For desktop systems use this one:

    dependencies {
        implementation 'com.cossacklabs.com:java-themis:0.14.0'
    }

  • Example project for desktop Java moved to the main repository – docs/examples/java (#816).

• Objective-C

  • Updated Objective-C examples (iOS and macOS, Carthage and CocoaPods) to showcase usage of the newest Secure Cell API: generating symmetric keys and using Secure Cell with Passphrase (#688) and to use latest Themis 0.13.4 (#701, #703, #706, #723, #724, #726, #740).
  • TSSession initializer now returns an error (nil) when given incorrect key type (#710).
  • Improved compatibility with Xcode 12 (#742).
  • Updated CocoaPods examples to the latest Themis version 0.13.10 (#834).
  • Removed deprecated CocoaPods subspecs: themis/themis-openssl and themis/themis-boringssl (#884, #885).

• PHP

  • libphpthemis packages for Debian/Ubuntu now have accurate dependencies (#683).
  • PHP Composer 2.0 is now supported by PHPThemis unit tests (#730).

• Node.js

  • SecureSession constructor now throws an exception when given incorrect key type (#698).
  • Node.js v16 is now supported (#801).

• Python

  • SSession constructor now throws an exception when given incorrect key type (#710).

• Ruby

  • Ssession constructor now throws an exception when given incorrect key type (#710).

• Rust

  • Dropped libthemis-src crate support and removed the vendored feature. RustThemis wrapper now requires Themis Core to be installed in the system (#691).
  • Updated zeroize depedency to 1.x version. Rust 1.47 or newer is now required (#799).

• Swift

  • Updated Swift examples (iOS and macOS, Carthage and CocoaPods) to showcase usage of the newest Secure Cell API: generating symmetric keys and using Secure Cell with Passphrase (#688) and to use latest Themis 0.13.4 (#701, #703, #706, [#740](h...

0.13.12 - Hotfix for Apple platforms

Hotfix for Apple arm64 simulators for M1

• Fixed issue 864: Themis XCFramework now includes arm64 slice for simulators (865).

Code:

• Fixed Themis.xcodeproj build settings: removed arm64 from exluded architectures (865).

0.13.11 - Hotfix for WasmThemis

Hotfix for WasmThemis, resolving issues with deploying web applications for browers.

• Fixed issue when bundling WasmThemis with webpack (#779).

Code:

• WebAssembly

  • Fixed issue with TypeError: TextEncoder is not a constructor when bundling WasmThemis with webpack (#779).

0.13.10 - Hotfix for Apple platforms

Deprecation Notice for CocoaPods users:

• themis/themis-openssl subspec based on GRKOpenSSLFramework is deprecated and will be removed in Themis version 0.14.
• themis/themis-boringssl subspec based on BoringSSL is deprecated and will be removed in Themis version 0.14.

Please, switch to the default option in your Podfile: pod 'themis'

Hotfix for Apple platforms:

• themis for CocoaPods now uses XCFrameworks, supports Apple Silicon, and OpenSSL 1.1.1k (#828).
• Updated Carthage examples to use Themis XCFramework (#823).

Code:

• Objective-C / Swift

  • themis for CocoaPods now uses XCFrameworks, supports Apple Silicon, and OpenSSL 1.1.1k (#828).

0.13.9 - Hotfix for Apple platforms

• themis for Carthage switched to using XCFrameworks (#817). So, the minimum required Carthage version is now 0.38.0. You can continue using previous Themis version with previous Carthage versions.
• Updated OpenSSL to the latest 1.1.1k for Carthage (#817).

Code:

• Objective-C / Swift

  • themis for Carthage now pulls OpenSSL dependency as XCFramework, and Carthage builds themis as XCFramework as well. Themis.xcodeproj now uses openssl.xcframwork and themis.xcframework. Carthage dependencies should be built with --use-xcframeworks flag (#817).
  • Updated OpenSSL to the latest 1.1.1k for Carthage (#817).
  • Tests (Github Actions) are updated to use the latest Carthage version (0.38.0 and up) and --use-xcframeworks flag (#817).