[new release] mirage-crypto (9 packages) (1.0.0) #26163
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CHANGES: ### Breaking changes * mirage-crypto: Poly1305 API now uses string (mirage/mirage-crypto#203 @hannesm) * mirage-crypto: Poly1305 no longer has type alias "type mac = string" (mirage/mirage-crypto#232 @hannesm) * mirage-crypto: the API uses string instead of cstruct (mirage/mirage-crypto#214 @reynir @hannesm) * mirage-crypto: Hash module has been removed. Use digestif if you need hash functions (mirage/mirage-crypto#213 @hannesm) * mirage-crypto: the Cipher_block and Cipher_stream modules have been removed, its contents is inlined: Mirage_crypto.Cipher_block.S -> Mirage_crypto.Block Mirage_crypto.Cipher_stream.S -> Mirage_crypto.Stream Mirage_crypto.Cipher_block.AES.CTR -> Mirage_crypto.AES.CTR (mirage/mirage-crypto#225 @hannesm, suggested in mirage/mirage-crypto#224 by @reynir) * mirage-crypto-pk: s-expression conversions for private and public keys (Dh, Dsa, Rsa) have been removed. You can use PKCS8 for encoding and decoding `X509.{Private,Public}_key.{en,de}code_{der,pem}` (mirage/mirage-crypto#208 @hannesm) * mirage-crypto-pk: in the API, Cstruct.t is no longer present. Instead, string is used (mirage/mirage-crypto#211 @reynir @hannesm) * mirage-crypto-rng: the API uses string instead of Cstruct.t. A new function `generate_into : ?g -> bytes -> ?off:int -> int -> unit` is provided (mirage/mirage-crypto#212 @hannesm @reynir) * mirage-crypto-ec: remove NIST P224 support (mirage/mirage-crypto#209 @hannesm @Firobe) * mirage-crypto: in Uncommon.xor_into the arguments ~src_off and ~dst_off are required now (mirage/mirage-crypto#232 @hannesm), renamed to unsafe_xor_into (98f01b14f5ebf98ba0e7e9c2ba97ec518f90fddc) * mirage-crypto-pk, mirage-crypto-rng: remove type alias "type bits = int" (mirage/mirage-crypto#236 @hannesm) ### Bugfixes * mirage-crypto (32 bit systems): CCM with long adata (mirage/mirage-crypto#207 @reynir) * mirage-crypto-ec: fix K_gen for bitlen mod 8 != 0 (reported in mirage/mirage-crypto#105 that P521 test vectors don't pass, re-reported mirage/mirage-crypto#228, fixed mirage/mirage-crypto#230 @Firobe) * mirage-crypto-ec: zero out bytes allocated for Field_element.zero (reported mirleft/ocaml-x509#167, fixed mirage/mirage-crypto#226 @dinosaure) ### Data race free * mirage-crypto (3DES): avoid global state in key derivation (mirage/mirage-crypto#223 @hannesm) * mirage-crypto-rng: use atomic instead of reference to be domain-safe (mirage/mirage-crypto#221 @dinosaure @reynir @hannesm) * mirage-crypto, mirage-crypto-rng, mirage-crypto-pk, mirage-crypto-ec: avoid global buffers, use freshly allocated strings/bytes instead, avoids data races (mirage/mirage-crypto#186 mirage/mirage-crypto#219 @dinosaure @reynir @hannesm) ### Other changes * mirage-crypto: add {de,en}crypt_into functions (and unsafe variants) to allow less buffer allocations (mirage/mirage-crypto#231 @hannesm) * mirage-crypto-rng-miou: new package which adds rng support with miou (mirage/mirage-crypto#227 @dinosaure) * PERFORMANCE mirage-crypto: ChaCha20/Poly1305 use string instead of Cstruct.t, ChaCha20 interface unchanged, performance improvement roughly 2x (mirage/mirage-crypto#203 @hannesm @reynir) * mirage-crypto-ec, mirage-crypto-pk, mirage-crypto-rng: use digestif for hashes (mirage/mirage-crypto#212 mirage/mirage-crypto#215 @reynir @hannesm) * mirage-crypto-rng: use a set for entropy sources instead of a list (mirage/mirage-crypto#218 @hannesm) * mirage-crypto-rng-mirage: provide a module type S (for use instead of mirage-random in mirage) (mirage/mirage-crypto#234 @hannesm)
|
This is a major release, breaking API changes (see #26045 for already restricted upper bounds). Subsequently we'll release reverse dependencies that are compatible with mirage-crypto 1.0.0. It is a big milestone that we'll announce soon [tm]. :) After all, there's no longer a dependency onto |
hannesm
force-pushed
the
release-mirage-crypto-v1.0.0
branch
from
2529d94 to
666ae2d
Compare
|
Please note that arm64 test failures are fine for now (see mirage/mirage-crypto#216 for further details, maybe someone even has an idea for what to do on arm64 platforms). |
mseri
reviewed
Jun 29, 2024
packages/mirage-crypto-rng-miou-unix/mirage-crypto-rng-miou-unix.1.0.0/opam
Outdated
Show resolved
Hide resolved
|
Thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Simple symmetric cryptography for the modern age
CHANGES:
Breaking changes
(minor updates mirage/mirage-crypto#232 @hannesm)
functions (remove Hash mirage/mirage-crypto#213 @hannesm)
its contents is inlined:
Mirage_crypto.Cipher_block.S -> Mirage_crypto.Block
Mirage_crypto.Cipher_stream.S -> Mirage_crypto.Stream
Mirage_crypto.Cipher_block.AES.CTR -> Mirage_crypto.AES.CTR
(mirage-crypto: skip Cipher_block / Cipher_stream module indirection mirage/mirage-crypto#225 @hannesm, suggested in Revise API (remove intermediate modules) mirage/mirage-crypto#224 by @reynir)
Dsa, Rsa) have been removed. You can use PKCS8 for encoding and decoding
X509.{Private,Public}_key.{en,de}code_{der,pem}(mirage-crypto-pk: remove s-expression converters and sexplib0 dependency mirage/mirage-crypto#208 @hannesm)string is used (mirage-crypto-pk: revise API to not use Cstruct.t mirage/mirage-crypto#211 @reynir @hannesm)
generate_into : ?g -> bytes -> ?off:int -> int -> unitis provided(mirage-crypto-rng: use string instead of cstruct mirage/mirage-crypto#212 @hannesm @reynir)
required now (minor updates mirage/mirage-crypto#232 @hannesm), renamed to unsafe_xor_into
(98f01b14f5ebf98ba0e7e9c2ba97ec518f90fddc)
(mirage-crypto-pk, mirage-crypto-rng: remove useless type alias "type bits = int" mirage/mirage-crypto#236 @hannesm)
Bugfixes
P521 test vectors don't pass, re-reported P-521 sign not constant-time mirage/mirage-crypto#228, fixed [ec] Handle K_gen correctly for bitlen mod 8 <> 0 mirage/mirage-crypto#230 @Firobe)
String mirleft/ocaml-x509#167, fixed Set a new bytes used for elliptic curves computations to '\000' mirage/mirage-crypto#226 @dinosaure)
Data race free
@dinosaure @reynir @hannesm)
avoid global buffers, use freshly allocated strings/bytes instead, avoids
data races (Fix some data-races into
mirage-cryptomirage/mirage-crypto#186 avoid global buffers mirage/mirage-crypto#219 @dinosaure @reynir @hannesm)Other changes
less buffer allocations (provide ciphers with {de,en}crypt_into functionality mirage/mirage-crypto#231 @hannesm)
(Add an implementation of
mirage-crypto-rng-miouto initialize the RNG with Miou mirage/mirage-crypto#227 @dinosaure)ChaCha20 interface unchanged, performance improvement roughly 2x
(Chacha20-Poly1305: use string instead of cstruct mirage/mirage-crypto#203 @hannesm @reynir)
hashes (mirage-crypto-rng: use string instead of cstruct mirage/mirage-crypto#212 use digestif 1.2.0 API mirage/mirage-crypto#215 @reynir @hannesm)
(use a set for entropy sources mirage/mirage-crypto#218 @hannesm)
mirage-random in mirage) (mirage-crypto-rng-mirage: provide a module type S (to overcome the mirage-random opam package) mirage/mirage-crypto#234 @hannesm)