v3.3.0

Please install Geralt via NuGet.

Added

• A SecureMemory class that contains methods for zeroing byte arrays, char arrays, and strings as well as locking/unlocking byte arrays. Note that arrays must be pinned for these methods to work properly.
• Guarded heap allocations, which can be used instead of regular allocations for additional security. However, there's a performance penalty, and this functionality shouldn't be used for large amounts of variables/data due to system limits. Make sure you read the new documentation.
• A Validation.MultipleOfSize() method to check that an integer is a multiple of another integer.

Changed

• Every method in all the incremental classes now checks whether the object has been disposed, throwing ObjectDisposedException if so.
• The test packages have been updated.

Fixed

• A bug with SecureRandom.GetPassphrase() returning passphrases containing '\r' characters on Windows. This wasn't a problem in .NET 6 and wasn't detectable in a library context, only in a CLI application.
• The libsodium package has been updated, which fixes win-arm64 support not working.

v3.2.0

Please install Geralt via NuGet.

Added

• The IncrementalBLAKE2b state can now be cached. This means static data at the beginning (e.g., the same key) can be processed just once for repeated calls, improving performance. Note that CacheState() can only cache the state once. Each subsequent call will overwrite the previously cached state. This was done for backwards compatibility, to allow zeroing the cached state, and because you shouldn't be able to cache the state with IncrementalPoly1305, for example.

Changed

• Now using some new language features, like LibraryImport.
• The state in incremental classes now gets zeroed if there's an exception/Dispose() is manually called.
• The byte array buffers in Encodings.ToHex() and Encodings.ToBase64() now get zeroed after a string is returned.
• BLAKE2b.ComputeHash() with a stream now throws InvalidOperationException if the stream can't be read. Previously, this would've been a NotSupportedException from the .NET API.
• Tests are now run on .NET 9 as well as .NET 8.
• The test packages have been updated.

Fixed

• stackalloc is no longer used for Encodings.ToHex() and Encodings.ToBase64(), which could've resulted in a StackOverflowException with large enough inputs.

Removed

• .NET 6 is no longer targeted since it's out of support.

v3.1.0

Please install Geralt via NuGet.

Added

• A Reinitialize() function for the Incremental classes. This saves you having to create another using statement in some scenarios.

Changed

• Added support for iOS, tvOS, and Mac Catalyst. Help is wanted to test this (#7).
• No longer targeting .NET 7 as it's out of support.
• Updated the libsodium version to 1.0.20.
• Minor test improvements.

Deprecated

• .NET 6 support will be dropped in November 2024, which will allow some newer language features to be used.

v3.0.1

Please install Geralt via NuGet.

Changed

• Now targeting .NET 8.
• Now testing on .NET 8.
• Minor test improvements.

v3.0.0

Please install Geralt via NuGet.

Warning

This release contains breaking changes to public constants, function/class renaming, and more validation to improve the API. Please update your code accordingly. Updates to the documentation are in progress.

Added

• AEGIS-128L and AEGIS-256, which are fast, key committing AES-based AEAD schemes that were finalists in the CAESAR competition. They are both preferable to AES-GCM and AES-OCB. The implementations also don't require hardware support to work, although performance will be affected and side-channels may exist.
• FinalizeAndVerify() methods for IncrementalBLAKE2b and IncrementalPoly1305. These are like the non-incremental VerifyTag() methods.
• Validation to prevent updating the state after finalizing or finalizing twice in Incremental classes. This includes after specifying ChunkFlag.Final in IncrementalXChaCha20Poly1305.
• Validation that encoded password hash strings are for Argon2id, not Argon2i/Argon2d.
• A check for counter overflows with XChaCha20 to match ChaCha20.
• A NotGreaterThanMax() validation function.
• A link to the release notes on NuGet.
• GitHub Actions tests on linux-musl-x64.

Changed

• Updated to libsodium v1.0.19.
• The following constants have been changed: BLAKE2b.HashSize, BLAKE2b.MinKeySize, IncrementalBLAKE2b.HashSize, IncrementalBLAKE2b.MinKeySize, X25519.MinPreSharedKeySize, Argon2id.MinKeySize, and Argon2id.MinMemorySize. Argon2id.HashPrefix has also been made private.
• IncrementalEd25519 has been renamed to IncrementalEd25519ph.
• IncrementalEd25519ph.Verify() has been renamed to IncrementalEd25519ph.FinalizeAndVerify().
• Hyphenated words have been removed from the passphrase wordlist.
• Various exception messages have been rephrased.
• Code/test improvements.

v2.1.0

Please install Geralt via NuGet.

Added

• IncrementalEd25519, which uses Ed25519ph.
• Support for an empty salt with BLAKE2b.DeriveKey(). This is equivalent to a 128-bit all-zero salt. This makes sense when you only need to derive a single key or when there's no need for salting (e.g. ephemeral keys are involved in a key exchange).
• Preparations to support iOS in the future.

Changed

• American spellings (initialize, finalize, personalization, capitalize, etc) are now used for consistency.
• More thorough testing.
• Code improvements.

An upcoming release will likely change some constants (e.g. BLAKE2b.HashSize) to be consistent with libsodium. This will be a breaking change.

v2.0.0

Please install Geralt via NuGet.

Added

• IncrementalXChaCha20Poly1305, which is a wrapper around crypto_secretstream_*() for chunked stream/file encryption. You can read the Geralt documentation here.
• Constants for IncrementalBLAKE2b and IncrementalPoly1305, which are identical to the BLAKE2b and Poly1305 constants.
• Support for .NET 7.

Changed

• DeriveSenderSharedSecret() has been renamed to DeriveSenderSharedKey() for clarity.
• DeriveRecipientSharedSecret() has been renamed to DeriveRecipientSharedKey().
• ComputeXCoordinate() has been renamed to ComputeSharedSecret(). The above functions should still be preferred to prevent accidental vulnerabilities.
• The Validation class has been made public because it's useful for custom constructions without having to have hideous if statements everywhere.

Removed

• The BLAKE2bHashAlgorithm class because it returned a byte array. It has been replaced with a BLAKE2b.ComputeHash() function that takes a Stream and IncrementalBLAKE2b for keyed hashing.

v1.3.0

Please install Geralt via NuGet.

Added

• IncrementalBLAKE2b.
• IncrementalPoly1305.

Changed

• BLAKE2bHashAlgorithm now uses IncrementalBLAKE2b.
• The validation has been reordered for ChaCha20-Poly1305 and XChaCha20-Poly1305.

v1.2.0

Please install Geralt via NuGet.

Added

• Non-XOR methods for ChaCha20 and XChaCha20, which can be used to implement (X)ChaCha20-Poly1305.

v1.1.0

Please install Geralt via NuGet.

Added

• The internal counter for ChaCha20 and XChaCha20 can now be accessed. Overflow checking is done for the ChaCha20 counter.

Changed

• Spans.Concat() now accepts empty spans like Arrays.Concat() did.
• The incremental BLAKE2b state handling now matches libsodium-core.

Removed

• The Arrays class because spans and Spans.Concat() should be used instead.