v3.0.0

Please install Geralt via NuGet.

Warning

This release contains breaking changes to public constants, function/class renaming, and more validation to improve the API. Please update your code accordingly. Updates to the documentation are in progress.

Added

• AEGIS-128L and AEGIS-256, which are fast, key committing AES-based AEAD schemes that were finalists in the CAESAR competition. They are both preferable to AES-GCM and AES-OCB. The implementations also don't require hardware support to work, although performance will be affected and side-channels may exist.
• FinalizeAndVerify() methods for IncrementalBLAKE2b and IncrementalPoly1305. These are like the non-incremental VerifyTag() methods.
• Validation to prevent updating the state after finalizing or finalizing twice in Incremental classes. This includes after specifying ChunkFlag.Final in IncrementalXChaCha20Poly1305.
• Validation that encoded password hash strings are for Argon2id, not Argon2i/Argon2d.
• A check for counter overflows with XChaCha20 to match ChaCha20.
• A NotGreaterThanMax() validation function.
• A link to the release notes on NuGet.
• GitHub Actions tests on linux-musl-x64.

Changed

• Updated to libsodium v1.0.19.
• The following constants have been changed: BLAKE2b.HashSize, BLAKE2b.MinKeySize, IncrementalBLAKE2b.HashSize, IncrementalBLAKE2b.MinKeySize, X25519.MinPreSharedKeySize, Argon2id.MinKeySize, and Argon2id.MinMemorySize. Argon2id.HashPrefix has also been made private.
• IncrementalEd25519 has been renamed to IncrementalEd25519ph.
• IncrementalEd25519ph.Verify() has been renamed to IncrementalEd25519ph.FinalizeAndVerify().
• Hyphenated words have been removed from the passphrase wordlist.
• Various exception messages have been rephrased.
• Code/test improvements.