]>
git.lizzy.rs Git - PAKEs.git/log
Tony Arcieri [Tue, 21 Dec 2021 01:46:23 +0000 (18:46 -0700)]
2021 edition bump + doc improvements; MSRV 1.56 (#80)
- Bumps both `spake2` and `srp` to Rust 2021 edition
- Uses the new `doc = include_str!(...)` attribute to include README.md
files in the rustdoc
- Improves the README.md files, adding an initial one for `srp`
- clippy fixes for Rust 1.56
Josh Brown [Mon, 20 Dec 2021 10:44:13 +0000 (05:44 -0500)]
srp: replace custom powm with modpow (#78)
dependabot[bot] [Mon, 13 Sep 2021 13:49:19 +0000 (07:49 -0600)]
Bump num-bigint from 0.4.1 to 0.4.2 (#68)
Bumps [num-bigint](https://github.com/rust-num/num-bigint) from 0.4.1 to 0.4.2.
- [Release notes](https://github.com/rust-num/num-bigint/releases)
- [Changelog](https://github.com/rust-num/num-bigint/blob/master/RELEASES.md)
- [Commits](https://github.com/rust-num/num-bigint/compare/num-bigint-0.4.1...num-bigint-0.4.2)
---
updated-dependencies:
- dependency-name: num-bigint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] [Fri, 10 Sep 2021 07:20:13 +0000 (07:20 +0000)]
Bump sha2 from 0.9.7 to 0.9.8 (#70)
dependabot[bot] [Wed, 8 Sep 2021 23:28:17 +0000 (23:28 +0000)]
Bump sha2 from 0.9.6 to 0.9.7 (#69)
dependabot[bot] [Mon, 30 Aug 2021 23:17:52 +0000 (17:17 -0600)]
Bump num-bigint from 0.4.0 to 0.4.1 (#67)
Bumps [num-bigint](https://github.com/rust-num/num-bigint) from 0.4.0 to 0.4.1.
- [Release notes](https://github.com/rust-num/num-bigint/releases)
- [Changelog](https://github.com/rust-num/num-bigint/blob/master/RELEASES.md)
- [Commits](https://github.com/rust-num/num-bigint/compare/num-bigint-0.4.0...num-bigint-0.4.1)
---
updated-dependencies:
- dependency-name: num-bigint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] [Fri, 27 Aug 2021 23:24:29 +0000 (17:24 -0600)]
Bump sha2 from 0.9.5 to 0.9.6 (#66)
Bumps [sha2](https://github.com/RustCrypto/hashes) from 0.9.5 to 0.9.6.
- [Release notes](https://github.com/RustCrypto/hashes/releases)
- [Commits](https://github.com/RustCrypto/hashes/compare/sha2-v0.9.5...sha2-v0.9.6)
---
updated-dependencies:
- dependency-name: sha2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] [Fri, 27 Aug 2021 23:09:51 +0000 (17:09 -0600)]
Bump sha-1 from 0.9.7 to 0.9.8 (#65)
Bumps [sha-1](https://github.com/RustCrypto/hashes) from 0.9.7 to 0.9.8.
- [Release notes](https://github.com/RustCrypto/hashes/releases)
- [Commits](https://github.com/RustCrypto/hashes/compare/sha-1-v0.9.7...sha-1-v0.9.8)
---
updated-dependencies:
- dependency-name: sha-1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Tony Arcieri [Thu, 26 Aug 2021 01:55:51 +0000 (19:55 -0600)]
Cargo.lock: bump dependencies (#64)
Tony Arcieri [Thu, 26 Aug 2021 01:29:02 +0000 (19:29 -0600)]
spake2: bump `hkdf` dependency to v0.11 (#63)
Sosthene-Guedon [Sat, 24 Jul 2021 21:15:53 +0000 (23:15 +0200)]
Fix typo over -> other (#60)
dependabot[bot] [Mon, 19 Jul 2021 23:18:03 +0000 (16:18 -0700)]
Bump sha-1 from 0.9.6 to 0.9.7 (#59)
Bumps [sha-1](https://github.com/RustCrypto/hashes) from 0.9.6 to 0.9.7.
- [Release notes](https://github.com/RustCrypto/hashes/releases)
- [Commits](https://github.com/RustCrypto/hashes/compare/sha-1-v0.9.6...sha-1-v0.9.7)
---
updated-dependencies:
- dependency-name: sha-1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Luca Bruno [Mon, 21 Jun 2021 14:30:23 +0000 (14:30 +0000)]
srp: fix typos in docstrings (#58)
This fixes a few minor typos in docstrings.
dependabot[bot] [Wed, 12 May 2021 13:08:46 +0000 (06:08 -0700)]
Bump sha-1 from 0.9.4 to 0.9.6 (#56)
Bumps [sha-1](https://github.com/RustCrypto/hashes) from 0.9.4 to 0.9.6.
- [Release notes](https://github.com/RustCrypto/hashes/releases)
- [Commits](https://github.com/RustCrypto/hashes/compare/sha-1-v0.9.4...sha-1-v0.9.6)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Tony Arcieri [Fri, 30 Apr 2021 21:23:33 +0000 (14:23 -0700)]
Cargo.lock: bump dependencies (#52)
dependabot[bot] [Fri, 30 Apr 2021 19:41:42 +0000 (12:41 -0700)]
Bump num-bigint from 0.2.6 to 0.4.0 (#46)
Bumps [num-bigint](https://github.com/rust-num/num-bigint) from 0.2.6 to 0.4.0.
- [Release notes](https://github.com/rust-num/num-bigint/releases)
- [Changelog](https://github.com/rust-num/num-bigint/blob/master/RELEASES.md)
- [Commits](https://github.com/rust-num/num-bigint/compare/num-bigint-0.2.6...num-bigint-0.4.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] [Fri, 30 Apr 2021 19:37:33 +0000 (12:37 -0700)]
Bump generic-array from 0.12.3 to 0.14.4 (#45)
Bumps [generic-array](https://github.com/fizyk20/generic-array) from 0.12.3 to 0.14.4.
- [Release notes](https://github.com/fizyk20/generic-array/releases)
- [Changelog](https://github.com/fizyk20/generic-array/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fizyk20/generic-array/compare/0.12.3...0.14.4)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Tony Arcieri [Fri, 30 Apr 2021 19:32:30 +0000 (12:32 -0700)]
Add Dependabot config (#43)
Tony Arcieri [Fri, 30 Apr 2021 19:31:32 +0000 (12:31 -0700)]
Migrate to GitHub Actions (#42)
Uses the standard boilerplate we've been using for other projects
Artyom Pavlov [Fri, 12 Feb 2021 22:06:58 +0000 (22:06 +0000)]
Edit badges
Tony Arcieri [Wed, 7 Oct 2020 19:49:44 +0000 (12:49 -0700)]
srp v0.5.0 (#38)
Masih Yeganeh [Wed, 7 Oct 2020 19:15:18 +0000 (22:45 +0330)]
Bump digest, sha-1, and sha2 dependencies to v0.9 (#37)
Tony Arcieri [Wed, 7 Oct 2020 18:34:12 +0000 (11:34 -0700)]
Bump MSRV to 1.41.0 (#36)
newpavlov [Thu, 7 Nov 2019 15:53:34 +0000 (18:53 +0300)]
srp v0.4.3
newpavlov [Thu, 7 Nov 2019 15:50:43 +0000 (18:50 +0300)]
remove num_traits dep
Brian Warner [Wed, 6 Nov 2019 21:37:39 +0000 (13:37 -0800)]
spake2: update to hex-0.4
est31 [Wed, 6 Nov 2019 12:31:52 +0000 (13:31 +0100)]
Switch from num to num-traits and num-bigint (#31)
Brian Warner [Wed, 28 Aug 2019 18:59:01 +0000 (11:59 -0700)]
Merge branch 'pr28'
Brenden Matthews [Tue, 13 Aug 2019 19:09:49 +0000 (15:09 -0400)]
Fix spelling errors.
Brian Warner [Wed, 7 Aug 2019 18:09:39 +0000 (11:09 -0700)]
spake2: tighten the curve25519-dalek dependency to 1.2.x
This was just "1", which allowed our MSRV to be accidentally raised from 1.31
to 1.32 without a deliberate spake2 minor-version bump (dalek-1.0.x compiles
with rustc-1.31, but dalek-1.1.x required 1.32).
Hopefully by making it "1.2", our MSRV will remain at 1.32 until we
explicitly decide to take on a dependency that needs something newer.
refs #21
Brian Warner [Wed, 7 Aug 2019 20:47:03 +0000 (13:47 -0700)]
travis: use rust 'stable' for rustfmt check
This was previously locked down at a specific version (1.31.0, much older
than the current 1.36), so we'd get consistent behavior over time. But since
we allow the rustfmt build to fail (it's in allow_failures), we don't need
this consistency so much. PR authors are expected to format their code
against the current stable rustfmt, but test it against the MSRV (currently
1.32.0).
refs #21
Brian Warner [Wed, 7 Aug 2019 20:44:14 +0000 (13:44 -0700)]
Merge branch '21-pin-travis'
refs #21
Brian Warner [Wed, 7 Aug 2019 19:20:11 +0000 (12:20 -0700)]
document MSRV, remove 1.31.1 from travis
Brian Warner [Wed, 7 Aug 2019 17:53:46 +0000 (10:53 -0700)]
oops, be more specific about the rust version: 1.32.0
Brian Warner [Wed, 7 Aug 2019 17:49:56 +0000 (10:49 -0700)]
travis: exercise 1.31.1 and 1.32
1.31.1 is our intended MSRV (Minimum Supported Rust Version), but we probably
don't actually work there because of an insufficiently-constrained dependency
that requires 1.32.
1.32 is probably our actual MSRV, and will be the one we aim for going
forward.
refs #21
Brian Warner [Wed, 7 Aug 2019 17:47:25 +0000 (10:47 -0700)]
Merge branch '21-update-hkdf'
refs #21
Brian Warner [Wed, 7 Aug 2019 00:41:46 +0000 (17:41 -0700)]
update spake2 to current hkdf-0.8
Brian Warner [Thu, 18 Jul 2019 07:54:01 +0000 (00:54 -0700)]
spake2/Cargo.toml: num-bigint is merely a dev-dependency
We only use it in unit tests.
This might help with no-std, so refs #15
Артём Павлов [Artyom Pavlov] [Sun, 7 Apr 2019 12:01:30 +0000 (15:01 +0300)]
srp doc fix. closes #16
Brian Warner [Thu, 20 Dec 2018 21:15:43 +0000 (16:15 -0500)]
(cargo-release) start next development iteration spake2-v0.2.1-alpha.0
Brian Warner [Thu, 20 Dec 2018 21:15:21 +0000 (16:15 -0500)]
(cargo-release) spake2-v0.2.0
Brian Warner [Thu, 20 Dec 2018 21:04:35 +0000 (16:04 -0500)]
srp: release srp-0.4.0
Brian Warner [Thu, 20 Dec 2018 21:01:37 +0000 (16:01 -0500)]
Merge branch 'edition-2018'
Brian Warner [Thu, 20 Dec 2018 20:57:00 +0000 (15:57 -0500)]
srp/Cargo.toml: remember to bump minor version for next release
Since edition=2018 means we'll require rust-1.31
Henry de Valence [Fri, 14 Dec 2018 00:15:22 +0000 (16:15 -0800)]
Use curve25519-dalek v1
Brian Warner [Thu, 6 Dec 2018 20:02:13 +0000 (12:02 -0800)]
update srp to idioms of edition-2018
Brian Warner [Thu, 6 Dec 2018 19:57:53 +0000 (11:57 -0800)]
srp: fix to work with edition-2018
Brian Warner [Thu, 6 Dec 2018 19:56:51 +0000 (11:56 -0800)]
srp: fix some low-hanging clippy warnings
Brian Warner [Thu, 6 Dec 2018 19:48:10 +0000 (11:48 -0800)]
update spake2 to edition-2018
Brian Warner [Thu, 6 Dec 2018 19:17:51 +0000 (11:17 -0800)]
reformat using rustfmt from latest 1.31.0
Brian Warner [Thu, 6 Dec 2018 22:54:25 +0000 (14:54 -0800)]
spake2: Merge PR11: better Debug impl
Brian Warner [Thu, 6 Dec 2018 19:30:21 +0000 (11:30 -0800)]
add group name to SPAKE2 Debug impl
Richo Healey [Tue, 4 Dec 2018 03:51:29 +0000 (19:51 -0800)]
More idiomatic Debug impl
Brian Warner [Thu, 29 Nov 2018 18:19:39 +0000 (10:19 -0800)]
travis: update RUSTFMT to use rust-1.30 instead of 1.29
Brian Warner [Thu, 29 Nov 2018 18:17:40 +0000 (10:17 -0800)]
Merge PR10: update-deps
Brian Warner [Thu, 29 Nov 2018 17:30:07 +0000 (09:30 -0800)]
fix rustfmt
Brian Warner [Wed, 28 Nov 2018 19:28:10 +0000 (11:28 -0800)]
deps: update srp to lazy_static-1.2
Brian Warner [Tue, 27 Nov 2018 23:10:36 +0000 (15:10 -0800)]
deps: update to rand-0.6
Brian Warner [Tue, 30 Oct 2018 02:38:40 +0000 (19:38 -0700)]
fix spake2 doctests
Brian Warner [Mon, 29 Oct 2018 22:46:14 +0000 (15:46 -0700)]
spake2: add docs and basic doctest to lib.rs
Артём Павлов [Artyom Pavlov] [Mon, 22 Oct 2018 21:01:17 +0000 (00:01 +0300)]
update SRP dependencies
Brian Warner [Sat, 20 Oct 2018 16:39:12 +0000 (09:39 -0700)]
README: add deps.rs badge
Brian Warner [Wed, 17 Oct 2018 17:44:37 +0000 (10:44 -0700)]
update spake2 deps (sha2-0.8, hkdf-0.7)
Brian Warner [Wed, 17 Oct 2018 18:06:24 +0000 (11:06 -0700)]
travis: allow rustfmt to fail
I'm on the fence about this, but I have to admit that having your PR fail
because of formatting issues isn't a great experience for new contributors.
We will need to run `cargo fmt` ourselves on a regular basis.
Artyom Pavlov [Wed, 17 Oct 2018 18:11:24 +0000 (18:11 +0000)]
spake2 code reorganization (#6)
newpavlov [Wed, 17 Oct 2018 17:07:08 +0000 (20:07 +0300)]
add doc logo
newpavlov [Wed, 17 Oct 2018 17:04:59 +0000 (20:04 +0300)]
replaced / with OR in license fields
Brian Warner [Tue, 16 Oct 2018 22:38:54 +0000 (15:38 -0700)]
(cargo-release) start next development iteration spake2-v0.1.2-alpha.0
Brian Warner [Tue, 16 Oct 2018 22:38:38 +0000 (15:38 -0700)]
(cargo-release) spake2-v0.1.1
Brian Warner [Tue, 16 Oct 2018 22:29:36 +0000 (15:29 -0700)]
spake2/Cargo.toml: update keywords, description, categories
Brian Warner [Tue, 16 Oct 2018 22:25:36 +0000 (15:25 -0700)]
spake2: update to latest deps (curve25519-dalek-0.21)
Brian Warner [Tue, 16 Oct 2018 22:16:55 +0000 (15:16 -0700)]
delete spake2/.travis.yml and .gitignore, subsumed by top-level files
Brian Warner [Tue, 16 Oct 2018 22:14:26 +0000 (15:14 -0700)]
Merge branch 'rustfmt'
Brian Warner [Tue, 16 Oct 2018 22:07:07 +0000 (15:07 -0700)]
reformat all code to match rustfmt-1.29.0
Brian Warner [Tue, 16 Oct 2018 22:07:07 +0000 (15:07 -0700)]
travis: cargo fmt now wants --check
Brian Warner [Tue, 16 Oct 2018 22:03:23 +0000 (15:03 -0700)]
travis: need to install rustfmt component
Brian Warner [Tue, 16 Oct 2018 21:59:32 +0000 (14:59 -0700)]
travis: test rustfmt too
Brian Warner [Tue, 16 Oct 2018 21:53:28 +0000 (14:53 -0700)]
spake2/Cargo.toml: add metadata to fix cargo-release commit messages
This ensures that our tags and automatically-generated commits (before and
after each release, automated by 'cargo-release') refer to the correct
version strings, like "spake2-v0.1.0". The default tag would be
"spake2-0.1.0", and the commit messages wouldn't mention "spake2" at
all (which might get confusing now that we have multiple crates in a single
repo).
Brian Warner [Tue, 16 Oct 2018 18:06:26 +0000 (11:06 -0700)]
Cargo.toml: update repo URLs
finish relicensing spake2 to MIT/Apache-2.0
Brian Warner [Tue, 16 Oct 2018 18:02:55 +0000 (11:02 -0700)]
READMEs: relicense spake2 under dual MIT+Apache2
Also update spake2 protocol URL, update badges.
Brian Warner [Tue, 16 Oct 2018 17:25:03 +0000 (10:25 -0700)]
Cargo.toml: add spake2 to the workspace
Артём Павлов [Artyom Pavlov] [Tue, 16 Oct 2018 17:16:54 +0000 (20:16 +0300)]
readme update
Brian Warner [Tue, 16 Oct 2018 00:13:55 +0000 (17:13 -0700)]
Add 'spake2/' from commit '
f6e9d07dffa9a9b39f203c23043f93337ebe1ab6 '
git-subtree-dir: spake2
git-subtree-mainline:
1afa40d15b0c2cecc989bdfc67a5251aa5cd5954
git-subtree-split:
f6e9d07dffa9a9b39f203c23043f93337ebe1ab6
This moves https://github.com/warner/spake2.rs into the "spake2/"
subdirectory of https://github.com/RustCrypto/PAKEs .
I'll move the release tags over next, then update the travis config and
READMEs.
Brian Warner [Mon, 24 Sep 2018 18:44:06 +0000 (11:44 -0700)]
README/Cargo.toml: add more badges
Brian Warner [Tue, 21 Aug 2018 04:54:04 +0000 (21:54 -0700)]
(cargo-release) start next development iteration 0.1.1-alpha.0
Brian Warner [Tue, 21 Aug 2018 04:53:46 +0000 (21:53 -0700)]
(cargo-release) version 0.1.0
Brian Warner [Tue, 21 Aug 2018 04:52:16 +0000 (21:52 -0700)]
README: oops, I was supposed to bump the minor version for this release
I introduced a breaking API change, and should have named that last release
0.1.0 instead of 0.0.9. I'll release this as 0.1.0.
Brian Warner [Tue, 21 Aug 2018 04:45:11 +0000 (21:45 -0700)]
(cargo-release) start next development iteration 0.0.10-alpha.0
Brian Warner [Tue, 21 Aug 2018 04:44:43 +0000 (21:44 -0700)]
(cargo-release) version 0.0.9
Brian Warner [Tue, 21 Aug 2018 04:39:48 +0000 (21:39 -0700)]
README: soften the disclaimer by roughly 24%
Brian Warner [Tue, 21 Aug 2018 04:39:41 +0000 (21:39 -0700)]
cargo fmt
Brian Warner [Tue, 21 Aug 2018 04:36:33 +0000 (21:36 -0700)]
update deps: hkdf-0.6
Brian Warner [Fri, 27 Jul 2018 18:07:56 +0000 (11:07 -0700)]
update deps: curve25519-dalek=0.19
Brian Warner [Thu, 19 Jul 2018 23:40:06 +0000 (16:40 -0700)]
forbid unsafe_code, and warnings durings tests
Brian Warner [Tue, 26 Jun 2018 05:18:10 +0000 (22:18 -0700)]
update deps: curve25519-dalek=0.18
Brian Warner [Sun, 3 Jun 2018 20:57:19 +0000 (13:57 -0700)]
use newtypes for Password and Identity to avoid usage errors
This a breaking API change. The next release should bump the minor version
number.
As discussed in https://github.com/warner/spake2.rs/issues/3 and
https://github.com/warner/magic-wormhole.rs/issues/32 , if an application
were to accidentally swap the "password" and "identity" arguments (mainly for
start_symmetric which only takes two args), the app would appear to work, but
would contain a devastating security vulnerability (online brute-force
password attack, with precomputation enabled).
You might think of newtypes as giving the API named parameters. Instead of:
`s = start_symmetric(b"pw", b"appid")`
you get:
`s = start_symmetric(&Password::new(b"pw"), &Identity::new(b"appid"))`
but it protects you (with a compile-time error) against mistakes like:
`s = start_symmetric(&Identity::new(b"appid"), &Password::new(b"pw"))`
I'd like to find a way to remove requirement to pass a reference (and enable
`start_symmetric(Password::new(..)..)`).
Brian Warner [Sat, 26 May 2018 20:12:27 +0000 (13:12 -0700)]
(cargo-release) start next development iteration 0.0.9-alpha.0
Brian Warner [Sat, 26 May 2018 20:12:13 +0000 (13:12 -0700)]
(cargo-release) version 0.0.8
Brian Warner [Sat, 26 May 2018 19:54:25 +0000 (12:54 -0700)]
update deps: num-bigint=0.2
Brian Warner [Fri, 25 May 2018 19:24:15 +0000 (12:24 -0700)]
(cargo-release) start next development iteration 0.0.8-alpha.0