mirrors/rage
1
0
Fork 0
mirror of https://github.com/str4d/rage.git synced 2025-04-03 19:07:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

Changelog updates

Browse source
This commit is contained in:
Jack Grigg 2021-03-14 21:23:22 +13:00
parent 083284eeed
commit 8fc525b86a
3 changed files with 14 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
age-core/CHANGELOG.md
View file

@ -7,6 +7,14 @@ and this project adheres to Rust's notion of
to 1.0.0 are beta releases.
## [Unreleased]
### Security
- `age_core::primitives::aead_decrypt` now takes a `size` argument, checked
against the plaintext length. This is to mitigate multi-key attacks, where a
ciphertext can be crafted that decrypts successfully under multiple keys.
Short ciphertexts can only target two keys, which has limited impact. See
[this commit message](https://github.com/FiloSottile/age/commit/2194f6962c8bb3bca8a55f313d5b9302596b593b)
for more details.
### Added
- `age_core::format::FILE_KEY_BYTES` constant.
- `age_core::plugin` module, which contains common backend logic used by both
@ -23,14 +31,6 @@ to 1.0.0 are beta releases.
API `age_core::format::read::legacy_age_stanza` accepts either kind of stanza
body encoding (the legacy minimal encoding, and the new explicit encoding).
### Security
- `age_core::primitives::aead_decrypt` now takes a `size` argument, checked
against the plaintext length. This is to mitigate multi-key attacks, where a
ciphertext can be crafted that decrypts successfully under multiple keys.
Short ciphertexts can only target two keys, which has limited impact. See
[this commit message](https://github.com/FiloSottile/age/commit/2194f6962c8bb3bca8a55f313d5b9302596b593b)
for more details.
## [0.5.0] - 2020-11-22
### Added
- Several structs used when implementing the `age::Identity` and