- Use
System.os_time/1
as the token signing date, since tokens are meant to be shared across machines
- Update Elixir requirement to v1.11+ and require Erlang/OTP 23.
- Encryption now uses XChaCha20-Poly1305, which is safer, faster, and generates smaller payloads. This means data encrypted with Plug.Crypto v2.0 cannot be decrypted on Plug.Crypto v1.x. However, Plug.Crypto v2.0 can still decrypt data from Plug.Crypto v1.0.
- Optimize
secure_compare
,masked_compare
, and key generator algorithms by relying on:crypto
code when using more recent Erlang/OTP versions.
- Allow AAD to be given as iolist
- Allow AAD to be given as argument on message encryptor
- Remove warnings on Elixir v1.14
- Remove warnings on Elixir v1.12
- Add support for Erlang/OTP 24
- Update Elixir requirement to Elixir 1.7+.
- Fixed a bug that allowed to sign and encrypt stuff with
nil
secret key base and salt.
- Do not key derive empty salts (default to no salt instead).
- Do not expose encryption with salt API.
- Allow default
:max_age
to be set when signing/encrypting.
- Add high-level
Plug.Crypto.sign/verify
andPlug.Crypto.encrypt/decrypt
.
- Split up the
plug_crypto
project from Plug as per elixir-lang/plug#766.