v0.9.6

• Validate invalid PSK positions when building a Noise protocol.
• Raise errors in various typos/mistakes in Noise patterns when parsing.
• Deprecate the sodiumoxide backend, as that crate is no longer maintained. We may eventually migrate it to a maintaned version of the crate, but for now it's best to warn users.
• Set a hard limit in read_message() in transport mode to 65535 to be fully compliant with the Noise specification.

Full Changelog: v0.9.5...v0.9.6

v0.9.5

This is a security release that fixes a logic flaw in decryption in TransportState (i.e. the stateful one), where the nonce could increase even when decryption failed, which can cause a desync between the sender and receiver, opening this up as a denial of service vector if the attacker has the ability to inject packets in the channel Noise is talking over.

More details can be found in the advisory: GHSA-7g9j-g5jg-3vv3

All users are encouraged to update.

v0.9.4

This is a dependency version bump release because a couple of important dependencies released new versions that needed a Cargo.toml bump:

• ring 0.17
• pqcrypto-kyber 0.8
• aes-gcm 0.10
• chacha20poly1305 0.10

v0.9.3

This is a quick patch release to use the stable 4.0 version of curve25519-dalek.

v0.9.2

This is a patch release to address a correctness issue for compliance with the Noise specification: the nonce $2^{64} - 1$ is reserved for rekeying, and CipherState and StatelessCipherState did not check that, instead just making sure that there was no integer overflow.

Thanks to @kjvalencik for reporting the issue and @complexspaces for contributing the fix PR (#152).

Thanks to @robyoder as well for fixing broken links and making sure all links were HTTPS (#151).

Full Changelog: v0.9.1...v0.9.2

v0.9.1

This is a patch release to fix build breakages due to not pinning curve25519-dalek to a specific pre-release version.

Thanks to @Kofituo and @thomaseizinger for bringing it to attention and @tarcieri for the fix PR (#148).

v0.9.0

This is a maintenance release, with the exception of some minor function signature changes where snow::Error is now the error type instead of ().

Changes

• Updated all dependencies to latest
• Cleaner error handling with fewer unwraps, thanks to @BlackHoleFox
• Reduced number of dependencies for the crate by using curve25519-dalek directly and no longer depending on rand.

Full Changelog: v0.8.1...v0.9.0

v0.8.0

This change increases the minor version to avoid issues from updating underlying dependencies. It's otherwise quite minor of a change.

v0.7.2

v0.7.2

v0.7.1

• Add missing checks to HandshakeState::read_message which would allow panics to happen if the read wasn't called in the correct order.
• Updated RustCrypto crates.