8 * Fixed incomplete return types in TypeScript typings.
9 * Replaced COPYING.txt with LICENSE file, which now has public domain dedication
10 text from The Unlicense. License fields in package.json and bower.json have
11 been set to "Unlicense". The project was and will be in the public domain --
12 this change just makes it easier for automated tools to know about this fact by
13 using the widely recognized and SPDX-compatible template for public domain
20 * Added TypeScript type definitions (contributed by @AndSDev).
21 * Improved benchmarking code.
27 Fixed a bug in the fast version of Poly1305 and brought it back.
29 Thanks to @floodyberry for promptly responding and fixing the original C code:
31 > "The issue was not properly detecting if st->h was >= 2^130 - 5, coupled with
32 > [testing mistake] not catching the failure. The chance of the bug affecting
33 > anything in the real world is essentially zero luckily, but it's good to have
36 https://github.com/floodyberry/poly1305-donna/issues/2#issuecomment-202698577
42 Switched Poly1305 fast version back to original (slow) version due to a bug.
48 No code changes, just tweaked packaging and added COPYING.txt.
54 * **Breaking change!** All functions from `nacl.util` have been removed. These
55 functions are no longer available:
59 nacl.util.decodeBase64
60 nacl.util.encodeBase64
62 If want to continue using them, you can include
63 <https://github.com/dchest/tweetnacl-util-js> package:
65 <script src="nacl.min.js"></script>
66 <script src="nacl-util.min.js"></script>
70 var nacl = require('tweetnacl');
71 nacl.util = require('tweetnacl-util');
73 However it is recommended to use better packages that have wider
74 compatibility and better performance. Functions from `nacl.util` were never
75 intended to be robust solution for string conversion and were included for
76 convenience: cryptography library is not the right place for them.
78 Currently calling these functions will throw error pointing to
79 `tweetnacl-util-js` (in the next version this error message will be removed).
81 * Improved detection of available random number generators, making it possible
82 to use `nacl.randomBytes` and related functions in Web Workers without
85 * Changes to testing (see README).
93 * Reverted license field in package.json to "Public domain".
95 * Fixed typo in README.
101 * Fixed undefined variable bug in fast version of Poly1305. No worries, this
102 bug was *never* triggered.
104 * Specified CC0 public domain dedication.
106 * Updated development dependencies.
112 * Exclude `crypto` and `buffer` modules from browserify builds.
118 * Made `nacl-fast` the default version in NPM package. Now
119 `require("tweetnacl")` will use fast version; to get the original version,
120 use `require("tweetnacl/nacl.js")`.
122 * Cleanup temporary array after generating random bytes.
128 * Improved performance of curve operations, making `nacl.scalarMult`, `nacl.box`,
129 `nacl.sign` and related functions up to 3x faster in `nacl-fast` version.
135 * Significantly improved performance of Salsa20 (~1.5x faster) and
136 Poly1305 (~3.5x faster) in `nacl-fast` version.
142 * Instead of using the given secret key directly, TweetNaCl.js now copies it to
143 a new array in `nacl.box.keyPair.fromSecretKey` and
144 `nacl.sign.keyPair.fromSecretKey`.
150 * Added new constant: `nacl.sign.seedLength`.
156 * Even faster hash for both short and long inputs (in `nacl-fast`).
162 * Implement `nacl.sign.keyPair.fromSeed` to enable creation of sign key pairs
163 deterministically from a 32-byte seed. (It behaves like
164 [libsodium's](http://doc.libsodium.org/public-key_cryptography/public-key_signatures.html)
165 `crypto_sign_seed_keypair`: the seed becomes a secret part of the secret key.)
167 * Fast version now has an improved hash implementation that is 2x-5x faster.
169 * Fixed benchmarks, which may have produced incorrect measurements.
175 * Exported undocumented `nacl.lowlevel.crypto_core_hsalsa20`.
181 * **Signature API breaking change!** `nacl.sign` and `nacl.sign.open` now deal
182 with signed messages, and new `nacl.sign.detached` and
183 `nacl.sign.detached.verify` are available.
185 Previously, `nacl.sign` returned a signature, and `nacl.sign.open` accepted a
186 message and "detached" signature. This was unlike NaCl's API, which dealt with
187 signed messages (concatenation of signature and message).
191 nacl.sign(message, secretKey) -> signedMessage
192 nacl.sign.open(signedMessage, publicKey) -> message | null
194 Since detached signatures are common, two new API functions were introduced:
196 nacl.sign.detached(message, secretKey) -> signature
197 nacl.sign.detached.verify(message, signature, publicKey) -> true | false
199 (Note that it's `verify`, not `open`, and it returns a boolean value, unlike
200 `open`, which returns an "unsigned" message.)
202 * NPM package now comes without `test` directory to keep it small.
208 * Improved documentation.
209 * Fast version: increased theoretical message size limit from 2^32-1 to 2^52
210 bytes in Poly1305 (and thus, secretbox and box). However this has no impact
211 in practice since JavaScript arrays or ArrayBuffers are limited to 32-bit
212 indexes, and most implementations won't allocate more than a gigabyte or so.
213 (Obviously, there are no tests for the correctness of implementation.) Also,
214 it's not recommended to use messages that large without splitting them into
215 smaller packets anyway.