Entries are listed in reverse chronological order.
- Make
Scalar::from_bits
aconst fn
, allowing its use inconst
contexts.
- Fix a data modeling error in the
serde
feature pointed out by Trevor Perrin which caused points and scalars to be serialized with length fields rather than as fixed-size 32-byte arrays. This is a breaking change, but it fixes compatibility withserde-json
and ensures that theserde-bincode
encoding matches the conventional encoding for X/Ed25519. - Update
rand_core
to0.5
, allowing use with newrand
versions. - Switch from
clear_on_drop
tozeroize
(by Tony Arcieri). - Require
subtle = ^2.2.1
and remove the note advising nightly Rust, which is no longer required as of that version ofsubtle
. See thesubtle
changelog for more details. - Update
README.md
for2.x
series. - Remove the
build.rs
hack which loaded the entire crate into its ownbuild.rs
to generate constants, and keep the constants in the source code.
The only significant change is the data model change to the serde
feature;
besides the rand_core
version bump, there are no other user-visible changes.
- Fix an issue identified by a Quarkslab audit (and Jack Grigg), where manually
constructing unreduced
Scalar
values, as needed for X/Ed25519, and then performing scalar/scalar arithmetic could compute incorrect results. - Switch to upstream Rust intrinsics for the IFMA backend now that they exist in Rust and don't need to be defined locally.
- Ensure that the NAF computation works correctly, even for parameters never used elsewhere in the codebase.
- Minor refactoring to EdwardsPoint decompression.
- Fix broken links in documentation.
- Fix compilation on nightly broken due to changes to the
#[doc(include)]
path root (not quite correctly done in 1.2.2).
- Fix a typo in an internal doc-comment.
- Add the "crypto" tag to crate metadata.
- Fix compilation on nightly broken due to changes to the
#[doc(include)]
path root.
- Fix a bug in bucket index calculations in the Pippenger multiscalar algorithm for very large input sizes.
- Add a more extensive randomized multiscalar multiplication consistency check to the test suite to prevent regressions.
- Ensure that that multiscalar and NAF computations work correctly on extremal
Scalar
values constructed viafrom_bits
.
- New multiscalar multiplication algorithm with better performance for large problem sizes. The backend algorithm is selected transparently using the size hints of the input iterators, so no changes are required for client crates to start using it.
- Equality of Edwards points is now checked in projective coordinates.
- Serde can now be used with
no_std
.
- Fix typos in documentation comments.
- Remove unnecessary
Default
bound onScalar::from_hash
.
- Reverts the change in 1.1.0 to allow owned and borrowed RNGs, which caused a breakage due to a subtle interaction with ownership rules. (The
RngCore
change is retained).
- Disabled KaTeX on
docs.rs
pending proper support upstream.
- Fixed an issue related to
#[cfg(rustdoc)]
which prevented documenting multiple backends.
- Adds support for precomputation for multiscalar multiplication.
- Restructures the internal source tree into
serial
andvector
backends (no change to external API). - Adds a new IFMA backend which sets speed records.
- The
avx2_backend
feature is now an alias for thesimd_backend
feature, which autoselects an appropriate vector backend (currently AVX2 or IFMA). - Replaces the
rand
dependency withrand_core
. - Generalizes trait bounds on
RistrettoPoint::random()
andScalar::random()
to allow owned and borrowed RNGs and to allowRngCore
instead ofRng
.
- Adds
ConstantTimeEq
implementation for compressed points.
- Fixes a typo in the naming of variables in Ristretto formulas (no change to functionality).
- Depends on the stable
2.0
version ofsubtle
instead of2.0.0-pre.0
.
Initial stable release. Yanked due to a dependency mistake (see above).