Version 2.11.0

Changes

• Updated references

Full Changelog: v2.10.0...v2.11.0

Version 2.10.0

Changes

• Added KdfExtensions.Stretch for Span<byte>, Memory<byte> and ReadOnlyMemory<byre>

Full Changelog: v2.9.1...v2.10.0

Version 2.9.1

Changes

• Fixed PAKE response http status code must be OK

Full Changelog: v2.9.0...v2.9.1

Version 2.9.0

Changes

Breaking changes

• PakeHttpRequestFactory.CreateRequest(Async) methods changed to fit IPakeHttpRequestFactory

Additions

• Added the used response stream to the PakeResponse object for disposing after use
• Added PakeRequestStream
• Added IPakeHttpRequestFactory
• PakeHttpRequestFactory implements IPakeHttpRequestFactory now
• Added PakeRequestExtensions

Fixed bugs

• Fixed PAKE response disposed the response stream which disturbed a copy progress

Full Changelog: v2.8.1...v2.9.0

Version 2.8.1

Changes

• Fixed PakeHttpRequestFactory failed to create http request message
• Fixed PakeHttpRequestFactory created http request message with thewrong http method
• Fixed FastPakeAuthServer used the wrong signature key when handling an authentication (in the authentication methods)
• Fixed FastPakeAuthServer did clear a later used value

Full Changelog: v2.8.0...v2.8.1

Version 2.8.0

Changes

Breaking changes

• PAKE client methods now allow a payload factory delegate which can produce payload in the current authentication context using the random data
• PAKE server methods now allow a payload processor delegate which can process the payload in the current authentication context using the random data

Additions

• Added ClientAuthOptions.PayloadFactory
• Added PakeClientAuthOptions.ClientPayloadFactory
• Added PakeClientAuthOptions.ServerPayloadProcessor
• Added ServerAuthOptions.PayloadProcessor
• Added PakeServerAuthOptions.ClientPayloadProcessor
• Added PakeServerAuthOptions.ServerPayloadFactory
• Added reference to NuGet package wan24-Core-Validation
• Default algorithms are transient services now

Fixed bugs

• Fixed PAKE client authentication didn't return the servers payload
• Fixed Asymmetric key and PAKE authentication record pools are singleton services now

Full Changelog: v2.7.0...v2.8.0

Version 2.7.0

Changes

Breaking changes

• Bootstrap.AddWan24Crypto moved to CryptoExtensions

Additions

• Added PakeRequest/Response(Extensions)
• Added PakeHttpRequestFactory
• Added Constants.PAKE_REQUEST/RESPONSE_MIME_TYPE
• Added DeniedAlgorithms
• Added CryptoAppConfig.DefaultAlgorithms.DeniedAsymmetric/Encryption
• Added CryptoEnvironment.Options.DeniedAsymmetric/Encryption
• Added ICryptoAlgorithm.IsSupported
• CryptoHelper.RemoveUnsupportedAlgorithms will now remove all algorithms which return false from the IsSupported property
• Added ICryptoAlgorithm.EnsureAllowed
• Added IAsymmetricAlgorithm.IsDenied
• Added EncryptionAlgorithmBase.IsDenied
• Added AsymmetricHelper.DeniedAlgorithms
• Added EncryptionHelper.DeniedAlgorithms
• Added IAsymmetricAlgorithm.KeyPool
• Added CryptoExtensions.CreateKeyPools(Async) for IAsymmetricAlgorithm
• Added CryptoExtensions.GetPooledKey(Async) for IAsymmetricAlgorithm
• Added CryptoEnvironment.Options.AsymmericKeyPoolsCapacity
• CryptoOptions validation will now check for configured unsupported algorithms
• Added AsymmetricKeyBase.EnsurePqcRequirement
• Added CryptoAlgorithmBase.EnsurePqcRequirement
• ValueProtectionKeys will now use the supported and allowed TPM MAC algorithm with the largest digest size per default
• Authentication is now validating algorithms in used CryptoOptions before applying any operation
• Added CryptoAppConfig.AsymmetricKeyPoolsCapacity
• Added EllipticCurves.IsCurveAllowed and EllipticCurves.DenyCurve
• Added CryptoAppConfig.DefaultAlgorithms.DeniedEllipticCurves
• Added CryptoEnvironment.Options.DeniedEllipticCurveNames
• Added CrytoEnvironment.AllAlgorithms
• IAsymmetricAlgorithm, IAsymmetricKey and ICryptoAlgorithm implement IStatusProvider now
• Added CryptoEnvironment.State

Fixed bugs

• Fixed NetShake128/256HashAlgorithmAdapter didn't check for PQC requirement
• Fixed CryptoHelper.RemoveUnsupportedAlgorithms didn't remove SP 800-108 HMAC CTR KBKDF in a browser app environment

Full Changelog: v2.6.0...v2.7.0

Version 2.6.0

Changes

Breaking changes

• ValueProtectionKeys.TpmMacAlgorithm is now the TPM MAC algorithm with the largest MAC, or the default SHA-256 (which should be the most compatible)
• Added IAsymmetricAlgorithm.IsPublicKeyStandardFormat

Additions

• Added PasswordPostProcessor
• Added DefaultPasswordPostProcessor
• Added CryptoOptionsExtensions.WithEncryptionPasswordPreProcessing/WithoutEncryptionPasswordPreProcessing
• Added CryptoEnvironment.Options.DefaultPasswordPostProcessor
• Added RngStream
• Added CryptoEnvironment.Options.DefaultRngStream
• Stores implement IChangeToken and INotifyPropertyChanged now
• Added CryptoAppConfig
• FastPakeAuthServer implements IChangeToken and INotifyPropertyChanged now
• Added CryptoOptions.Tag
• Added EncryptionHelper.Stream/BlockCipher properties
• Added EncryptionHelper.Pre/PostQuantum properties
• Added AsymmetricHelper.KeyExchange/SignatureAlgorithms properties
• Added AsymmetricHelper.Pre/PostQuantum(KeyExchange/Signature) properties
• Added HashHelper.Pre/PostQuantum properties
• Added MacHelper.Pre/PostQuantum properties
• Added MacHelper.TpmAlgorithms property
• Added KdfHelper.Pre/PostQuantum properties

Full Changelog: v2.5.0...v2.6.0

Version 2.5.0

Changes

Breaking changes

• IAsymmetricAlgorithm.AllowedKeySizes is a FrozenSet<int> now
• All algorithm constructors are private now

Additions

• Object tables implement IChangeToken and IObservable<T> now

Full Changelog: v2.4.0...v2.5.0

Version 2.4.0

Changes

Additions

• Added KeyExchangeDataContainer.MaxKeyExchangeDataLength
• Added CryptoEnvironment.Options.MaxKeyExchangeDataLength

Fixed bugs

• Fixed wrong SignatureContainer counter signer public key deserialization
• Fixed KeyExchangeDataContainer key exchange data size limit

Full Changelog: v2.3.0...v2.4.0