No code changes, just tweaked packaging and added COPYING.txt.
-
Breaking change! All functions from
nacl.util
have been removed. These functions are no longer available:nacl.util.decodeUTF8 nacl.util.encodeUTF8 nacl.util.decodeBase64 nacl.util.encodeBase64
If want to continue using them, you can include https://github.com/dchest/tweetnacl-util-js package:
<script src="nacl.min.js"></script> <script src="nacl-util.min.js"></script>
or
var nacl = require('tweetnacl'); nacl.util = require('tweetnacl-util');
However it is recommended to use better packages that have wider compatibility and better performance. Functions from
nacl.util
were never intended to be robust solution for string conversion and were included for convenience: cryptography library is not the right place for them.Currently calling these functions will throw error pointing to
tweetnacl-util-js
(in the next version this error message will be removed). -
Improved detection of available random number generators, making it possible to use
nacl.randomBytes
and related functions in Web Workers without changes. -
Changes to testing (see README).
No code changes.
-
Reverted license field in package.json to "Public domain".
-
Fixed typo in README.
-
Fixed undefined variable bug in fast version of Poly1305. No worries, this bug was never triggered.
-
Specified CC0 public domain dedication.
-
Updated development dependencies.
- Exclude
crypto
andbuffer
modules from browserify builds.
-
Made
nacl-fast
the default version in NPM package. Nowrequire("tweetnacl")
will use fast version; to get the original version, userequire("tweetnacl/nacl.js")
. -
Cleanup temporary array after generating random bytes.
- Improved performance of curve operations, making
nacl.scalarMult
,nacl.box
,nacl.sign
and related functions up to 3x faster innacl-fast
version.
- Significantly improved performance of Salsa20 (~1.5x faster) and
Poly1305 (~3.5x faster) in
nacl-fast
version.
- Instead of using the given secret key directly, TweetNaCl.js now copies it to
a new array in
nacl.box.keyPair.fromSecretKey
andnacl.sign.keyPair.fromSecretKey
.
- Added new constant:
nacl.sign.seedLength
.
- Even faster hash for both short and long inputs (in
nacl-fast
).
-
Implement
nacl.sign.keyPair.fromSeed
to enable creation of sign key pairs deterministically from a 32-byte seed. (It behaves like libsodium'scrypto_sign_seed_keypair
: the seed becomes a secret part of the secret key.) -
Fast version now has an improved hash implementation that is 2x-5x faster.
-
Fixed benchmarks, which may have produced incorrect measurements.
- Exported undocumented
nacl.lowlevel.crypto_core_hsalsa20
.
- Signature API breaking change!
nacl.sign
andnacl.sign.open
now deal with signed messages, and newnacl.sign.detached
andnacl.sign.detached.verify
are available.
Previously, nacl.sign
returned a signature, and nacl.sign.open
accepted a
message and "detached" signature. This was unlike NaCl's API, which dealt with
signed messages (concatenation of signature and message).
The new API is:
nacl.sign(message, secretKey) -> signedMessage
nacl.sign.open(signedMessage, publicKey) -> message | null
Since detached signatures are common, two new API functions were introduced:
nacl.sign.detached(message, secretKey) -> signature
nacl.sign.detached.verify(message, signature, publicKey) -> true | false
(Note that it's verify
, not open
, and it returns a boolean value, unlike
open
, which returns an "unsigned" message.)
- NPM package now comes without
test
directory to keep it small.
- Improved documentation.
- Fast version: increased theoretical message size limit from 2^32-1 to 2^52 bytes in Poly1305 (and thus, secretbox and box). However this has no impact in practice since JavaScript arrays or ArrayBuffers are limited to 32-bit indexes, and most implementations won't allocate more than a gigabyte or so. (Obviously, there are no tests for the correctness of implementation.) Also, it's not recommended to use messages that large without splitting them into smaller packets anyway.
- Initial release