1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
TweetNaCl.js Changelog
======================
v0.14.1
-------
No code changes, just tweaked packaging and added COPYING.txt.
v0.14.0
-------
* **Breaking change!** All functions from `nacl.util` have been removed. These
functions are no longer available:
nacl.util.decodeUTF8
nacl.util.encodeUTF8
nacl.util.decodeBase64
nacl.util.encodeBase64
If want to continue using them, you can include
<https://github.com/dchest/tweetnacl-util-js> package:
<script src="nacl.min.js"></script>
<script src="nacl-util.min.js"></script>
or
var nacl = require('tweetnacl');
nacl.util = require('tweetnacl-util');
However it is recommended to use better packages that have wider
compatibility and better performance. Functions from `nacl.util` were never
intended to be robust solution for string conversion and were included for
convenience: cryptography library is not the right place for them.
Currently calling these functions will throw error pointing to
`tweetnacl-util-js` (in the next version this error message will be removed).
* Improved detection of available random number generators, making it possible
to use `nacl.randomBytes` and related functions in Web Workers without
changes.
* Changes to testing (see README).
v0.13.3
-------
No code changes.
* Reverted license field in package.json to "Public domain".
* Fixed typo in README.
v0.13.2
-------
* Fixed undefined variable bug in fast version of Poly1305. No worries, this
bug was *never* triggered.
* Specified CC0 public domain dedication.
* Updated development dependencies.
v0.13.1
-------
* Exclude `crypto` and `buffer` modules from browserify builds.
v0.13.0
-------
* Made `nacl-fast` the default version in NPM package. Now
`require("tweetnacl")` will use fast version; to get the original version,
use `require("tweetnacl/nacl.js")`.
* Cleanup temporary array after generating random bytes.
v0.12.2
-------
* Improved performance of curve operations, making `nacl.scalarMult`, `nacl.box`,
`nacl.sign` and related functions up to 3x faster in `nacl-fast` version.
v0.12.1
-------
* Significantly improved performance of Salsa20 (~1.5x faster) and
Poly1305 (~3.5x faster) in `nacl-fast` version.
v0.12.0
-------
* Instead of using the given secret key directly, TweetNaCl.js now copies it to
a new array in `nacl.box.keyPair.fromSecretKey` and
`nacl.sign.keyPair.fromSecretKey`.
v0.11.2
-------
* Added new constant: `nacl.sign.seedLength`.
v0.11.1
-------
* Even faster hash for both short and long inputs (in `nacl-fast`).
v0.11.0
-------
* Implement `nacl.sign.keyPair.fromSeed` to enable creation of sign key pairs
deterministically from a 32-byte seed. (It behaves like
[libsodium's](http://doc.libsodium.org/public-key_cryptography/public-key_signatures.html)
`crypto_sign_seed_keypair`: the seed becomes a secret part of the secret key.)
* Fast version now has an improved hash implementation that is 2x-5x faster.
* Fixed benchmarks, which may have produced incorrect measurements.
v0.10.1
-------
* Exported undocumented `nacl.lowlevel.crypto_core_hsalsa20`.
v0.10.0
-------
* **Signature API breaking change!** `nacl.sign` and `nacl.sign.open` now deal
with signed messages, and new `nacl.sign.detached` and
`nacl.sign.detached.verify` are available.
Previously, `nacl.sign` returned a signature, and `nacl.sign.open` accepted a
message and "detached" signature. This was unlike NaCl's API, which dealt with
signed messages (concatenation of signature and message).
The new API is:
nacl.sign(message, secretKey) -> signedMessage
nacl.sign.open(signedMessage, publicKey) -> message | null
Since detached signatures are common, two new API functions were introduced:
nacl.sign.detached(message, secretKey) -> signature
nacl.sign.detached.verify(message, signature, publicKey) -> true | false
(Note that it's `verify`, not `open`, and it returns a boolean value, unlike
`open`, which returns an "unsigned" message.)
* NPM package now comes without `test` directory to keep it small.
v0.9.2
------
* Improved documentation.
* Fast version: increased theoretical message size limit from 2^32-1 to 2^52
bytes in Poly1305 (and thus, secretbox and box). However this has no impact
in practice since JavaScript arrays or ArrayBuffers are limited to 32-bit
indexes, and most implementations won't allocate more than a gigabyte or so.
(Obviously, there are no tests for the correctness of implementation.) Also,
it's not recommended to use messages that large without splitting them into
smaller packets anyway.
v0.9.1
------
* Initial release
|
