Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-04-17 | prepare for 3.1.0 release | Hubert Chathi | |
2018-10-23 | prepare release 3.0.0 | Hubert Chathi | |
2018-10-02 | Add other breaking change | David Baker | |
2018-09-25 | Breking change | David Baker | |
2018-07-04 | prepare 2.3.02.3.0 | Hubert Chathi | |
2017-03-01 | prepare v2.2.22.2.2 | Richard van der Hoff | |
2017-01-18 | Prep v2.2.12.2.1 | Richard van der Hoff | |
2017-01-18 | Prep changelog for 2.2.0 | Richard van der Hoff | |
2016-12-22 | Update CHANGELOG | Richard van der Hoff | |
2016-11-17 | OLMKit: Add it to olm from version 2.0.1 | manuroe | |
2016-10-24 | Changelog: Mention install-headers | Richard van der Hoff | |
2016-10-24 | Prepare changelog for v2.0.0 | Richard van der Hoff | |
2016-09-14 | Changelog and version bump for 1.3.01.3.0 | Mark Haines | |
2016-09-06 | Prepare changelog for v1.2.0 | Richard van der Hoff | |
2016-09-01 | update changelog | Richard van der Hoff | |
pre-1.0.0 was broken too | |||
2016-09-01 | Fix Ed25519 keypair generation | Richard van der Hoff | |
Ed25519 private keys, it turns out, have 64 bytes, not 32. We were previously generating only 32 bytes (which is all that is required to generate the public key), and then using the public key as the upper 32 bytes when generating the per-message session key. This meant that everything appeared to work, but the security of the private key was severely compromised. By way of fixes: * Use the correct algorithm for generating the Ed25519 private key, and store all 512 bits of it. * Update the account pickle format and refuse to load the old format (since we should consider it compromised). * Bump the library version, and add a function to retrieve the library version, so that applications can verify that they are linked against a fixed version of the library. * Remove the curve25519_{sign, verify} functions which were unused and of dubious quality. | |||
2016-07-11 | Prepare 1.0.0 release1.0.0 | Richard van der Hoff | |