Enable the encrypt-at feature by-default

Add the sponsor button
Update the CI
2025-02-21 10:59:28 +01:00 · 2025-02-21 10:59:08 +01:00 · 2025-02-21 10:12:00 +01:00 · 2025-01-27 09:26:57 +01:00 · 2025-01-27 09:26:38 +01:00 · 2025-01-03 22:08:22 +01:00
10 changed files with 53 additions and 17 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -0,0 +1 @@
+github: [breard-r]
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -20,11 +20,21 @@ jobs:
          - 1.75.0
          - 1.76.0
          - 1.77.2
+          - 1.78.0
+          - 1.79.0
+          - 1.80.0
+          - 1.81.0
+          - 1.82.0
+          - 1.83.0
+          - 1.84.1
+          - 1.85.0
          - stable
          - beta
          - nightly
    steps:
      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
      - name: Install Rust ${{ matrix.rust }}
        run: rustup toolchain install ${{ matrix.rust }}
      - name: Run cargo build
@ -36,6 +46,8 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
      - name: Update Rust
        run: rustup update stable
      - name: Run cargo fmt
@ -45,6 +57,8 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
      - name: Update Rust
        run: rustup update stable
      - name: Run clippy
@ -54,4 +68,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
      - uses: EmbarkStudios/cargo-deny-action@v1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -0,0 +1,19 @@
+[//]: # (Copyright 2024 Rodolphe Bréard <rodolphe@breard.tf>)
+
+[//]: # (Copying and distribution of this file, with or without modification,)
+[//]: # (are permitted in any medium without royalty provided the copyright)
+[//]: # (notice and this notice are preserved.  This file is offered as-is,)
+[//]: # (without any warranty.)
+
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+
+## [Unreleased] - ReleaseDate
+
+### Added
+
+- Initial release.
--- a/Cargo.toml
+++ b/Cargo.toml
@ -12,7 +12,7 @@ keywords = ["cryptography", "encryption"]
 categories = ["cryptography"]

 [features]
-default = ["aes", "chacha", "ikm-management"]
+default = ["aes", "chacha", "ikm-management", "encrypt-at"]
 encryption = []
 aes = ["encryption", "aes-gcm", "hkdf", "sha2"]
 chacha = ["encryption", "chacha20poly1305", "blake3"]
@ -22,8 +22,8 @@ benchmark = ["criterion"]

 [dependencies]
 base64ct = { version = "1.6.0", default-features = false, features = ["std"] }
-getrandom = { version = "0.2.12", default-features = false }
-thiserror = { version = "1.0.57", default-features = false }
+getrandom = { version = "0.3.0", default-features = false }
+thiserror = { version = "2.0.3", default-features = false }

 # chacha feature:
 # - XChaCha20Poly1305WithBlake3
--- a/README.md
+++ b/README.md
@ -35,8 +35,8 @@ to your use case and if you are using it correctly.

 ## Should I use this crate?

-Although it may work, some parts are not stabilized yet. Expect breaking change
-that may result in the total loss of previously encrypted data.
+If you have a use case covered by this crate AND you do not care about using an
+experimental crate, then you may use it.

 ## Why should I use this crate instead of a symmetric encryption function?

--- a/deny.toml
+++ b/deny.toml
@ -93,7 +93,7 @@ allow = [
    "BSD-2-Clause",
    "BSD-3-Clause",
    "MIT",
-    "Unicode-DFS-2016",
+    "Unicode-3.0",
 ]
 # The confidence threshold for detecting a license from license text.
 # The higher the value, the more closely the license text must be to the
--- a/src/ikm.rs
+++ b/src/ikm.rs
@ -243,7 +243,7 @@ impl InputKeyMaterialList {
 	) -> Result<IkmId> {
 		let ikm_len = scheme.get_ikm_size();
 		let mut content: Vec<u8> = vec![0; ikm_len];
-		getrandom::getrandom(content.as_mut_slice())?;
+		getrandom::fill(content.as_mut_slice())?;
 		self.id_counter += 1;
 		self.ikm_lst.push(InputKeyMaterial {
 			id: self.id_counter,
@ -696,7 +696,7 @@ mod encryption {
 	}

 	#[test]
-	#[cfg(feature = "sha")]
+	#[cfg(feature = "aes")]
 	fn get_latest_ikm_aes128gcm_sha256() {
 		let mut lst = InputKeyMaterialList::new();
 		let _ = lst.add_ikm();
--- a/src/scheme.rs
+++ b/src/scheme.rs
@ -35,13 +35,13 @@ pub(crate) type SchemeSerializeType = u32;
 ///
 /// In the following scheme description, the following terms are used:
 /// - `Max data size` describes the maximal size of data that can safely be encrypted using a
-/// single key and nonce, which means you should never pass a `data` parameter to
-/// [encrypt][crate::Coffio::encrypt] that has a higher size. Coffio will not enforce this
-/// limit, it is your responsibility to do so.
+///   single key and nonce, which means you should never pass a `data` parameter to
+///   [encrypt][crate::Coffio::encrypt] that has a higher size. Coffio will not enforce this
+///   limit, it is your responsibility to do so.
 /// - `Max invocations` describes the maximal number of times you can safely call
-/// [encrypt][crate::Coffio::encrypt] with a single key, which means you should either rotate
-/// your IKM or use an appropriate key periodicity before reaching this number. Coffio will neither
-/// enforce this limit nor count the number of invocations, it is your responsibility to do so.
+///   [encrypt][crate::Coffio::encrypt] with a single key, which means you should either rotate
+///   your IKM or use an appropriate key periodicity before reaching this number. Coffio will neither
+///   enforce this limit nor count the number of invocations, it is your responsibility to do so.
 #[derive(Copy, Clone, Debug, PartialEq)]
 pub enum Scheme {
 	/// `default`
@ -52,7 +52,7 @@ pub enum Scheme {
 	/// - Max data size: 256 GB
 	/// - Max invocations: no limitation
 	/// - Resources: [RFC 7539](https://doi.org/10.17487/RFC7539),
-	/// [draft-irtf-cfrg-xchacha](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha)
+	///   [draft-irtf-cfrg-xchacha](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha)
 	#[cfg(feature = "chacha")]
 	XChaCha20Poly1305WithBlake3 = 1,
 	/// - Key derivation: HKDF-SHA256
--- a/src/scheme/aes.rs
+++ b/src/scheme/aes.rs
@ -13,7 +13,7 @@ const NONCE_SIZE: usize = 12;

 pub(crate) fn aes128gcm_gen_nonce() -> Result<Vec<u8>> {
 	let mut nonce: [u8; NONCE_SIZE] = [0; NONCE_SIZE];
-	getrandom::getrandom(&mut nonce)?;
+	getrandom::fill(&mut nonce)?;
 	Ok(nonce.to_vec())
 }

--- a/src/scheme/xchacha20poly1305.rs
+++ b/src/scheme/xchacha20poly1305.rs
@ -9,7 +9,7 @@ const NONCE_SIZE: usize = 24;

 pub(crate) fn xchacha20poly1305_gen_nonce() -> Result<Vec<u8>> {
 	let mut nonce: [u8; NONCE_SIZE] = [0; NONCE_SIZE];
-	getrandom::getrandom(&mut nonce)?;
+	getrandom::fill(&mut nonce)?;
 	Ok(nonce.to_vec())
 }
Author	SHA1	Message	Date
Rodolphe Bréard	fd066c6107	Enable the encrypt-at feature by-default	2025-02-21 10:59:28 +01:00
Rodolphe Bréard	655570a8be	Add the sponsor button	2025-02-21 10:59:08 +01:00
Rodolphe Bréard	87d88bb47d	Update the CI	2025-02-21 10:12:00 +01:00
Rodolphe Bréard	cd14911221	Add new Rust versions in the CI	2025-01-27 09:26:57 +01:00
Rodolphe Bréard	74d9903f69	Upgrade the getrandom crate	2025-01-27 09:26:38 +01:00
Rodolphe Bréard	ea5e384c60	Update the cargo deny config	2025-01-03 22:08:22 +01:00
Rodolphe Bréard	ad9030758c	Set checkout persist-credentials to false	2025-01-03 22:06:02 +01:00
Rodolphe Bréard	bb951c3726	Fix feature name	2024-11-13 19:27:13 +01:00
Rodolphe Bréard	b89a967157	Fix indentation	2024-11-13 19:25:06 +01:00
Rodolphe Bréard	87b4fad9b9	Update the thiserror dependency	2024-11-13 19:24:49 +01:00
Rodolphe Bréard	a6b2c37365	Update the README	2024-06-24 19:23:44 +02:00
Rodolphe Bréard	89f82ad04b	Add an initial changelog	2024-06-24 19:18:43 +02:00