Adjust to the following changes that happened in digest:
- The crypto-mac crate has been merged into digest (with "mac" feature
enabled)
- Various traits have been split up
- The Digest and Mac traits now share their update/finalize/reset
implementations
- The BlockInput trait was dropped without replacement apparently (as
long as the low-level core API is not used)
We'll need to make sure to update this when we do a version bump. Adding
an explicit `!Cargo.lock` line to b3sum/.gitignore helps with this, by
making sure Cargo.lock shows up by defauls in searches like:
rg "1\.2\.0"
Closes https://github.com/BLAKE3-team/BLAKE3/issues/210.
Changes since 1.1.0:
- SECURITY FIX: Fixed an instance of undefined behavior in the Windows
SSE2 assembly implementations, which affected both the Rust and C
libraries in their default build configurations. See
https://github.com/BLAKE3-team/BLAKE3/issues/206. The cause was a
vector register that wasn't properly saved and restored. This bug has
been present since SSE2 support was initially added in v0.3.7. The
effects of this bug depend on surrounding code and compiler
optimizations; see test_issue_206_windows_sse2 for an example of this
bug causing incorrect hash output. Note that even when surrounding
code is arranged to trigger this bug, the SSE2 implementation is
normally only invoked on CPUs where SSE4.1 (introduced in 2007) isn't
supported. One notable exception, however, is if the Rust library is
built in `no_std` mode, with `default_features = false` or similar. In
that case, runtime CPU feature detection is disabled, and since LLVM
assumes that all x86-64 targets support SSE2, the SSE2 implementation
will be invoked. For that reason, Rust callers who build `blake3` in
`no_std` mode for x86-64 Windows targets are the most likely to
trigger this bug. We found this bug in internal testing, and we aren't
aware of any callers encountering it in practice.
- Added the Hasher::count() method.
The SSE2 patch introduced xmm10 as a temporary register for one of the
rotations, but xmm6-xmm15 are callee-save registers on Windows, and
SSE4.1 was only saving the registers it used. The minimal fix is to use
one of the saved registers instead of xmm10.
See https://github.com/BLAKE3-team/BLAKE3/issues/206.
I'm not sure how to build for Apple Silicon from a Linux host, but it
seems to work as-is from an x86_64 macOS host. Alas, GitHub doesn't yet
provide Apple Silicon hosts to run these binaries, and Cross doesn't yet
support virtualizing them either.
Changes since 1.0.0:
- The NEON implementation is now enabled by default on AArch64 targets.
Previously it was disabled without the "neon" Cargo feature in Rust or
the "BLAKE3_USE_NEON=1" preprocessor flag in C. This is still the case
on ARM targets other than AArch64, because of the lack of dynamic CPU
feature detection on ARM. Contributed by @rsdy.
- The previous change leads to some build incompatibilities,
particularly in C. If you build the C implementation for AArch64
targets, you now need to include blake3_neon.c, or else you'll get a
linker error like "undefined reference to `blake3_hash_many_neon'". If
you don't want the NEON implementation, you need to explicitly set
"BLAKE3_USE_NEON=0". On the Rust side, AArch64 targets now require the
C toolchain by default. build.rs includes workarounds for missing or
very old C compilers for x86, but it doesn't currently include such
workarounds for AArch64. If we hear about build breaks related to
this, we can add more workarounds as appropriate.
- C-specific Git tags ("c-0.3.7" etc.) have been removed, and all the
projects in this repo (Rust "blake3", Rust "b3sum", and the C
implementation) will continue to be versioned in lockstep for the
foreseeable future.
Changes since 0.3.8:
- Add Hash::from_hex() and implement FromStr for Hash.
- Implement Display for Hash, equivalent to Hash::to_hex().
- Implement PartialEq<[u8]> for Hash, using constant_time_eq.
- Change derive_key() to return a 32-byte array. As with hash() and
keyed_hash(), callers who want a non-default output length can use
Hasher::finalize_xof().
- Replace Hasher::update_with_join() with Hasher::update_rayon(). The
former was excessively generic, and the Join trait leaked
implementation details. As part of this change, the Join trait is no
longer public.
- Upgraded arrayvec to 0.7.0, which uses const generics. This bumps the
minimum supported Rust compiler version to 1.51.
- Gate the digest and crypto-mac trait implementations behind an
unstable feature, "traits-preview". As part of this change upgrade
crypto-mac to 0.11.0.
These clutter the toplevel API, and their prominence might lead callers
to prefer them as a first resort, which probably isn't a good idea.
Restricting multithreading to `Hasher::update_rayon` feels better,
similar to what we've done with `Hasher::finalize_xof`. (But I think
`update_rayon` is still an improvement over the trait-based interface
that it replaced.)