Changes since 1.3.2:
- Fix incorrect output from AVX-512 intrinsics under GCC 5.4 and 6.1 in
debug mode. This bug was found in unit tests and probably doesn't
affect the public API in practice. See
https://github.com/BLAKE3-team/BLAKE3/issues/271.
Changes since 1.3.1:
- Dependency updates only. This includes updating Clap to v4, which
changes the format of the `b3sum --help` output. The new MSRV is
1.59.0 for `blake3` and 1.60.0 for `b3sum`. Note that this project
doesn't have any particular MSRV policy, and we don't consider MSRV
bumps to be breaking changes.
Changes since 1.3.0:
- The unstable `traits-preview` feature now includes an implementation
of `crypto_common::BlockSizeUser`, AKA
`digest::core_api::BlockSizeUser`. This allows `blake3::Hasher` to be
used with `hmac::SimpleHmac`.
Changes since 1.2.0:
- Added blake3_hasher_reset to the C API, for parity with the Rust API.
- Updated digest to v0.10. This version merged the crypto-mac crate with
digest, so the dependency on crypto-mac has been removed. These trait
implementations are still gated behind the "traits-preview" feature.
- Updated clap to v3.
Changes since 1.1.0:
- SECURITY FIX: Fixed an instance of undefined behavior in the Windows
SSE2 assembly implementations, which affected both the Rust and C
libraries in their default build configurations. See
https://github.com/BLAKE3-team/BLAKE3/issues/206. The cause was a
vector register that wasn't properly saved and restored. This bug has
been present since SSE2 support was initially added in v0.3.7. The
effects of this bug depend on surrounding code and compiler
optimizations; see test_issue_206_windows_sse2 for an example of this
bug causing incorrect hash output. Note that even when surrounding
code is arranged to trigger this bug, the SSE2 implementation is
normally only invoked on CPUs where SSE4.1 (introduced in 2007) isn't
supported. One notable exception, however, is if the Rust library is
built in `no_std` mode, with `default_features = false` or similar. In
that case, runtime CPU feature detection is disabled, and since LLVM
assumes that all x86-64 targets support SSE2, the SSE2 implementation
will be invoked. For that reason, Rust callers who build `blake3` in
`no_std` mode for x86-64 Windows targets are the most likely to
trigger this bug. We found this bug in internal testing, and we aren't
aware of any callers encountering it in practice.
- Added the Hasher::count() method.
Changes since 1.0.0:
- The NEON implementation is now enabled by default on AArch64 targets.
Previously it was disabled without the "neon" Cargo feature in Rust or
the "BLAKE3_USE_NEON=1" preprocessor flag in C. This is still the case
on ARM targets other than AArch64, because of the lack of dynamic CPU
feature detection on ARM. Contributed by @rsdy.
- The previous change leads to some build incompatibilities,
particularly in C. If you build the C implementation for AArch64
targets, you now need to include blake3_neon.c, or else you'll get a
linker error like "undefined reference to `blake3_hash_many_neon'". If
you don't want the NEON implementation, you need to explicitly set
"BLAKE3_USE_NEON=0". On the Rust side, AArch64 targets now require the
C toolchain by default. build.rs includes workarounds for missing or
very old C compilers for x86, but it doesn't currently include such
workarounds for AArch64. If we hear about build breaks related to
this, we can add more workarounds as appropriate.
- C-specific Git tags ("c-0.3.7" etc.) have been removed, and all the
projects in this repo (Rust "blake3", Rust "b3sum", and the C
implementation) will continue to be versioned in lockstep for the
foreseeable future.
Changes since 0.3.8:
- Add Hash::from_hex() and implement FromStr for Hash.
- Implement Display for Hash, equivalent to Hash::to_hex().
- Implement PartialEq<[u8]> for Hash, using constant_time_eq.
- Change derive_key() to return a 32-byte array. As with hash() and
keyed_hash(), callers who want a non-default output length can use
Hasher::finalize_xof().
- Replace Hasher::update_with_join() with Hasher::update_rayon(). The
former was excessively generic, and the Join trait leaked
implementation details. As part of this change, the Join trait is no
longer public.
- Upgraded arrayvec to 0.7.0, which uses const generics. This bumps the
minimum supported Rust compiler version to 1.51.
- Gate the digest and crypto-mac trait implementations behind an
unstable feature, "traits-preview". As part of this change upgrade
crypto-mac to 0.11.0.
blake3_hasher_init_derive_key_len is an alternative version of
blake3_hasher_init_derive_key which takes the context and its
length as separate parameters, and not together as a C string.
The motivation for this addition is making it easier for
bindings to this C library to call this function without
having to first copy over the context bytes just to add
one 0x00 byte at the end.
Notice that contrary to blake3_hasher_init_derive_key,
blake3_hasher_init_derive_key_len allows the inclusion of a
0x00 byte in the context. Given the rules about context string
selection, this byte is unlikely to be used as part of a context
string. But if for some reason it is ever given, it will be
included in the context string and processed like any other
non-alphanumeric byte would. For compatibility with
blake3_hasher_init_derive_key, bindings should still check for
the absence of 0x00 bytes.
Jack O'Connor
Hans Henrik Bergan
Renzo Carbonara
Erik Johansson
Samuel Neves