vodozemac 0.10.0

Features

• [BREAKING] Support for SessionConfig::V2 has been moved behind the
  experimental-session-config feature flag.
  (#300).
• [BREAKING] The Curve25519SecretKey.diffie_hellman() method now returns
  an Option. This change makes the Account::create_outbound_session() and
  Session::encrypt() methods fallible. Thanks @soatok for raising.
  (#298).
• [BREAKING] Remove the strict-signatures feature flag. Strict Ed25519
  signature checking is now the default. Support for non-strict signature
  verification has been removed. This will not affect honestly generated
  signatures but could start newly rejecting maliciously generated signatures.
  (#299).

Bug Fixes

• [BREAKING] The Account::create_inbound_session() method now requires a
  SessionConfig as the first argument.
  (#300).
• [BREAKING] The default() implementations for olm::SessionConfig and
  megolm::SessionConfig have been updated to generate a version 1
  SessionConfig.
  (#287).

0.9.0

What's Changed

Features

• Added support for MSC3814, allowing users to export an Olm Account in a serialized format. The serialized account can be uploaded to a server for safekeeping until needed.

0.8.1

What's Changed

Bug Fixes

• Fix the compilation when the default features are disabled

0.8.0

What's Changed

Features

• Apply the const keyword to many methods (#167).

• [BREAKING] The Account::sign() method now accepts an impl AsRef<[u8]>
  for the message instead of a &str. This has been streamlined to be like
  most of our other methods accepting a message to be encrypted. This
  change is mostly backwards compatible as the method will continue to
  accept a string.
  The OlmMessage::from_parts() and OlmMessage::to_parts() methods now
  accept and return an &[u8] and Vec<u8> exclusively for the
  ciphertext. The base64_encode() and base64_decode() methods can be
  used to achieve the previous behavior (#176).

• Add support for the libolm PkEncryption feature. This allows
  Matrix clients to implement the m.megolm_backup.v1.curve25519-aes-sha2
  room key backup algorithm. Please note that this algorithm contains a
  critical flaw and should only be used for compatibility reasons (#171) (#180).

Refactor

• Remove the pkcs7 crate from the list of dependencies (#164).

• Remove Debug implementations for the libolm compat structs (#184).

0.7.0

What's Changed

Features

• Add an Elliptic Curve Integrated Encryption Scheme. This scheme can be used to establish a secure ephemeral encrypted channel, in situations for which Olm may be unsuitable due to complexity or the unavailability of long-term identity keys. There is also support for out-of-band authentication of the receiver side. The scheme was designed primarily for purposes of implementing Matrix QR code login. (#151).

Security

• Use a constant-time Base64 encoder for secret key material to mitigate side-channel attacks leaking secret key material (#156) (Low, CVE-2024-40640, GHSA-j8cm-g7r6-hfpq).