[erlang-questions] [ANN] enacl v0.14.0 - NaCl/libsodium encryption for Erlang
Jesper Louis Andersen
Fri Aug 14 22:17:19 CEST 2015
I've just pushed enacl version 0.14.0.
It is a bindings for the libsodium library from Frank Denis for Erlang.
Since the last 0.9.0 release I announced in December 2014, the following
changes have been made:
* Add support for libsodiums `box_seal` functions (Amir Ghassemi Nasr)
* Add support for libsodiums `crypto_sign_detached` (Joel Stanley, Parnell
* Switch the tag names to the form `0.14.0` rather than `v0.14.0`. For this
release both tags are present, but
from the next release on, it won't be the case.
* Quell warnings from the C code
* Add Ed 25519 utility API (Alexander Færøy)
* Add FreeBSD support for the NIF compilation (Ricardo Lanziano)
* Provide the `priv` directory for being able to properly build without
* Introduce an extension interface for various necessary extensions to the
eNaCl system for handling the Tor network, thanks to Alexander Færøy (ahf).
* Introduce Curve25519 manipulations into the extension interface.
* Write (rudimentary) QuickCheck tests for the new interface, to verify its
* Introduce NIF layer beforenm/afternm calls.
* Introduce the API for precomputed keys (beforenm/afternm calls).
* Use test cases which tries to inject `iodata()` rather than binaries in
all places where `iodata()` tend to be accepted.
* Fix type for `enacl:box_open/4`. The specification was wrong which
results in errors in other applications using enacl.
Maintenance release. Fix some usability problems with the library.
* Do not compile the C NIF code if there are no dirty scheduler support in
the Erlang system (Thanks to David N. Welton)
* Fix dialyzer warnings (Thanks Anthony Ramine)
* Fix a wrong call in the timing code. Luckily, this error has not affected
anything as it has only replaced a verification call with one that does not
verify. In practice, the timing is roughly the same for both, save for a
small constant factor (Thanks to the dialyzer)
* Improve documentation around installation/building the software.
Hopefully it is now more prominent (Thanks to David N. Welton)
This small patch-release provides tests for the `randombytes/1` function
call, and optimizes EQC tests to make it easier to implement
`largebinary`-support in EQC tests. The release also adds an (experimental)
scrambling function for hiding the internal structure of counters. This is
based on an enlarged TEA-cipher by Wheeler and Needham. It is neccessary
for correct operation of the CurveCP implementation, which is why it is
included in this library.
Ultra-late beta; tuning for the last couple of functions which could be
nice to have. Added the function `randombytes/1` to obtain randombytes from
the operating system. The system uses the "best" applicable (P)RNG on the
* Windows: `RtlGenRandom()`
* OpenBSD, Bitrig: `arc4random()`
* Unix in general: `/dev/urandom`
Do note that on Linux and FreeBSD at the *least*, this is the best thing
you can do. Relying on `/dev/random` is almost always wrong and gives no
added security benefit. Key generation in NaCl relies on `/dev/urandom`. Go
relies on `/dev/urandom`. It is about time Erlang does as well.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions