Changelog History
Page 2
-
v0.11.2 Changes
June 25, 2019๐ This is not a real release, but a hotfix.
๐ This tag is created for Themis Carthage only. The only changes are inside Cartfile and affect Themis Carthage users (iOS/macOS).
-
v0.11.1 Changes
April 01, 2019๐ 0.11.1, April 1st 2019
TL;DR: Rust-Themis can now be installed entirely from packages (repositories and crates.io), without building anything from source.
Code:
Rust
๐ Improvements in lookup of core Themis library (#444)
Minor changes in dependencies (#443)
Infrastructure:
- ๐ Minor fixes in packaging process (#442)
-
v0.11.0 Changes
March 28, 2019๐ 0.11.0, March 28th 2019
TL;DR: Added Rust Themis, added Carthage distribution for iOS and Maven distribution for Android. Improved Secure Message API and propagated it to all our language wrappers.
โ We found that Themis is now recommended by OWASP as data encryption library for mobile platforms.
๐ฅ Breaking changes: We renamed
rubythemis
torbthemis
as a beginning of a tradition of gentle deprecations, with timely warning of all the users that can potentially be affected. We removedthemis_version()
function that allowed checking Themis' version at run-time (with no replacement function).Code:
Core
๐ Fixes in Soter (low-level security core used by Themis):
-
๐ Fixed possible null pointer deference caused by the misusage of short-circuit evaluation. Huge thanks to @movie-travel-code for pointing out (#315, #314).
-
๐ Fixed crash in Secure Message when RSA keys are used incorrectly (swapped or empty) โ a shoutout for @ilammy and @secumod for fixing this (#334).
-
๐ Fixed issue with RSA key generator silently truncating private keys โ our gratitude going out to @ilammy and @secumod again (#335).
-
๐ Fixed crash that occured on re-using Secure Comparator with BoringSSL โ thanks to @ilammy and @secumod for this fix (#347).
-
๐ Fixed overflow during Secure Cell decryption in Seal mode - thanks to @ilammy and his skills in fuzz testing (#367).
-
๐ Improved the test suite to catch more corner cases, including with OpenSSL-specific issues (#323, #319).
Secure Session
-
โ Added additional safety tests for Secure Session: return error if clientID is empty (thanks @deszip for asking tough questions and mis-using clientID) (#386).
-
Described thread safety code practices when using Secure Session.
Secure Message
-
โก๏ธ Updated Secure Message API: divided the
wrap
function intoencrypt
andsign
, and theunwrap
function intodecrypt
andverify
. The new API has more intuitive naming and should be harder to misuse, with encrypt/decrypt and sign/verify API clearly named and separated.A common mistake with the old API was that users could accidentally use sign/verify API instead of encryption because they didn't provide a private key. The new API features more strict checks and prevents this kind of mistake.
This change doesn't affect the language wrappers you are using, so no code changes are required from you.
๐ Documentation for the new API calls is available in the Wiki documentation and for each language separately (in their Howtos).
(#389).
-
๐ Fixed a potential memory leak in Secure Message encryption and decryption (#398).
Code quality
-
Cleaned up circular dependencies in header files. This change has made the code cleaner and the compilation time faster (#392).
-
๐ Improved code quality by fixing warnings from various compiler flags (
-Wall -Wextra -Wformat-security -Wnull-dereference -Wshift-overflow
and so on) (#377).-
โ Formatted the code using
clang-format
andclang-tidy
, added automated formatting for core and tests (#418, #399, #397, #396, #395).Other changes
-
๐ Improved and refactored our Great Makefile to be more stable, more user-friendly, and to support OS-specific issues (#417, #413, #348, #346, #345, #343, #321).
-
โ Removed
themis_version()
function and all related API for querying Themis and Soter versions at run-time. There is no replacement for it and this is obviously a breaking change (#388).Rust
Introduced Rust Themis wrapper, all work done by brilliant @ilammy!
๐ฆ Rust Themis supports the same functionality as other Themis wrappers: Secure Cell, Secure Message, Secure Session, and Secure Comparator. Rust Themis package is available through crates.io, examples are stored in docs/examples/rust, the HowTo guide is available in Wiki.
(#419, #405, #403, #390, #383, #382, #381, #380, #376, #375, #374, #373, #372, #365, #363, #362, #358, #357, #356, #353, #349, #340).
๐ iOS and macOS
โ Added Carthage support. Now users can add Themis to their Cartfile using
github "cossacklabs/themis"
.๐ More details available in Objective-C Howto and Swift Howto on wiki. Example projects available in docs/examples/objc and docs/examples/swift/ folders.
โ Added BoringSSL support, now users can select which crypto-engine they want to include. This change affects only Themis CocoaPod: users can add Themis based on BoringSSL to their Podfile using
pod 'themis/themis-boringssl'
(#351, #331, #330, #329).โ Added bitcode support. This affects only Themis CocoaPod that uses OpenSSL โ thanks @deszip and @popaaaandrei (#407, #355, #354).
โ Added compatibility for Swift frameworks. Now Themis can be used directly from Swift without Bridging header file, kudos to @popaaaandrei for pointing on this out (#416, #415).
โก๏ธ Updated code to use the latest Secure Message API (see description of core changes above). This change doesn't affect user-facing code so no code changes are required from users (#393).
โก๏ธ Updated error codes and error messages for all crypto systems, now errors and logs are more user-friendly and understandable (#394, #393).
๐ Improved code quality here and there (#317).
Dropped feature flag
SECURE_COMPARATOR_ENABLED
because it's redundant: Secure Comparator is enabled by default (#429).๐ macOS specific
- Added Homebrew support for Themis Core. Now users can install Themis Core library using
brew tap cossacklabs/tap && brew update && brew install libthemis
. This is useful when you're developing on macOS.
๐ More details can be found in the Installation guide.
C++
๐ Improved Secure Session memory behavior (now users can move and copy Secure Session objects and callbacks) (#370, #369).
๐ Allowed to link ThemisPP as header-only library by adding "inline" functions โ thanks @deszip for pushing us. Check for detailed instructions in C++ wiki (#371).
Added support of smart pointer constructors for Secure Session, now users should use
std::shared_ptr<secure_session_callback_interface_t>
constructor (#378).โ Added functions for key validation: now you can check if keypairs are valid before using it for encryption/decryption (#389).
โก๏ธ Updated test suite to test C++03 and C++11 (#379).
โก๏ธ Updated error codes and error messages for all crypto systems, now errors and logs are more user-friendly and understandable (#385).
Formatted code using
clang-format
rules and implemented someclang-tidy
recommendations (#410, #404).Java
โก๏ธ Updated Secure Message API: separated function
wrap
intoencrypt
andsign
, and functionunwrap
intodecrypt
andverify
. Old functions are still available, but will be deprecated eventually (#389).Significantly improved Themis usage examples for Desktop Java - thanks to @Dimdron #3.
Formatted JNI code using
clang-format
rules and implemented someclang-tidy
recommendations (#420).Android
โ Added Maven distribution (#361).
๐ง The new installation process requires adding only two lines to the Maven app configuration (instead of manually re-compiling the whole Themis library)!
โก๏ธ See the updated HowTo guide in Wiki.Significantly improved Themis usage examples for Android - thanks to @Dimdron #3.
Significantly improved Secure mobile websocket example - thanks to @sergeyzenchenko #4.
Formatted JNI code using
clang-format
rules and implemented someclang-tidy
recommendations (#420).Go
โก๏ธ Updated code to use the latest Secure Message API (see the description of core changes above). This change doesn't affect user-facing code so no code changes are required from users (#400).
๐ Formatted code and fixed
gofmt
andgolint
warnings (#426, #424, #432, #422).Node.js
๐ Fixed jsthemis to be compatible with Node 10, huge thanks to @deszip (#327, #326).
โก๏ธ Updated error codes and error messages for all crypto systems, now errors and logs are more user-friendly and understandable (#384).
๐ Fixed memory corruption tests on i386 systems (#408).
Formatted native extension code using
clang-format
rules and implemented someclang-tidy
recommendations (#412).PHP
- Updated PHP installer to use the latest Composer installer (#360, #328).
Python
โก๏ธ Updated code to use the latest Secure Message API (see description of core changes above). This change doesn't affect user-facing code so no code changes are required from users (#401).
โก๏ธ Updated error codes and error messages for all crypto systems, now errors and logs are more user-friendly and understandable (#401).
๐ Ruby
โก๏ธ Updated code to use latest Secure Message API (see description of core changes above). This change doesn't affect user-facing code so no code changes are required from users (#402).
โก๏ธ Updated error codes and error messages for all crypto systems, now errors and logs are more user-friendly and understandable (#402).
๐ Deprecated
rubythemis
in favor ofrbthemis
. Users should userequire 'rbthemis'
in their projects (#434).โ Tests and other things
โ Added tools for fuzzing testing and tests on Themis Core (#421, #368, #366, #364).
โก๏ธ Updated BoringSSL submodule configuration to use Clang while building (#352).
โก๏ธ Updated NIST test suite: improved readability, maintainability, and output of NIST STS makefile, added build files to gitignore (#414).
๐ Docs:
Described the new Secure Message API: how we divided the
wrap
function intoencrypt
andsign
, and theunwrap
function โ intodecrypt
andverify
to make it more obvious for the users.Described thread safety code practices when using Secure Session.
๐ Improved installation guides for numerous languages.
Infrastructure:
โ Added Homebrew support for Themis Core. Now users can install Themis Core libraby using
brew tap cossacklabs/tap && brew update && brew install libthemis
. This is useful when you're developing on macOS. More details can be found in the Installation guide.โ Added installation guide on using Docker container as a building environment for Themis: if you can't download Themis Core from packages, feel free to use Docker container for this.
- Added Homebrew support for Themis Core. Now users can install Themis Core library using
-
v0.10.5
March 21, 2019 -
v0.10.0 Changes
February 06, 2018TL;DR: Multi-platform, multi-language compatibility improved.
โ ๏ธ Incompatibility issues:
โฌ๏ธ If you are using Themis on x64 systems, consider upgrading every Themis library/wrapper you were using to
0.10.0
. Incompatibility issues may arise between previous Themis versions and0.10.0
on x64 machines (#279).๐ Rubythemis has breaking changes for Secure Cell Token Protect mode (#281). We added checks for other language wrappers to make sure this won't happen again (#282, #283).
Check the Migration Guide for more details.
๐ Docs:
- โก๏ธ Updated the descriptions of Crypto systems, added more usage examples and code samples.
- Refreshed code samples in language tutorials, made them more readable.
๐ Obj-C | Swift | Java and Android | Python | PHP | Ruby | C++ | Go | Node js. - โ Added human-friendly description of Secure Comparator and supplied usage examples for all languages with the exception of PHP.
Infrastructure:
- Added support of Ubuntu 17.10.
- Removed support of Ubuntu 16.10 and Ubuntu 17.04 (no more compiled binaries for these OSs now).
- โ Added CLI utils for easy testing of Secure Cell, Secure Message, and Key generation on local machine. Available for Python, Ruby, Go, NodeJS, and PHP. Check the Console Utils guide for more details and usage description/guide.
- โ Added Integration test suit for the majority of the available language wrappers, which was the catalyst for many fixes in this release.
- โ Added support of CircleCI 2.0 with multiple workflows. This allows testing each language wrapper and integrations between them easily and quickly (#295, #299).
Code:
- Core:
- C++ wrapper:
- Added a set of unit tests (#292).
- Android wrapper :
- iOS wrapper:
- GoThemis:
- JSThemis:
- ๐ RubyThemis:
- Fixed arguments' order for Secure Cell in the Token Protect mode, which caused incompatibility with older versions of rubythemis (#281). Please check the migration guide for the details;
- Added CLI utils and integration tests that allow you to test Secure Cell, Secure Message, and Key generation on your local machine (#277, #293, #305, #306)
- PyThemis:
- PHPThemis:
- Added support of PHP 7.0, 7.1, 7.2 (#278, #280);
- Added a package for
phpthemis
. Now you don't need to compile it from sources. See the installation PHP guide for more details; - Improved unit tests. Now it's easy to run tests because all the dependencies are handled by a php-composer (#284, #285, #303);
- Added a memory test suit, which allows us to keep a closer eye on PHPThemis' memory usage (#298);
- Added CLI utils and integration tests that allow you to test Secure Cell, Secure Message, and Key generation on your local machine (#277, #293, #305, #306).
-
v0.9.6 Changes
December 14, 2017TL;DR: OpenSSL 1.1 support.
๐ Docs:
- ๐ Significant update of the Contributing section.
Infrastructure:
- Removed support for Ubuntu Precise.
- ๐ Fixed
.rpm
package versioning (#240). - โ Added a handy command for preparing and running of all the tests
make test
(#243). - โ Added small changes and updates into Makefile to make it even better and fixed the installing dependencies (#236, #239, #250).
Code:
- Core:
- added OpenSSL 1.1 support (#208).
- Android wrapper:
- iOS wrapper:
- GoThemis:
- JSThemis:
- PyThemis:
-
v0.9.5 Changes
September 13, 2017๐ Changelog:
๐ Mostly usability fixes for wrappers.
Infrastructure:
- ๐ฆ You can now download pre-built Themis packages from our package server.
- ๐ Enhanced building process for MacOS (working now!) (#215).
- Enhanced building process for Debian 9.x (working even better now!).
- ๐ Updated documentation and examples to make it easier to understand.
- ๐ท Now we use Bitrise as a separate CI for iOS wrapper.
- โ Test and code coverage are automagically measured now!
Code:
- Core: disabled SHA1 support.
- Secure Comparator: magically improved code readability (#196, #195).
- iOS wrapper: added support of dynamic frameworks and bitcode (#222, #219, #205).
- Go wrapper: refactored custom error (
themisError
) type. - PHP wrapper: updated tests.
- PyThemis: considerably improved example projects.
-
v0.9.4 Changes
November 22, 2016๐ This is tiny intermediary release to lock ongoing changes in stable form for all languages:
- BoringSSL support on Android and Linux
- ๐ Fixed some leaks and code styling problems (thanks to @bryongloden)
- โก๏ธ Memory management updates for stability in languages, which rely on sloppy GC
- ๐ Fix Themis build errors under certain conditions
- Secure Comparator examples for many languages
- Swift3 support + numerous enhancements from @valeriyvan, thanks a lot!
- GoThemis : fixed rare behavior in Secure Session wrapper
- GoThemis examples
- JsThemis syntax corrections and style fixes
- โจ JsThemis Nan usage to enhance compatibility
- More and better Themis Server examples
- Enhanced error messages (now with proper spelling!)
- Corrections for RD_Themis
-
v0.9.3 Changes
May 25, 2016๐ Changelog:
Infrastructure:
- Lots of new high-level language wrappers
- ๐ Enhanced documentation
- Lots of various demo projects
- Updated Themis Server
- ๐ Better make system verbosity (now you can actually see what succeeded and what didn't)
- ๐ Infrastructure to build Java on all platforms
Code:
- iOS wrapper now has umbrella header.
- We added Swift language examples and howto.
- Themis wrapper for Go language: howto (examples coming soon).
- Themis wrapper for NodeJS : examples and howto.
- ๐ Google Chrome-friendly spin-off called WebThemis was released.
- Themis wrapper for C++ : examples and howto.
- Secure Comparator got serious updates to eliminate possible security drawbacks pointed out by cryptographic community.
-
v0.9.3.1 Changes
August 24, 2016โก๏ธ Updating podspec to be compatible with CocoaPods 1.0