Brian Love
Angular + TypeScript Developer in Denver, CO

TweetNaCl.js Changelog

v0.13.2

  • Fixed undefined variable bug in fast version of Poly1305. No worries, this bug was never triggered.

  • Specified CC0 public domain dedication.

  • Updated development dependencies.

v0.13.1

  • Exclude crypto and buffer modules from browserify builds.

v0.13.0

  • Made nacl-fast the default version in NPM package. Now require("tweetnacl") will use fast version; to get the original version, use require("tweetnacl/nacl.js").

  • Cleanup temporary array after generating random bytes.

v0.12.2

  • Improved performance of curve operations, making nacl.scalarMult, nacl.box, nacl.sign and related functions up to 3x faster in nacl-fast version.

v0.12.1

  • Significantly improved performance of Salsa20 (~1.5x faster) and Poly1305 (~3.5x faster) in nacl-fast version.

v0.12.0

  • Instead of using the given secret key directly, TweetNaCl.js now copies it to a new array in nacl.box.keyPair.fromSecretKey and nacl.sign.keyPair.fromSecretKey.

v0.11.2

  • Added new constant: nacl.sign.seedLength.

v0.11.1

  • Even faster hash for both short and long inputs (in nacl-fast).

v0.11.0

  • Implement nacl.sign.keyPair.fromSeed to enable creation of sign key pairs deterministically from a 32-byte seed. (It behaves like libsodium’s crypto_sign_seed_keypair: the seed becomes a secret part of the secret key.)

  • Fast version now has an improved hash implementation that is 2x-5x faster.

  • Fixed benchmarks, which may have produced incorrect measurements.

v0.10.1

  • Exported undocumented nacl.lowlevel.crypto_core_hsalsa20.

v0.10.0

  • Signature API breaking change! nacl.sign and nacl.sign.open now deal with signed messages, and new nacl.sign.detached and nacl.sign.detached.verify are available.

Previously, nacl.sign returned a signature, and nacl.sign.open accepted a message and “detached” signature. This was unlike NaCl’s API, which dealt with signed messages (concatenation of signature and message).

The new API is:

  nacl.sign(message, secretKey) -> signedMessage
  nacl.sign.open(signedMessage, publicKey) -> message | null

Since detached signatures are common, two new API functions were introduced:

  nacl.sign.detached(message, secretKey) -> signature
  nacl.sign.detached.verify(message, signature, publicKey) -> true | false

(Note that it’s verify, not open, and it returns a boolean value, unlike open, which returns an “unsigned” message.)

  • NPM package now comes without test directory to keep it small.

v0.9.2

  • Improved documentation.
  • Fast version: increased theoretical message size limit from 2^32-1 to 2^52 bytes in Poly1305 (and thus, secretbox and box). However this has no impact in practice since JavaScript arrays or ArrayBuffers are limited to 32-bit indexes, and most implementations won’t allocate more than a gigabyte or so. (Obviously, there are no tests for the correctness of implementation.) Also, it’s not recommended to use messages that large without splitting them into smaller packets anyway.

v0.9.1

  • Initial release