Skip to content

v0.3.0
Compare
Choose a tag to compare
@bigs bigs released this 02 Aug 23:40
· 4343 commits to master since this release
v0.3.0
071f7de
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

A security-focused release that propagates up the following changes:

  • The minimum allowed strength of RSA keys is now 2048 bits. Any tests that have been written using RSA keys with fewer than 2048 bits will now generate errors upon key generation. go-libp2p-testing has been updated to prefer Ed25519 keys by default, and it's recommended you use that library for libp2p testing needs.
  • Key comparisons are now constant-time.
  • Passing unknown curve types to the elliptic curve key generation functions now returns an error, rather than panicking.
  • The new insecure transport has been released. This should only ever be used in tests. The new insecure transport is not backwards compatible with the old insecure transport.
Assets 2
Loading