Conversation
### Added - Error test vector validation suite with 4,240 negative test cases (#77) - Compressed EC public key decompression for P-256 and P-384 curves (#77) - Multi-curve ECDSA signature verification supporting SHA-256/secp256r1 and SHA-384/secp384r1 (#77) - API mismatch test validating unsigned-only streaming decryption mode (#77) - Comprehensive error categorization (bit flip, truncation, API mismatch, other) (#77) - Full test vector runner executing 2,861 success test vectors via complete decrypt flow (#76) - Comprehensive test coverage for all 11 ESDK algorithm suites including committed suites (0x0478, 0x0578) - Test vector filtering helpers (success/error tests, raw key tests, encryption algorithm filters) - Automatic test vector execution in CI with caching for performance - EDK-based key name extraction for accurate keyring configuration - Non-AWS encryption examples for local key usage without AWS credentials (#74) - Raw AES example demonstrating all key sizes (128/192/256-bit) with encryption context - Raw RSA example with all 5 padding schemes and PEM key loading from environment variables - Multi-keyring local example showing key redundancy and rotation patterns - API Stability Policy guide documenting semantic versioning and breaking change policy (#72) - Comprehensive module grouping in Hex docs for all keyrings, CMMs, caching, and streaming modules (#72) - User guides for Getting Started, Choosing Components, and Security Best Practices (#73) - Automated testing for guide code examples with extraction and validation (#73) - Advanced feature examples demonstrating streaming, caching, and required encryption context (#75) - Streaming file encryption example with 10MB test file and memory-efficient processing - Caching CMM example showing 2x performance improvement for high-throughput scenarios - Required Encryption Context example enforcing mandatory context keys for compliance ### Changed - README updated for v1.0.0 preparation with pre-release messaging removed (#79) - Feature list converted to clean presentation without checkmark indicators (#79) - Test statistics updated to reflect current 852 passing tests (#79) - Documentation section added with links to guides, examples, and API reference (#79) - Test vectors now run by default when available, improving from 91.8% to 92.6% code coverage (#76) - Header authentication now uses full encryption context with required key filtering for spec compliance (#76) - Algorithm suite deprecation warnings removed for cleaner test output (#76) - Consolidated CHANGELOG entries to improve readability and scannability (#81) - Enhanced streaming module documentation with usage guidance, memory efficiency details, and verification handling (#72) - Examples reorganized into complexity-based subdirectories (01_basics, 02_advanced, 03_aws_kms) (#75) - Examples README updated with category-based navigation and quick start commands ### Fixed - ECDSA signature verification now handles compressed EC public keys (0x02/0x03 prefix) (#77) - Signature verification uses correct hash algorithm and curve based on algorithm suite (#77) - Header body serialization to include version/type bytes in AAD computation per spec (#76) - Required encryption context filtering in header authentication tag computation (#76) - CMM test vector helpers to extract key names from EDK provider_info (#76) - Dialyzer typespec for compute_header_auth_tag/4 to allow nil for optional parameter (#76) - RSA keyring PEM loading to correctly decode keys using pem_entry_decode instead of der_decode (#74) - All KMS examples updated to use correct Client API format (map-based return values) - Client module now supports Caching CMM in dispatch clauses for encryption and decryption (#75)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added
Changed
Fixed