From 79dfbe99785c9bab0e2abfce71df158f60c09f56 Mon Sep 17 00:00:00 2001 From: JohnnyT Date: Sun, 1 Feb 2026 17:22:30 -0700 Subject: [PATCH] Releases v0.7.0 ### Added - Error test vector validation suite with 4,240 negative test cases (#77) - Compressed EC public key decompression for P-256 and P-384 curves (#77) - Multi-curve ECDSA signature verification supporting SHA-256/secp256r1 and SHA-384/secp384r1 (#77) - API mismatch test validating unsigned-only streaming decryption mode (#77) - Comprehensive error categorization (bit flip, truncation, API mismatch, other) (#77) - Full test vector runner executing 2,861 success test vectors via complete decrypt flow (#76) - Comprehensive test coverage for all 11 ESDK algorithm suites including committed suites (0x0478, 0x0578) - Test vector filtering helpers (success/error tests, raw key tests, encryption algorithm filters) - Automatic test vector execution in CI with caching for performance - EDK-based key name extraction for accurate keyring configuration - Non-AWS encryption examples for local key usage without AWS credentials (#74) - Raw AES example demonstrating all key sizes (128/192/256-bit) with encryption context - Raw RSA example with all 5 padding schemes and PEM key loading from environment variables - Multi-keyring local example showing key redundancy and rotation patterns - API Stability Policy guide documenting semantic versioning and breaking change policy (#72) - Comprehensive module grouping in Hex docs for all keyrings, CMMs, caching, and streaming modules (#72) - User guides for Getting Started, Choosing Components, and Security Best Practices (#73) - Automated testing for guide code examples with extraction and validation (#73) - Advanced feature examples demonstrating streaming, caching, and required encryption context (#75) - Streaming file encryption example with 10MB test file and memory-efficient processing - Caching CMM example showing 2x performance improvement for high-throughput scenarios - Required Encryption Context example enforcing mandatory context keys for compliance ### Changed - README updated for v1.0.0 preparation with pre-release messaging removed (#79) - Feature list converted to clean presentation without checkmark indicators (#79) - Test statistics updated to reflect current 852 passing tests (#79) - Documentation section added with links to guides, examples, and API reference (#79) - Test vectors now run by default when available, improving from 91.8% to 92.6% code coverage (#76) - Header authentication now uses full encryption context with required key filtering for spec compliance (#76) - Algorithm suite deprecation warnings removed for cleaner test output (#76) - Consolidated CHANGELOG entries to improve readability and scannability (#81) - Enhanced streaming module documentation with usage guidance, memory efficiency details, and verification handling (#72) - Examples reorganized into complexity-based subdirectories (01_basics, 02_advanced, 03_aws_kms) (#75) - Examples README updated with category-based navigation and quick start commands ### Fixed - ECDSA signature verification now handles compressed EC public keys (0x02/0x03 prefix) (#77) - Signature verification uses correct hash algorithm and curve based on algorithm suite (#77) - Header body serialization to include version/type bytes in AAD computation per spec (#76) - Required encryption context filtering in header authentication tag computation (#76) - CMM test vector helpers to extract key names from EDK provider_info (#76) - Dialyzer typespec for compute_header_auth_tag/4 to allow nil for optional parameter (#76) - RSA keyring PEM loading to correctly decode keys using pem_entry_decode instead of der_decode (#74) - All KMS examples updated to use correct Client API format (map-based return values) - Client module now supports Caching CMM in dispatch clauses for encryption and decryption (#75) --- CHANGELOG.md | 5 ++++- README.md | 4 ++-- mix.exs | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9edc5dc..42a154c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [0.7.0] - 2026-02-01 + ### Added - Error test vector validation suite with 4,240 negative test cases (#77) - Compressed EC public key decompression for P-256 and P-384 curves (#77) @@ -130,7 +132,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Basic encryption and decryption operations with AES-GCM and key commitment (#10) - Test vector harness for AWS Encryption SDK compatibility testing (#13) -[Unreleased]: https://github.com/riddler/aws-encryption-sdk-elixir/compare/v0.6.0...HEAD +[Unreleased]: https://github.com/riddler/aws-encryption-sdk-elixir/compare/v0.7.0...HEAD +[0.7.0]: https://github.com/riddler/aws-encryption-sdk-elixir/compare/v0.6.0...v0.7.0 [0.6.0]: https://github.com/riddler/aws-encryption-sdk-elixir/compare/v0.5.0...v0.6.0 [0.5.0]: https://github.com/riddler/aws-encryption-sdk-elixir/compare/v0.4.0...v0.5.0 [0.4.0]: https://github.com/riddler/aws-encryption-sdk-elixir/compare/v0.3.0...v0.4.0 diff --git a/README.md b/README.md index 95afe5f..0787262 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ An Elixir implementation of the [AWS Encryption SDK](https://docs.aws.amazon.com ## Current Status -**Version**: 0.6.0 +**Version**: 0.7.0 ### Features @@ -50,7 +50,7 @@ Add `aws_encryption_sdk` to your list of dependencies in `mix.exs`: ```elixir def deps do [ - {:aws_encryption_sdk, "~> 0.6.0"} + {:aws_encryption_sdk, "~> 0.7.0"} ] end ``` diff --git a/mix.exs b/mix.exs index 11530c7..eaf624e 100644 --- a/mix.exs +++ b/mix.exs @@ -1,7 +1,7 @@ defmodule AwsEncryptionSdk.MixProject do use Mix.Project - @version "0.6.0" + @version "0.7.0" @source_url "https://github.com/riddler/aws-encryption-sdk-elixir" def project do