Skip to content

v1.2.0

Latest
Latest

Choose a tag to compare

View all tags
@xdg xdg released this 24 Nov 13:42
v1.2.0
b6d6a0b
This commit was signed with the committer’s verified signature.
xdg David Golden
GPG key ID: 33BF37F395259C24
Verified
Learn about vigilant mode.

Added

  • Channel binding support for SCRAM-PLUS variants (RFC 5929, RFC 9266)
  • GetStoredCredentialsWithError() method that returns errors from PBKDF2
    key derivation instead of panicking.
  • Support for Go 1.24+ stdlib crypto/pbkdf2 package, which provides
    FIPS 140-3 compliance when using SHA-256 or SHA-512 hash functions.

Changed

  • Minimum Go version bumped from 1.11 to 1.18.
  • Migrated from github.com/xdg-go/pbkdf2 to stdlib crypto/pbkdf2 on
    Go 1.24+. Legacy Go versions (<1.24) continue using the external
    library via build tags for backward compatibility.
  • Internal error handling improved for PBKDF2 key derivation failures.

Deprecated

  • GetStoredCredentials() is deprecated in favor of
    GetStoredCredentialsWithError(). The old method panics on PBKDF2
    errors to maintain backward compatibility but will be removed in a
    future major version.

Notes

  • FIPS 140-3 compliance is available on Go 1.24+ when using SCRAM-SHA-256
    or SCRAM-SHA-512 with appropriate salt lengths (≥16 bytes). SCRAM-SHA-1
    is not FIPS-approved.
Assets 2
Loading