Update Poly1305 to comply with RFC 7539

author: Peter Dettman <peter.dettman@bouncycastle.org> 2016-04-20 19:48:32 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2016-04-20 19:48:32 +0700
commit: 27ce448162521ace7bc4c0520458ee3dd5665f53 (patch)
tree: 83153c6fb753ff5b24f53bf3496b0d9af0286350 /crypto/Readme.html
parent: Put zero-length extensions first in the ClientHello (diff)
download: BouncyCastle.NET-ed25519-27ce448162521ace7bc4c0520458ee3dd5665f53.tar.xz
1 files changed, 9 insertions, 0 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html
index 7af1bbaf0..0cbd91daa 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -294,6 +294,15 @@ We state, where EC MQV has not otherwise been disabled or removed:
 
         <h4><a class="mozTocH4" name="mozTocId85316"></a>Release 1.8.2, Release Date TBD</h4>
 
+        <h5>IMPORTANT</h5>
+        <ul>
+            <li>
+                This release brings our Poly1305 implementation into line wih RFC 7539, which breaks backward compatibility. The essential
+                difference from 1.8.1 is that the two halves of the 32-byte Poly1305 key have swapped places. If you have persisted Poly1305
+                keys, or are interoperating with other Poly1305 implementations, you may need to account for this change when migrating to 1.8.2.
+            </li>
+        </ul>
+
         <h5>Additional Features and Functionality</h5>
         <ul>
             <li>TLS: support for ClientHello Padding Extension (RFC 7685).</li>
author	Peter Dettman <peter.dettman@bouncycastle.org>	2016-04-20 19:48:32 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2016-04-20 19:48:32 +0700
commit	27ce448162521ace7bc4c0520458ee3dd5665f53 (patch)
tree	83153c6fb753ff5b24f53bf3496b0d9af0286350 /crypto/Readme.html
parent	Put zero-length extensions first in the ClientHello (diff)
download	BouncyCastle.NET-ed25519-27ce448162521ace7bc4c0520458ee3dd5665f53.tar.xz