Changes in Version 6.20 (25 September 2021):
Midfunction does on strings.
basCryptoSys.bas. The old files
basCryptoSysWrappers.basare no longer needed and indeed must not be used.
COMPR_Uncompressand their .NET, VBA and C++ equivalents.
CIPHER_DecryptBytesto replace deprecated
CIPHER_DecryptBytes2. This has no effect on .NET methods or the VBA wrapper functions (it just gets rid of that "2").
MAC_Final, and their .NET, VBA and C++ equivalents.
Changes in Version 6.0 (2 March 2021):
Hash.AddData Method, and
Mac.AddData Method, and
Cipher.Update Method, and
Cipher.Dispose Method). Plus alternative functions to pass data in hexadecimal-encoded form CIPHER_InitHex, CIPHER_UpdateHex.
Cipher.Decrypt Method). These functions provide an alternative input mechanism using hexadecimal-encoded strings, which are simpler to handle than byte arrays.
Changes in Version 5.4 (22 March 2020):
Changes in Version 5.3 (16 September 2018):
SHA3_HexDigestto compute the SHA-3 message digest of data passed in several chunks. The new equivalent .NET methods are
Sha3.Disposeto create and dispose of the objects. The
Sha3.LengthInBytesproperty will return the byte-length of the hash output for an initialized SHA-3 context.
PRF_Bytesand equivalent .NET method
Prf.Bytesto produce pseudorandom output of any length using KMAC128 and KMAC256 as per NIST SP800-185 [SP800185].
XOF_Bytesand equivalent .NET method
Xof.Bytesto provide extended-output functions of any length using SHAKE128 and SHAKE256 as per FIPS PUB 202 [FIPS202].
Wipe.File Method), and added option to overwrite with a single pass of zero bytes (quicker but less secure).
ZLIB_Inflatefunction to compute the required output size in bytes from the compressed data. In earlier versions you needed to know the size by other means. The .NET method
Zlib.Inflate Method (Byte)now supersedes the old
Zlib.Inflate Method (Byte, Int32).
CIPHER_DecryptBytesPad. Use instead
CIPHER_DecryptBytes2. This has no effect on .NET methods.
Changes in Version 5.2 (15 August 2016):
PBE_ScryptHexand their equivalent .NET
CIPHER_DecryptBytes2as safer replacements for
CIPHER_DecryptBytesPad(withdrawn in [v5.3]) with explicit checks for lengths of key and IV byte arrays. These new safer functions are now used internally in the equivalent .NET
CIPHER_FileDecryptwith explicit checks for lengths of key and IV byte arrays. These functions allow the user to specify the type of padding used for ECB and CBC modes (previously only PKCS5Padding), and give the option to prepend the IV to the ciphertext data. The equivalent .NET methods are
bytekey or IV of the wrong length will now cause an explicit error (BAD_KEY_LEN_ERROR or BAD_IV_LEN_ERROR) before it does any more harm.
Cipher.KeyBytes Methodto return the correct sizes in bytes of the cipher block and key for a given block cipher algorithm.
CNV_BytesFromB64Strto be stricter and return an error if any obviously invalid characters are found (formerly they were just ignored). Whitespace characters are still allowed in both hex and base64 strings, and ASCII punctuation characters in a hex string. So, for example, the hex string
"DE:AD:BE:EF"is still OK, but characters in the range
[G-Zg-z]in a hex string now cause an error.
Changes in Version 5.1 (18 July 2015):
AEADfamily of 11 new functions and the
Aeadclass of methods to provide authenticated encryption with additional data (AEAD) with support for the following algorithms:
AEAD_Decryptprovide a simple, stateless interface to do one-off AEAD computations.
errorcodes-api.csin the distribution. You may need to cut and paste from these into your projects.
Changes in Version 5.0 (29 April 2015):
CIPHER_Streamfamily of functions and
CipherStreamclass of methods to provide stream ciphers with support for CHACHA20, SALSA20, and ARCFOUR (a.k.a RC4).
MACfunctions or the
MacAlgorithm.Poly1305option with any of the
Macclass of methods.
CIPHER_DecryptBytesPadwhich use the specified block cipher algorithm, mode and padding to encrypt and decrypt data in a byte array. Padding is added if required before encryption and removed after decryption. The equivalent .NET methods are
API_Versionto return a five-digit number of the form
Major * 10000 + Minor * 100 + Release. For example, version 5.2.1 will return the number 50201 whereas version 4.7.0 would have returned 470.
Changes in Version 4.7 (15 September 2013):
RNG_Initializefunction and Rng.Initialize method so they will create a new seed file if one does not exist (previously it just used to fail).
longto the explicit-size
int32_ttype. This is only relevant for the MAC-OSX library, where the
longtype is 64 bits instead of 32 bits. It should have no effect in Windows or other platforms.
RNG_Numberfunction and Rng.Number method to cope with the full range of 32-bit signed integer limits.
Changes in Version 4.6 (7 November 2012):
Hash.HexFromBitsmethod to compute the secure hash of a bit string (as opposed to the byte-oriented methods) using the SHA family of secure hash functions.
Rng.TestDrbgvsmethod to carry out the relevant validation test in The NIST SP 800-90A Deterministic Random Bit Generator Validation System (DRBGVS) [DRBGVS].
Changes in Version 4.5 (23 January 2011):
BLF_FileExt, and their associated methods in .NET with the
CipherFileOptionparameter. The extended options (1) enable the IV to be embedded in the ciphertext file and (2) allow the padding to be left in place when decrypting. See Extensions to block cipher functions for files for more details.
General.ErrorCodemethod so they now return an error code after calling most functions. This is useful to find the error when the .NET methods return an empty string.
Changes in Version 4.4 (9 August 2010):
Changes in Version 4.3 (17 December 2009):
Changes in Version 4.2 (19 March 2009):
WIPE_Filefunction - up to three times faster for large files.
Changes in Version 4.1 (11 July 2008):
Changes in Version 4.0 (12 September 2007):
Changes in Version 3.2 (22 July 2006):
Version 1.0 first published 13 September 2001.