Skip to content

feat: Release v0.2.0 - AES-256-GCM default encryption#1

Merged
dolutech merged 1 commit intomainfrom
release/v0.2.0
Jan 11, 2026
Merged

feat: Release v0.2.0 - AES-256-GCM default encryption#1
dolutech merged 1 commit intomainfrom
release/v0.2.0

Conversation

@dolutech
Copy link
Copy Markdown
Owner

@dolutech dolutech commented Jan 11, 2026
edited by coderabbitai bot
Loading

New Features

  • AES-256-GCM (AEAD) as default encryption method
  • Encryption versioning (v2 for GCM, v1 for legacy CBC+HMAC)
  • Password policy: password_min_length (default: 12)
  • Custom password validator support
  • Key wrapping option for defense in depth
  • Privacy mode to hide status details
  • Secure deletion with SQLite secure_delete pragma

Security Fixes

  • v1 format now enforces AES-256-CBC (fixes cipher mode mismatch)
  • Host header validation in web interface example
  • HMAC authentication for v1 CBC payloads

Documentation

  • Migration guide with backward compatibility verification
  • Rollback procedure documentation
  • Updated API reference and configuration docs

Breaking Changes

  • Default encryption changed from AES-256-CBC to AES-256-GCM
  • Minimum password length increased to 12 characters
  • Encrypted data now uses versioned format (v2: or v1: prefix)

Backward compatible: existing data without prefix still supported.

Summary by CodeRabbit

  • New Features

    • Added encryption versioning (v1: legacy CBC+HMAC, v2: GCM AEAD)
    • Added key wrapping support for per-note encryption keys
    • Added privacy mode to hide sensitive details
    • Added secure delete functionality
    • Added configurable password policies and custom validators
    • Added optional require-password enforcement

  • Changed

    • Default encryption method now AES-256-GCM (AEAD)
    • Minimum password length increased to 12 characters

✏️ Tip: You can customize this high-level summary in your review settings.

@dolutech
feat: Release v0.2.0 - AES-256-GCM default encryption
966ce04 
## New Features
- AES-256-GCM (AEAD) as default encryption method
- Encryption versioning (v2 for GCM, v1 for legacy CBC+HMAC)
- Password policy: password_min_length (default: 12)
- Custom password validator support
- Key wrapping option for defense in depth
- Privacy mode to hide status details
- Secure deletion with SQLite secure_delete pragma

## Security Fixes
- v1 format now enforces AES-256-CBC (fixes cipher mode mismatch)
- Host header validation in web interface example
- HMAC authentication for v1 CBC payloads

## Documentation
- Migration guide with backward compatibility verification
- Rollback procedure documentation
- Updated API reference and configuration docs

## Breaking Changes
- Default encryption changed from AES-256-CBC to AES-256-GCM
- Minimum password length increased to 12 characters
- Encrypted data now uses versioned format (v2: or v1: prefix)

Backward compatible: existing data without prefix still supported.
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Jan 11, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

A version release (0.1.0 → 0.2.0) introducing dual encryption versioning (v1: CBC+HMAC, v2: AES-256-GCM AEAD as default), password policies with minimum length enforcement, optional key wrapping, privacy mode, secure deletion, and comprehensive documentation and configuration updates.

Changes

Cohort / File(s) Summary
Version & Manifest
.gitignore, CHANGELOG.md		 Added Composer-related ignore patterns; bumped release to 0.2.0 with detailed sections for Added features, Changed defaults, and Security enhancements.
Core Documentation
README.md, docs/index.md		 Updated version badge and feature descriptions; changed default encryption from CBC to GCM (AEAD), documented new encryption versioning, password policies, key wrapping, privacy mode, and secure delete options.
API & Configuration Reference
docs/api-reference.md, docs/configuration.md		 Expanded configuration option documentation; introduced encryption_version, password_min_length, password_validator, require_password, enable_key_wrapping, wrapping_key, privacy_mode, and secure_delete; updated examples and default values.
Security & Migration Guides
docs/security.md, docs/migration.md		 Revised security architecture to detail v1/v2 data formats, raised minimum password length to 12 characters, documented AEAD-specific mitigations; substantially rewrote migration path with backward-compatibility emphasis and new version checks.
Core Library Implementation
src/CryptNote.php, src/CryptNoteStandalone.php		 Added encryption versioning constants (FORMAT_V1, FORMAT_V2), implemented dual-path encryption/decryption (CBC+HMAC vs. GCM/AEAD), integrated key wrapping/unwrapping, password policy enforcement, privacy mode behavior, and secure deletion pragma handling.
Usage Examples
examples/basic-usage.php, examples/web-interface/*		 Updated example passwords to meet 12-character minimum; added configuration options (encryption_method, encryption_version, password_min_length); added host allowlist validation in web interface; added password length validation example.
Tests
tests/CryptNoteTest.php		 Updated test passwords to meet new 12-character minimum policy; adjusted expected error messages to align with updated validation logic.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Poem

🐰 Hop along, dear readers brave!
v2 encryption now will save,
With wrapped keys, policies so tight,
And privacy to hide from sight—
GCM guards where CBC once stood,
Zero-point-two does look so good! 🔐✨

✨ Finishing touches
  • 📝 Generate docstrings
📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 35d67bc and 966ce04.

📒 Files selected for processing (14)
  • .gitignore
  • CHANGELOG.md
  • README.md
  • docs/api-reference.md
  • docs/configuration.md
  • docs/index.md
  • docs/migration.md
  • docs/security.md
  • examples/basic-usage.php
  • examples/web-interface/index.php
  • examples/web-interface/view.php
  • src/CryptNote.php
  • src/CryptNoteStandalone.php
  • tests/CryptNoteTest.php

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@dolutech dolutech merged commit 18e8238 into main Jan 11, 2026
1 check was pending
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dolutech