From a1041fcf7d4d4af8aab8f9d16e58979c06ba7db2 Mon Sep 17 00:00:00 2001
From: Paragon Initiative Enterprises <security@paragonie.com>
Date: Sun, 28 Apr 2024 04:48:46 -0400
Subject: [PATCH] Release version 2.1.0

---
 doc/release-notes-2.1.0.md | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 doc/release-notes-2.1.0.md

diff --git a/doc/release-notes-2.1.0.md b/doc/release-notes-2.1.0.md
new file mode 100644
index 0000000..87bbd44
--- /dev/null
+++ b/doc/release-notes-2.1.0.md
@@ -0,0 +1,31 @@
+phpecc 2.1.0
+
+Introduced hardened implementations of NIST P-256 and NIST P-384.
+
+This implementations assumes that bigint multiplication is constant-time. On most hardware, this is a good assumption.
+[BearSSL has good documentation on the hardware where this assumption is false](https://www.bearssl.org/ctmul.html). The 
+odds are good that you're running PHP on hardware that uses constant-time multiplication.
+
+Despite being PHP implementations of constant-time code, the performance hit for using these curves is minimal. There is
+probably some opportunity for further optimizations.
+
+We do not force the use of our implementation by default, due to the minor performance hit it does have. To use the new
+code:
+
+```diff
+  $nistFactory = EccFactory::getNistCurves($adapter);
+
+- $g256 = $nistFactory->generator256($rng);
++ $g256 = $nistFactory->generator256($rng, true);
+
+- $g384 = $nistFactory->generator384$rng);
++ $g384 = $nistFactory->generator384($rng, true);
+
+- $p256 = $bistFactory->curve256();
++ $p256 = $nistFactory->optimizedCurve256();
+
+- $p384 = $bistFactory->curve384();
++ $p384 = $nistFactory->optimizedCurve384();
+```
+
+We will update [EasyECC](https://github.com/paragonie/easy-ecc) to use this API in the next release.