Skip to content

1.0.14
Compare
Choose a tag to compare
@jedisct1 jedisct1 released this 21 Sep 23:21
· 1403 commits to master since this release
1.0.14
This tag was signed with the committer’s verified signature.
jedisct1 Frank Denis
GPG key ID: 62F25B592B6F76DA
Learn about vigilant mode.
4c37368
  • iOS binaries should now be compatible with WatchOS and TVOS.
  • WebAssembly is now officially supported. Special thanks to @facekapow and @pepyakin who helped to make it happen.
  • Internal consistency checks failing and primitives used with dangerous/out-of-bounds/invalid parameters used to call abort(3). Now, a custom handler that doesn't return can be set with the set_sodium_misuse() function. It still aborts by default or if the handler ever returns. This is not a replacement for non-fatal, expected runtime errors. This handler will be only called in unexpected situations due to potential bugs in the library or in language bindings.
  • *_MESSAGEBYTES_MAX macros (and the corresponding _messagebytes_max() symbols) have been added to represent the maximum message size that can be safely handled by a primitive. Language bindings are encouraged to check user inputs against these maximum lengths.
  • The test suite has been extended to cover more edge cases.
  • crypto_sign_ed25519_pk_to_curve25519() now rejects points that are not on the curve, or not in the main subgroup.
  • Further changes have been made to ensure that smart compilers will not optimize out code that we don't want to be optimized.
  • Visual Studio solutions are now included in distribution tarballs.
  • The sodium_runtime_has_* symbols for CPU features detection are now defined as weak symbols, i.e. they can be replaced with an application-defined implementation. This can be useful to disable AVX* when temperature/power consumption is a concern.
  • crypto_kx_*() now aborts if called with no non-NULL pointers to store keys to.
  • SSE2 implementations of crypto_verify_*() have been added.
  • Passwords can be hashed using a specific algorithm with the new crypto_pwhash_str_alg() function.
  • Due to popular demand, base64 encoding (sodium_bin2base64()) and decoding (sodium_base642bin()) have been implemented.
  • A new crypto_secretstream_*() API was added to safely encrypt files and multi-part messages.
  • The sodium_pad() and sodium_unpad() helper functions have been added in order to add & remove padding.
  • An AVX512 optimized implementation of Argon2 has been added (written by Ondrej Mosnáček, thanks!)
  • The crypto_pwhash_str_needs_rehash() function was added to check if a password hash string matches the given parameters, or if it needs an update.
  • The library can now be compiled with recent versions of emscripten/binaryen that don't allow multiple variables declarations using a single var statement.
Assets 5
Loading