libsodium v1.0.18 Release Notes

Release Date: 2019-05-30 // almost 5 years ago
    • ๐Ÿ‘ Enterprise versions of Visual Studio are now supported.
    • ๐Ÿ‘ Visual Studio 2019 is now supported.
    • 32-bit binaries for Visual Studio 2010 are now provided.
    • ๐Ÿง A test designed to trigger an OOM condition didn't work on Linux systems with memory overcommit turned on. It has been removed in order to fix Ansible builds.
    • ๐Ÿ–จ Emscripten: print and printErr functions are overridden to send
      errors to the console, if there is one.
    • Emscripten: UTF8ToString() is now exported since Pointer_stringify()
      ๐Ÿ—„ has been deprecated.
    • ๐Ÿ›  Libsodium version detection has been fixed in the CMake recipe.
    • Generic hashing got a 10% speedup on AVX2.
    • ๐Ÿ†• New target: WebAssembly/WASI (compile with dist-builds/
    • ๐Ÿ†• New functions to map a hash to an edwards25519 point or get a random point:
      core_ed25519_from_hash() and core_ed25519_random().
    • crypto_core_ed25519_scalar_mul() has been implemented for scalar*scalar (mod L) multiplication.
    • ๐Ÿ‘Œ Support for the Ristretto group has been implemented for interoperability with wasm-crypto.
    • ๐Ÿ‘Œ Improvements have been made to the test suite.
    • Portability improvements have been made.
    • getentropy() is now used on systems providing this system call.
    • randombytes_salsa20 has been renamed to randombytes_internal.
    • ๐Ÿ‘Œ Support for NativeClient has been removed.
    • Most ((nonnull)) attributes have been relaxed to allow 0-length inputs
      to be NULL.
    • The -ftree-vectorize and -ftree-slp-vectorize compiler switches are
      โšก๏ธ now used, if available, for optimized builds.


Previous changes from v1.0.17

    • ๐Ÿ› Bug fix: sodium_pad() didn't properly support block sizes >= 256 bytes.
    • JS/WebAssembly: some old iOS versions can't instantiate the WebAssembly module; fall back to Javascript on these.
    • JS/WebAssembly: compatibility with newer Emscripten versions.
    • Bug fix: crypto_pwhash_scryptsalsa208sha256_str_verify() and crypto_pwhash_scryptsalsa208sha256_str_needs_rehash()didn't returnEINVAL` on input strings with a short length, unlike their high-level counterpart.
    • โž• Added a workaround for Visual Studio 2010 bug causing CPU features not to be detected.
    • Portability improvements.
    • โœ… Test vectors from Project Wycheproof have been added.
    • ๐Ÿ†• New low-level APIs for arithmetic mod the order of the prime order group:
      crypto_core_ed25519_scalar_random(), crypto_core_ed25519_scalar_reduce(),
      crypto_core_ed25519_scalar_invert(), crypto_core_ed25519_scalar_negate(),
      crypto_core_ed25519_scalar_complement(), crypto_core_ed25519_scalar_add() and crypto_core_ed25519_scalar_sub().
    • New low-level APIs for scalar multiplication without clamping: crypto_scalarmult_ed25519_base_noclamp() and crypto_scalarmult_ed25519_noclamp(). These new APIs are especially useful for blinding.
    • sodium_sub() has been implemented.
    • ๐Ÿ‘Œ Support for WatchOS has been added.
    • getrandom(2) is now used on FreeBSD 12+.
    • The nonnull attribute has been added to all relevant prototypes.
    • More reliable AVX512 detection.
    • ๐Ÿ— Javascript/Webassembly builds now use dynamic memory growth.