Skip to content

1.0.19

Compare
Choose a tag to compare
@jedisct1 jedisct1 released this 13 Sep 13:53
· 929 commits to master since this release
1.0.19-RELEASE

This release includes all the changes from 1.0.18-stable, as well as two additions:

  • New AEADs: AEGIS-128L and AEGIS-256 are now available in the crypto_aead_aegis128l_*() and crypto_aead_aegis256_*() namespaces. AEGIS is a family of authenticated ciphers for high-performance applications, leveraging hardware AES acceleration on x86_64 and aarch64. In addition to performance, AEGIS ciphers have unique properties making them easier and safer to use than AES-GCM. They can also be used as high-performance MACs.
  • The HKDF key derivation mechanism, required by many standard protocols, is now available in the crypto_kdf_hkdf_*() namespace. It is implemented for the SHA-256 and SHA-512 hash functions.
  • The osx.sh build script was renamed to macos.sh.
  • Support for android-mips was removed.

From 1.0.18-stable:

  • Visual Studio: support for Windows/ARM64 builds has been added.
  • Visual Studio: AVX512 implementations are enabled on supported CPUs.
  • Visual Studio: an MSVC 2022 solution was added.
  • Apple XCFramework: support for VisionOS was added.
  • Apple XCFranework: support for Catalyst was added.
  • Apple XCFramework: building the simulators is now optional.
  • iOS: bitcode is not generated any more, as it was deprecated by Apple.
  • watchOS: support for arm64 was added.
  • The Zig toolchain can now be used as a modern build system to replace autoconf/automake/libtool/make/ccache and the compiler. This enables faster compilation times, easier cross compilation, and static libraries optimized for any CPU.
  • The Zig toolchain is now the recommended way to compile libsodium to WebAssembly/WASI(X).
  • libsodium can now be added as a dependency to Zig projects.
  • Memory fences were added to remove some gadgets that could be used alongside speculative loads.
  • The AES-GCM implementation was completely rewritten. It is now faster, and also available on aarch64, including Windows/ARM64.
  • Compatibility with CET instrumentation / IBT / Shadow Stack was added.
  • Emscripten: the crypto_pwhash_*() functions have been removed from Sumo builds, as they reserve a substantial amount of JavaScript memory, even when not used.
  • Benchmarks now use CLOCK_MONOTONIC if possible.
  • WebAssembly: tests can now run using Bun, WasmEdge, Wazero, wasm3 and wasmer-js. Support for WAVM and Lucet have been removed, as these projects have reached EOL.
  • .NET: the minimum supported macOS version is now 1.0.15; this matches Microsoft guidelines.
  • .NET: all the packages are now built using Zig, on all platforms. This allows us to easily match Microsoft's requirements, including supported glibc versions. However, on x86_64, targets are expected to support at least the AVX instruction set.
  • .NET: packages for ARM64 are now available.
  • C23 memset_explicit() is now used, when available.
  • Compilation now uses -Ofast or -O3 instead of -O2 by default.
  • Portability improvements to help compile libsodium to modern game consoles.
  • JavaScript: a default unhandledRejection handler is not set any more.
  • Slightly faster 25519 operations.
  • OpenBSD: leverage MAP_CONCEAL.