- Update to version 1.0.14
  * Internal consistency checks failing and primitives used with
    dangerous/out-of-bounds/invalid parameters used to call abort(3).
    Now, a custom handler that doesn't return can be set with the
    set_sodium_misuse() function. It still aborts by default or if
    the handler ever returns. This is not a replacement for non-fatal,
    expected runtime errors. This handler will be only called in
    unexpected situations due to potential bugs in the library or in
    language bindings.
  * *_MESSAGEBYTES_MAX macros (and the corresponding _messagebytes_max()
    symbols) have been added to represent the maximum message size that
    can be safely handled by a primitive. Language bindings are
    encouraged to check user inputs against these maximum lengths.
  * The test suite has been extended to cover more edge cases.
  * crypto_sign_ed25519_pk_to_curve25519() now rejects points that
    are not on the curve, or not in the main subgroup.
  * Further changes have been made to ensure that smart compilers
    will not optimize out code that we don't want to be optimized.
  * The sodium_runtime_has_* symbols for CPU features detection are
    now defined as weak symbols, i.e. they can be replaced with an
    application-defined implementation. This can be useful to
    disable AVX* when temperature/power consumption is a concern.
  * crypto_kx_*() now aborts if called with no non-NULL pointers
    to store keys to.
  * SSE2 implementations of crypto_verify_*() have been added.
  * Passwords can be hashed using a specific algorithm with the new
    crypto_pwhash_str_alg() function.
  * Due to popular demand, base64 encoding (sodium_bin2base64())
    and decoding (sodium_base642bin()) have been implemented.
  * A new crypto_secretstream_*() API was added to safely encrypt

• Files Changed
• Browse Source