Revisions of libsodium
Dominique Leuenberger (dimstar_suse)
accepted
request 726508
from
Ismail Dönmez (namtrac)
(revision 27)
Dominique Leuenberger (dimstar_suse)
accepted
request 712754
from
Dirk Mueller (dirkmueller)
(revision 26)
Dominique Leuenberger (dimstar_suse)
accepted
request 622471
from
Ismail Dönmez (namtrac)
(revision 24)
Dominique Leuenberger (dimstar_suse)
accepted
request 556722
from
Ismail Dönmez (namtrac)
(revision 22)
- Update to 1.0.16 * Signatures computations and verifications are now way faster on 64-bit platforms with compilers supporting 128-bit arithmetic (gcc, clang, icc). This includes the WebAssembly target. * New low-level APIs for computations over edwards25519: crypto_scalarmult_ed25519(), crypto_scalarmult_ed25519_base(), crypto_core_ed25519_is_valid_point(), crypto_core_ed25519_add(), crypto_core_ed25519_sub() and crypto_core_ed25519_from_uniform() (elligator representative to point). * crypto_sign_open(), crypto_sign_verify_detached() and crypto_sign_edwards25519sha512batch_open` now reject public keys in non-canonical form in addition to low-order points. * The library can be built with ED25519_NONDETERMINISTIC defined in order to use synthetic nonces for EdDSA. This is disabled by default. * sodium_stackzero() was added to wipe content off the stack. * The Salsa20-based PRNG example is now thread-safe on platforms with support for thread-local storage, optionally mixes bits from RDRAND. * Argon2 and scrypt are slightly faster on Linux.
Dominique Leuenberger (dimstar_suse)
accepted
request 532674
from
Ismail Dönmez (namtrac)
(revision 21)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 529173
from
Ismail Dönmez (namtrac)
(revision 20)
- Update to version 1.0.14 * Internal consistency checks failing and primitives used with dangerous/out-of-bounds/invalid parameters used to call abort(3). Now, a custom handler that doesn't return can be set with the set_sodium_misuse() function. It still aborts by default or if the handler ever returns. This is not a replacement for non-fatal, expected runtime errors. This handler will be only called in unexpected situations due to potential bugs in the library or in language bindings. * *_MESSAGEBYTES_MAX macros (and the corresponding _messagebytes_max() symbols) have been added to represent the maximum message size that can be safely handled by a primitive. Language bindings are encouraged to check user inputs against these maximum lengths. * The test suite has been extended to cover more edge cases. * crypto_sign_ed25519_pk_to_curve25519() now rejects points that are not on the curve, or not in the main subgroup. * Further changes have been made to ensure that smart compilers will not optimize out code that we don't want to be optimized. * The sodium_runtime_has_* symbols for CPU features detection are now defined as weak symbols, i.e. they can be replaced with an application-defined implementation. This can be useful to disable AVX* when temperature/power consumption is a concern. * crypto_kx_*() now aborts if called with no non-NULL pointers to store keys to. * SSE2 implementations of crypto_verify_*() have been added. * Passwords can be hashed using a specific algorithm with the new crypto_pwhash_str_alg() function. * Due to popular demand, base64 encoding (sodium_bin2base64()) and decoding (sodium_base642bin()) have been implemented. * A new crypto_secretstream_*() API was added to safely encrypt
Dominique Leuenberger (dimstar_suse)
accepted
request 481258
from
Factory Maintainer (factory-maintainer)
(revision 19)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 417345
from
Dirk Mueller (dirkmueller)
(revision 18)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 384516
from
Ismail Dönmez (namtrac)
(revision 17)
- Update to version 1.0.10 * Compile fix update for older GCCs
Dominique Leuenberger (dimstar_suse)
accepted
request 383238
from
Ismail Dönmez (namtrac)
(revision 16)
- Update to version 1.0.9 * A detached API was added to the ChaCha20-Poly1305 and AES256-GCM implementations. * The Argon2i password hashing function was added, and is accessible directly and through a new, high-level crypto_pwhash API. The scrypt function remains available as well. * A speed-record AVX2 implementation of BLAKE2b was added. * Countermeasures for Ed25519 signatures malleability have been added to match the irtf-cfrg-eddsa draft. * The HChaCha20 core function was implemented (crypto_core_hchacha20()). * No-op stubs were added for all AES256-GCM public functions even when compiled on non-Intel platforms. * crypt_generichash_blake2b_statebytes() was added. * New macros were added for the IETF variant of the ChaCha20-Poly1305 construction.
Dominique Leuenberger (dimstar_suse)
accepted
request 350786
from
Ismail Dönmez (namtrac)
(revision 15)
- Update to version 1.0.8 * Handle the case where the CPU supports AVX, but we are running on an hypervisor with AVX disabled/not supported. * Faster (2x) scalarmult_base() when using the ref10 implementation.
Dominique Leuenberger (dimstar_suse)
accepted
request 347947
from
Ismail Dönmez (namtrac)
(revision 14)
- Update to version 1.0.7 * Sandy2x, the fastest Curve25519 implementation ever, has been merged in, and is automatically used on CPUs supporting the AVX instructions set. * An SSE2 optimized implementation of Poly1305 was added, and is twice as fast as the portable one. * An SSSE3 optimized implementation of ChaCha20 was added, and is twice as fast as the portable one. * Faster sodium_increment() for common nonce sizes. * New helper functions have been added: sodium_is_zero() and sodium_add(). - Follow upstream's lead and compile with -flto for > 13.2 on x86 and x86-64.
Dominique Leuenberger (dimstar_suse)
accepted
request 342056
from
Ismail Dönmez (namtrac)
(revision 13)
- Update to 1.0.6 * Optimized implementations of Blake2 have been added for modern Intel platforms. crypto_generichash() is now faster than MD5 and SHA1 implementations while being far more secure. * The crypto_sign_edwards25519sha512batch_*() functions have been tagged as deprecated. * sodium_compare() now works as documented, and compares numbers in little-endian format instead of behaving like memcmp(). * sodium_runtime_has_ssse3() and sodium_runtime_has_sse41() have been added.
Stephan Kulow (coolo)
accepted
request 340172
from
Ismail Dönmez (namtrac)
(revision 12)
- Now that gcc 5.2 is available on TW, remove the ARMv7 workaround.
Dominique Leuenberger (dimstar_suse)
accepted
request 339760
from
Ismail Dönmez (namtrac)
(revision 11)
- Update to 1.0.4 * Support for AES256-GCM has been added. This requires a CPU with the aesni and pclmul extensions, and is accessible via the crypto_aead_aes256gcm_*() functions. * ChaCha20 with an extended (96 bit) nonce and a 32-bit counter has been implemented as crypto_stream_chacha20_ietf(), crypto_stream_chacha20_ietf_xor() and crypto_stream_chacha20_ietf_xor_ic(). An IETF-compatible version of ChaCha20Poly1305 is available as crypto_aead_chacha20poly1305_ietf_npubbytes(), crypto_aead_chacha20poly1305_ietf_encrypt() and crypto_aead_chacha20poly1305_ietf_decrypt(). * The sodium_increment() helper function has been added, to increment an arbitrary large number (such as a nonce). * The sodium_compare() helper function has been added, to compare arbitrary large numbers (such as nonces, in order to prevent replay attacks).
Dominique Leuenberger (dimstar_suse)
accepted
request 281495
from
Ismail Dönmez (namtrac)
(revision 9)
- Update to version 1.0.2 * The _easy and _detached APIs now support precalculated keys * sodium_free() can now be called on regions with PROT_NONE protection. * Memory allocation functions can now be used on operating systems with no memory protection.
Stephan Kulow (coolo)
accepted
request 251994
from
Ismail Dönmez (namtrac)
(revision 8)
- Update to version 1.0.0 * The API and ABI are now stable. * crypto_sign() properly works with overlapping regions again. * The test suite has been extended.
Displaying revisions 1 - 20 of 27