2018-07-13 - email@example.com
- Add baselibs.conf: build libsodium23-32bit, which is required by
zeromq's -32bit packages.
2017-03-13 - firstname.lastname@example.org
- Update to version 1.0.12
* Ed25519ph was implemented, adding a multi-part signature API
(crypto_sign_init(), crypto_sign_update(), crypto_sign_final_*()).
* New constants and related accessors have been added for Scrypt
* XChaCha20 has been implemented. Like XSalsa20, this construction
extends the ChaCha20 cipher to accept a 192-bit nonce. This
makes it safe to use ChaCha20 with random nonces.
* crypto_secretbox, crypto_box and crypto_aead now offer variants
* SHA-2 is about 20% faster, which also gives a speed boost to
signature and signature verification.
* AVX2 implementations of Salsa20 and ChaCha20 have been added.
They are twice as fast as the SSE2 implementations. The speed
gain is even more significant on Windows, that previously
didn't use vectorized implementations.
* New high-level API: crypto_kdf, to easily derive one or more
subkeys from a master key.
* Siphash with a 128-bit output has been implemented, and is
available as crypto_shorthash_siphashx_*.
* New *_keygen() helpers functions have been added to create
secret keys for all constructions. This improves code clarity
and can prevent keys from being partially initialized.
* A new randombytes_buf_deterministic() function was added to
deterministically fill a memory region with pseudorandom data.
This function can especially be useful to write reproducible tests.
* A preliminary crypto_kx_*() API was added to compute shared
* AVX2 detection is more reliable.
2016-08-06 - email@example.com
- update version 1.0.11
* sodium_init() is now thread-safe, and can be safely called
* Better support for old gcc versions.
* AVX2 detection was fixed, resulting in faster BLAKE2b hashing
on platforms where it was not properly detected.
* The Sandy2x Curve25519 implementation was not as fast as
expected on some platforms. This has been fixed.
* The NativeClient target was improved. Most notably, it now
supports optimized implementations, and uses pepper_49 by default.
* The library can be compiled with recent Emscripten versions.
Changes have been made to produce smaller code, and the default
heap size was reduced in the standard version.
* Decryption functions can now accept a NULL pointer for the output.
This checks the MAC without writing the decrypted message.
* crypto_generichash_final() now returns -1 if called twice.
2016-04-05 - firstname.lastname@example.org
- Update to version 1.0.10
* Compile fix update for older GCCs
2016-04-02 - email@example.com
- Update to version 1.0.9
* A detached API was added to the ChaCha20-Poly1305 and AES256-GCM
* The Argon2i password hashing function was added, and is accessible
directly and through a new, high-level crypto_pwhash API.
The scrypt function remains available as well.
* A speed-record AVX2 implementation of BLAKE2b was added.
* Countermeasures for Ed25519 signatures malleability have been
added to match the irtf-cfrg-eddsa draft.
* The HChaCha20 core function was implemented (crypto_core_hchacha20()).
* No-op stubs were added for all AES256-GCM public functions even
when compiled on non-Intel platforms.
* crypt_generichash_blake2b_statebytes() was added.
* New macros were added for the IETF variant of the ChaCha20-Poly1305
2015-12-25 - firstname.lastname@example.org
- Update to version 1.0.8
* Handle the case where the CPU supports AVX, but we are running
on an hypervisor with AVX disabled/not supported.
* Faster (2x) scalarmult_base() when using the ref10 implementation.