Skip to content

Releases: paragonie/sodium_compat

Version 1.12.2

30 Dec 03:14
@paragonie-security paragonie-security
v1.12.2
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
3b95310
Compare
Choose a tag to compare
Version 1.12.2
Assets 4
Loading

Version 1.12.1

07 Nov 17:08
@paragonie-scott paragonie-scott
v1.12.1
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
063cae9
Compare
Choose a tag to compare
Version 1.12.1

Fixes #107.

Assets 4
Loading

Version 1.12.0

19 Oct 15:38
@paragonie-scott paragonie-scott
v1.12.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
8228b28
Compare
Choose a tag to compare
Version 1.12.0

  • #100 - Fixed sodium_compat on PHP 5.2.4 - 5.2.17. We now include 5.2 on Travis CI so any changes that would break 5.2 will be caught early.

    • As part of this fix, we now include a SplFixedArray polyfill for PHP 5.2.

  • We now include php74-snapshot on Travis CI (to ensure our code works on PHP 7.4 when it comes out). PHP 8 will be our focus soon after 7.4 is out.

  • Fixed BLAKE2b on 32-bit platforms.

  • The previous fixes in the 1.11 series have been resolved (and hopefully no more Windows weirdness happens).

    If anyone else encounters any weird Windows behavior, please upgrade to the latest patch release for your version of PHP (i.e. PHP 7.3.10 is currently fine to report bugs on while 7.3.9 is not).

  • #98 - Implemented an Ed25519 optimization discovered by Isus Lovecruft in ed25519-dalek.

Assets 4
Loading

Version 1.11.4

18 Oct 15:07
@paragonie-scott paragonie-scott
v1.11.4
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
b7115d0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.11.4

Merged #100 (proposed fix for #101 which was caused trying to fix #99 without being able to reproduce any of the problems caused by some Windows users).

Assets 4
Loading

Version 1.11.3

17 Oct 19:10
@paragonie-scott paragonie-scott
v1.11.3
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
275cca1
Compare
Choose a tag to compare
Version 1.11.3
  • Complete fix for #99
Assets 4
Loading

Version 1.11.2

17 Oct 17:34
@paragonie-scott paragonie-scott
v1.11.2
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
bc07850
Compare
Choose a tag to compare
Version 1.11.2

Workaround for Windows-specific issues with defined() and define().

Assets 4
Loading

Version 1.11.1

12 Sep 12:07
@paragonie-scott paragonie-scott
v1.11.1
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
a9f968b
Compare
Choose a tag to compare
Version 1.11.1
  • Fixed an issue with sodium_base642bin() and sodium_bin2base64() erroneously returning "" when an input was falsy, rather than strictly checking for empty string inputs.
Assets 4
Loading

Version 1.11.0

12 Sep 00:02
@paragonie-scott paragonie-scott
v1.11.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
fee1b6e
Compare
Choose a tag to compare
Version 1.11.0
  • #91, #93, #96 - We now use PHPStan in addition to Psalm in Travis CI
  • #92, #95 - Added missing features from polyfill
    • sodium_add()
    • sodium_base642bin()
    • sodium_bin2base64()
    • sodium_crypto_kdf_derive_from_key()
    • sodium_crypto_kdf_keygen()
    • sodium_crypto_kx_client_session_keys()
    • sodium_crypto_kx_keypair()
    • sodium_crypto_kx_publickey()
    • sodium_crypto_kx_secretkey()
    • sodium_crypto_kx_seed_keypair()
    • sodium_crypto_kx_server_session_keys()
    • sodium_crypto_pwhash_str_needs_rehash()
    • sodium_crypto_secretstream_xchacha20poly1305_keygen()
    • sodium_crypto_secretstream_xchacha20poly1305_init_push()
    • sodium_crypto_secretstream_xchacha20poly1305_push()
    • sodium_crypto_secretstream_xchacha20poly1305_init_pull()
    • sodium_crypto_secretstream_xchacha20poly1305_pull()
    • sodium_crypto_secretstream_xchacha20poly1305_rekey()
    • sodium_crypto_sign_keypair_from_secretkey_and_publickey()
    • sodium_pad()
    • sodium_unpad()
Assets 4
Loading

Version 1.10.1

12 Jul 16:40
@paragonie-scott paragonie-scott
v1.10.1
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
5115fa4
Compare
Choose a tag to compare
Version 1.10.1

This merely exposes an internal API used by the the XChaCha20 RFC test vectors.

Assets 2
Loading

Version 1.10.0

13 May 16:21
@paragonie-scott paragonie-scott
v1.10.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
228a9fc
Compare
Choose a tag to compare
Version 1.10.0

New method:

  • ParagonIE_Sodium_Compat::runtime_speed_test() for estimating if our 32-bit implementation is slow enough to risk timeouts on e.g. Ed25519 verification.
    • Returns TRUE is everything is safe.
    • Returns FALSE if performance is a concern.
Assets 4
Loading