This release includes all the changes from 1.0.18-stable, as well as two additions:
New AEADs: AEGIS-128L and AEGIS-256 are now available in the crypto_aead_aegis128l_*() and crypto_aead_aegis256_*() namespaces. AEGIS is a family of authenticated ciphers for high-performance applications, leveraging hardware AES acceleration on x86_64 and aarch64. In addition to performance, AEGIS ciphers have unique properties making them easier and safer to use than AES-GCM. They can also be used as high-performance MACs.
The HKDF key derivation mechanism, required by many standard protocols, is now available in the crypto_kdf_hkdf_*() namespace. It is implemented for the SHA-256 and SHA-512 hash functions.
The osx.sh build script was renamed to macos.sh.
Support for android-mips was removed.
From 1.0.18-stable:
Visual Studio: support for Windows/ARM64 builds has been added.
Visual Studio: AVX512 implementations are enabled on supported CPUs.
Visual Studio: an MSVC 2022 solution was added.
Apple XCFramework: support for VisionOS was added.
Apple XCFranework: support for Catalyst was added.
Apple XCFramework: building the simulators is now optional.
iOS: bitcode is not generated any more, as it was deprecated by Apple.
watchOS: support for arm64 was added.
The Zig toolchain can now be used as a modern build system to replace autoconf/automake/libtool/make/ccache and the compiler. This enables faster compilation times, easier cross compilation, and static libraries optimized for any CPU.
The Zig toolchain is now the recommended way to compile libsodium to WebAssembly/WASI(X).
libsodium can now be added as a dependency to Zig projects.
Memory fences were added to remove some gadgets that could be used alongside speculative loads.
The AES-GCM implementation was completely rewritten. It is now faster, and also available on aarch64, including Windows/ARM64.
Compatibility with CET instrumentation / IBT / Shadow Stack was added.
Emscripten: the crypto_pwhash_*() functions have been removed from Sumo builds, as they reserve a substantial amount of JavaScript memory, even when not used.
Benchmarks now use CLOCK_MONOTONIC if possible.
WebAssembly: tests can now run using Bun, WasmEdge, Wazero, wasm3 and wasmer-js. Support for WAVM and Lucet have been removed, as these projects have reached EOL.
.NET: the minimum supported macOS version is now 1.0.15; this matches Microsoft guidelines.
.NET: all the packages are now built using Zig, on all platforms. This allows us to easily match Microsoft's requirements, including supported glibc versions. However, on x86_64, targets are expected to support at least the AVX instruction set.
.NET: packages for ARM64 are now available.
C23 memset_explicit() is now used, when available.
Compilation now uses -Ofast or -O3 instead of -O2 by default.
Portability improvements to help compile libsodium to modern game consoles.
JavaScript: a default unhandledRejection handler is not set any more.