libsodium: Update to version 1.0.22
Commit Message
- Update from version 1.0.21 to 1.0.22
- Update of rootfile
- Patch fix for arm build has been integrated into the tarball in this version
- Changelog
1.0.22
- Post-quantum key encapsulation is now available. ML-KEM768, the
NIST-standardized lattice-based KEM, is accessible through the
`crypto_kem_mlkem768_*()` functions.
- X-Wing, a hybrid KEM combining ML-KEM768 with X25519 for protection
against both classical and quantum adversaries, is available through the
`crypto_kem_*()` functions. X-Wing is the recommended KEM for most
applications.
- SHA-3 hash functions are now available as `crypto_hash_sha3256_*()`
and `crypto_hash_sha3512_*()`, with both one-shot and streaming APIs.
1.0.21-stable
- Performance: NEON optimizations for Argon2 on ARM platforms.
- Performance: SHA3 (Keccak1600) now leverages ARM SHA3 instructions when
available on ARM platforms.
- Performance: WebAssembly SIMD implementations of Argon2 have been added.
- Emscripten: LTO is now disabled. With Emscripten 4, LTO produced
WebAssembly modules with functions that ran significantly slower than
without it.
- Emscripten: a new option allows compilation with SIMD support.
- Emscripten: native ESM module generation is now supported.
- JavaScript sumo builds now allow up to 80 MiB memory usage, so that
`crypto_pwhash` with the interactive settings can be used in pure
JavaScript, not just WebAssembly.
- XOF state alignment has been relaxed.
- `crypto_core_keccak1600_state` has been added.
- Export missing `crypto_ipcrypt_nd_keygen()` helper function.
- `crypto_auth_hmacsha256_init` and `crypto_auth_hmacsha512_init` now
accept NULL key pointers (with a zero key length), for consistency with
other `_init` functions.
- apple-xcframework: headers are now in a Clibsodium subdirectory
to prevent module.modulemap collisions with other xcframeworks.
- Fixed compilation with GCC on aarch64 and gcc 4.x.
- On aarch64, aes256-gcm is now enabled even when not using clang,
including MSVC.
- Added compatibility with Visual Studio 2026 when toolsets do not
define PlatformToolsetVersion.
- Libsodium can be directly used as a dependency in a Zig project.
- Performance of MSVC builds has been improved.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/libsodium | 6 +++-
lfs/libsodium | 7 ++--
..._fix_compilation_with_GCC_on_aarch64.patch | 33 -------------------
3 files changed, 8 insertions(+), 38 deletions(-)
delete mode 100644 src/patches/libsodium-1.0.21_fix_compilation_with_GCC_on_aarch64.patch
@@ -25,12 +25,16 @@
#usr/include/sodium/crypto_generichash_blake2b.h
#usr/include/sodium/crypto_hash.h
#usr/include/sodium/crypto_hash_sha256.h
+#usr/include/sodium/crypto_hash_sha3.h
#usr/include/sodium/crypto_hash_sha512.h
#usr/include/sodium/crypto_ipcrypt.h
#usr/include/sodium/crypto_kdf.h
#usr/include/sodium/crypto_kdf_blake2b.h
#usr/include/sodium/crypto_kdf_hkdf_sha256.h
#usr/include/sodium/crypto_kdf_hkdf_sha512.h
+#usr/include/sodium/crypto_kem.h
+#usr/include/sodium/crypto_kem_mlkem768.h
+#usr/include/sodium/crypto_kem_xwing.h
#usr/include/sodium/crypto_kx.h
#usr/include/sodium/crypto_onetimeauth.h
#usr/include/sodium/crypto_onetimeauth_poly1305.h
@@ -75,5 +79,5 @@
#usr/lib/libsodium.la
#usr/lib/libsodium.so
usr/lib/libsodium.so.26
-usr/lib/libsodium.so.26.3.0
+usr/lib/libsodium.so.26.4.0
#usr/lib/pkgconfig/libsodium.pc
@@ -24,10 +24,10 @@
include Config
-VER = 1.0.21
+VER = 1.0.22
THISAPP = libsodium-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = df68159bbf0b5198ab185e93857b4f07af1d4aa7ffd178b7cb78ff5b020b6ee93ab5c3e71f59812b79906ff4df19e42845435c2bc22bbe8b0a0804076b0ddd05
+$(DL_FILE)_BLAKE2 = 054878d42c67a5bb0e65adea6746668cd768e3650a164e3b33b8d68361a824fa37f7cadd8cce60f4ba5a25921f4910380b8ea95992c2b4c34160937005277cd4
install : $(TARGET)
@@ -73,7 +73,6 @@ $(subst %,%_BLAKE2,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/libsodium-1.0.21_fix_compilation_with_GCC_on_aarch64.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--disable-static
deleted file mode 100644
@@ -1,33 +0,0 @@
-diff --git a/src/libsodium/crypto_ipcrypt/ipcrypt_armcrypto.c b/src/libsodium/crypto_ipcrypt/ipcrypt_armcrypto.c
-index c5a27e92ec..bad4ce3898 100644
---- a/src/libsodium/crypto_ipcrypt/ipcrypt_armcrypto.c
-+++ b/src/libsodium/crypto_ipcrypt/ipcrypt_armcrypto.c
-@@ -37,7 +37,7 @@ typedef uint64x2_t BlockVec;
- # define XOR128_3(a, b, c) veorq_u64(veorq_u64((a), (b)), (c))
- # define SET64x2(a, b) vsetq_lane_u64((uint64_t) (a), vmovq_n_u64((uint64_t) (b)), 1)
- # define BYTESHL128(a, b) \
-- vreinterpretq_u64_u8(vextq_s8(vdupq_n_s8(0), vreinterpretq_s8_u64(a), 16 - (b)))
-+ vreinterpretq_u64_u8(vextq_u8(vdupq_n_u8(0), vreinterpretq_u8_u64(a), 16 - (b)))
-
- # define AES_XENCRYPT(block_vec, rkey) \
- vreinterpretq_u64_u8( \
-@@ -348,12 +348,12 @@ pfx_set_bit(uint8_t ip16[16], const unsigned int bit_index, const uint8_t bit_va
- static void
- pfx_shift_left(uint8_t ip16[16])
- {
-- BlockVec v = LOAD128(ip16);
-- const BlockVec shl = vshlq_n_u8(vreinterpretq_u8_u64(v), 1);
-- const BlockVec msb = vshrq_n_u8(vreinterpretq_u8_u64(v), 7);
-- const BlockVec zero = vdupq_n_u8(0);
-- const BlockVec carries = vextq_u8(vreinterpretq_u8_u64(msb), zero, 1);
-- v = vreinterpretq_u64_u8(vorrq_u8(shl, carries));
-+ BlockVec v = LOAD128(ip16);
-+ const uint8x16_t shl = vshlq_n_u8(vreinterpretq_u8_u64(v), 1);
-+ const uint8x16_t msb = vshrq_n_u8(vreinterpretq_u8_u64(v), 7);
-+ const uint8x16_t zero = vdupq_n_u8(0);
-+ const uint8x16_t carries = vextq_u8(msb, zero, 1);
-+ v = vreinterpretq_u64_u8(vorrq_u8(shl, carries));
- STORE128(ip16, v);
- }
-
-