Pure PHP polyfill for ext/sodium
Full Changelog: https://github.com/paragonie/sodium_compat/compare/v2.0.0...v2.0.1
Full Changelog: https://github.com/paragonie/sodium_compat/compare/v1.21.0...v1.21.1
Please [read this blog post]((https://paragonie.com/blog/2024/04/release-sodium-compat-v2-and-future-our-polyfill-libraries) for more information.
While this is not the final v1.x release, we will be releasing a new major version soon. See the updated major version policy in our readme for specific guidance.
Beyond that, this is a bog standard feature release. It contains no security fixes, but additional features (including the AEGIS AEAD mode used by libsodium, expected to land in PHP 8.4).
Full Changelog: https://github.com/paragonie/sodium_compat/compare/v1.20.1...v1.21.0
@covers
tag by @jrfnl in https://github.com/paragonie/sodium_compat/pull/164
Full Changelog: https://github.com/paragonie/sodium_compat/compare/v1.20.0...v1.20.1
Full Changelog: https://github.com/paragonie/sodium_compat/compare/v1.19.0...v1.20.0
If you had a specific bit pattern in your Poly1305 key and ciphertext, you would generate an invalid authentication tag. This was caught by the ChaCha20-Poly1305 tests included in Project Wycheproof.
We don't believe this is a security issue because:
Additionally, if you turned fast multiplication on, you would have not triggered the bug at all.
This slows down our Poly1305 implementation slightly.
$ignore
parameter to sodium_hex2bin()
polyfill
autoload-fast.php
include path issue with Wordfence plugin for WordPressEd25519
is included, so too is the class it inherits from.sodium_crypto_stream_xchacha20_xor_ic()