Paul SomeoneElseFeb 16
https://codeberg.org/pkw/libs/src/branch/main/crypt/crypt.c

I'm adding basic secret key handling to my "batteries included"
C repo. It's libsodium.
This is because I want to encrypt and recover secrets that I'll
put into cookies and the like for doing web stuff in chicken scheme.

#c #sodium #libsodium
libs/crypt/crypt.c at main

libs - My "batteries included" type of C codes.

Codeberg.org
stfJan 22
g'damit. why is it that even #ubuntu 25.10 still only has #libsodium v1.0.18? 1.0.20 is even getting stale (actually i just checked v1.0.21 is out since two weeks) and all i need is only 1.0.19, breaks my CI/CD pipeline.
HaskellOrgDec 31

Communication from the #Haskell Cryptography Group: "A vulnerability in #libsodium 's validation of ed25519 elliptic curve points: You are likely not affected"

https://haskell-cryptography.org/blog/libsodium-vulnerability-ed25519-valid-points/

A vulnerability in libsodium's validation of ed25519 elliptic curve points: You are likely not affected | Haskell Cryptography Group

GripNewsDec 30
🌗 libsodium 安全漏洞解析:Frank Denis 的隨筆與省思
➤ 即使是運作 13 年的頂級密碼學函式庫,也難免在座標驗證的細節中百密一疏
https://00f.net/2025/12/30/libsodium-vulnerability/
在 libsodium 專案邁入第 13 年之際,開發者 Frank Denis 分享了該函式庫在長期維持優異安全記錄後,首次發現的一個低階漏洞。這項漏洞源於對 Edwards25519 橢圓曲線點驗證的疏忽,導致某些非主羣(main subgroup)的點被錯誤判定為有效。儘管 libsodium 一向以簡化密碼學操作與 API 穩定性為核心目標,但隨著越來越多開發者將其視為低階演算法工具包,這類底層實作細節的影響力也隨之增加。本文詳細拆解了漏洞成因、技術修正方式,並建議開發者改用 Ristretto255 以從根本上規避此類羣階問題。
+ 沒想到 libsodium 這麼長一段時間都沒有 CVE,這次開發者主動揭露並詳述技術細節,展現了開源專案維護者的專
#密碼學 #資訊安全 #libsodium #開源開發 #漏洞分析
Hacker NewsDec 30

A Vulnerability in Libsodium

https://00f.net/2025/12/30/libsodium-vulnerability/

#HackerNews #Libsodium #Vulnerability #Security #Cybersecurity #OpenSource #TechNews

A vulnerability in libsodium

Libsodium is now 13 years old!

Frank DENIS random thoughts.
Paragon Initiative EnterprisesOct 6

The new sodium_compat releases are out, with improved performance!

https://github.com/paragonie/sodium_compat/releases/tag/v1.23.0

https://github.com/paragonie/sodium_compat/releases/tag/v2.4.0

#php #cryptography #libsodium #crypto

Release Version 1.23.0 · paragonie/sodium_compat

We backported some optimizations from #198 by replacing the array in the Curve25519 field element with 10 integer object properties instead. The result is a 7% to 12% speedup for the overall PHPUni...

GitHub
Paragon Initiative EnterprisesSep 30

New sodium_compat releases.

**Pay attention to the release notes** if you use our polyfill to provide `sodium_base642bin()` with one of thee `*_NO_PADDING` constants.

For modern (PHP 8.1 and newer) systems, v2:

https://github.com/paragonie/sodium_compat/releases/tag/v2.3.0

For legacy (PHP 5.2.4 - 8.0 as well as 8.1+) systems, v1:

https://github.com/paragonie/sodium_compat/releases/tag/v1.22.0

#php #libsodium #cryptography #base64 #polyfill

Release Version 2.3.0 · paragonie/sodium_compat

ImportantThe previous version of sodium_compat was overly permissible with sodium_base642bin() when the *_NO_PADDING variants were specified, which was not compatible with ext-sodium. This has been...

GitHub
Der Große Böse WolffJun 22, 2025

The last 2 weeks I worked on a little project.
I had lots of fun with it.
It's a cache that is tranparently encrypted by default and it has fine-grained access control based on policies. You interact with it via a HTTP API documented with OpenAPI.

In the background it uses the fantastic #libsodium library for password hashing and encryption!
libsodium is very easy to use and I can whole heartedly recommend it!

Maybe it'll be useful to some of you: https://github.com/hw0lff/senke

Have fun! 

GitHub - hw0lff/senke: A transparently encrypted cache accessible via a simple HTTP API. By default, all data is encrypted at rest, and access is controlled through simple, policy-based access control lists.

A transparently encrypted cache accessible via a simple HTTP API. By default, all data is encrypted at rest, and access is controlled through simple, policy-based access control lists. - hw0lff/senke

GitHub
MarekMar 5, 2025

I'm trying my hand at libsodium at the moment, but it can be quite nerve-wracking.

#libsodium

Show threadstfNov 12, 2024

so i documented this whole #brew #libsodium issue here: https://github.com/stef/pysodium/issues/116

and in my perspective this is something that should be fixed by brew and python ctypes, not every downstream module that uses ctypes to bind libraries. thanks for all the insightful inputs to my scream for sanity

Even if libsdoium is installed, the storage location of libsodium cannot be obtained · Issue #116 · stef/pysodium

Hello, I am developing using Mac and Debian.(macOS sonoma 14.5) I installed libsodium, but the search for the line below doesn't work well, and the error message on line 35 is returned. libsodium i...

GitHub