libsodium – Easy-to-use Software Library For Encryption

Outsmart Malicious Hackers


Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further.

libsodium - Easy-to-use Software Library For Encryption


Its goal is to provide all of the core operations needed to build higher-level cryptographic tools. Sodium supports a variety of compilers and operating systems, including Windows (with MingW or Visual Studio, x86 and x64), iOS, Android, as well as Javascript and Webassembly.

Installing libsodium Software Library for Encryption

Sodium is a shared library with a machine-independent set of headers, so that it can easily be used by 3rd party projects. The library is built using autotools, making it easy to package. Installation is trivial, and both compilation and testing can take advantage of multiple CPU cores.

Download a tarball of libsodium, preferably the latest stable version, then follow the ritual:

Since different files are compiled for different CPU classes, and to prevent unwanted optimizations, avoiding link-time optimization (LTO) is recommended. On Linux, if the process hangs at the make check step, your system PRG may not have been properly seeded. Please refer to the notes in the “Usage” section for ways to address this.


Using libsodium Encryption Library

A project using libsodium should include the sodium.h header. Including individual headers is neither required nor recommended.

The sodium_init() function should then be called before any other function. It is safe to call sodium_init() multiple times, or from different threads; it will immediately return 1 without doing anything if the library had already been initialized.

Something related is:

Wycheproof – Test Crypto Libraries Against Known Attacks

You can download libsodium here:

libsodium-1.0.16.tar.gz

Or you can read more here.

Posted in: Cryptography


Latest Posts:


CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.
MyEtherWallet DNS Hack Causes 17 Million USD User Loss MyEtherWallet DNS Hack Causes 17 Million USD User Loss
Big news in the crypto scene this week was that the MyEtherWallet DNS Hack that occured managed to collect about $17 Million USD worth of Ethereum in just a few hours.


Comments are closed.