Installation

Compilation on Unix-like systems

Sodium is a shared library with a machine-independent set of headers, so that it can easily be used by 3rd party projects.

The library is built using autotools, making it easy to package.

Installation is trivial, and both compilation and testing can take advantage of multiple CPU cores.

Download a tarball of libsodium, preferably the latest stable version, then follow the ritual:

./configure
make && make check
sudo make install

Since different files are compiled for different CPU classes, and to prevent unwanted optimizations, avoiding link-time optimization (LTO) is recommended.

On Linux, if the process hangs at the make check step, your system PRG may not have been properly seeded. Please refer to the notes in the "Usage" section for ways to address this.

Compilation on Windows

Compilation on Windows is usually not required, as pre-built libraries for MinGW and Visual Studio are available (see below).

However, if you want to compile it yourself, start by cloning the stable branch from the Git repository.

Visual Studio solutions can be then found in the builds/msvc directory.

In order to compile with MingW, run either ./dist-build/msys2-win32.sh or ./dist-build/msys2-win64.sh for Win32 or x64 targets.

Pre-built libraries

Pre-built x86 and x86_64 libraries for Visual Studio 2010, 2012, 2013, 2015 and 2017 are available, as well as pre-built libraries for MinGW32 and MinGW64.

They include header files, as well as static (.LIB) and shared (.DLL) libraries for all the supported compiler versions.

Note for Visual Studio

Projects willing to statically link Sodium must define a macro named SODIUM_STATIC. This will prevent symbol definitions from being referenced with __dllexport.

Cross-compiling

Cross-compilation is fully supported. This is an example of cross-compiling to ARM using the GNU tools for ARM embedded processors:

export PATH=/path/to/gcc-arm-none-eabi/bin:$PATH
export LDFLAGS='--specs=nosys.specs'
export CFLAGS='-Os'
./configure --host=arm-none-eabi --prefix=/install/path
sudo make install

make check can also build the test apps, but these have to be run on the native platform.

Note: --specs=nosys.specs is only required for the ARM compilation toolchain.

Compiling with CompCert

Releases can be compiled using the CompCert compiler.

A typical command-line to compile Sodium on a little endian system with CompCert is:

$ env CC=ccomp CFLAGS="-O2 -fstruct-passing -Usize_t" ./configure && \
make check && sudo make install

Stable branch

We recommend using distribution tarballs over cloning the libsodium git repository, especially since tarballs do not require dependencies such as libtool and autotools.

However, if cloning a git repository happens to be more convenient, the stable branch always contains the latest stable release of libsodium, plus minor patches that will be part of the next version, as well as critical security fixes while new packages including them are being prepared.

Code in the stable branch also includes generated files, and does not require the autotools (libtool, autoconf, automake) to be present.

To check out the stable branch, use:

git clone https://github.com/jedisct1/libsodium --branch stable

Tarballs of the stable code are also available for download, and are recommended if you are compiling libsodium from source.

Getting started

See the quickstart and usage sections to get started!

Integrity checking

Distribution files can be verified with Minisign and the following Ed25519 key:

RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3

Or with GnuPG and the following RSA key:

Reporting vulnerabilities

We encourage users and researchers to use PGP-encrypted emails to transmit confidential details regarding possible vulnerabilities in the Sodium library.

Details should be sent to: j [at] pureftpd [dot] org using the PGP key above.

PreviousIntroduction NextQuickstart and FAQ

Last updated 7 years ago