Hi Scott, On Mon, Aug 31, 2015 at 10:56 PM, Scott Arciszewski <sc...@paragonie.com> wrote: > > > At the risk of sounding silly, can we just use random_bytes()? :) > > This is about internal calls in OpenSSL so we would have to register our RAND methods. That can be however problematic with potential using of engine API.
> Additionally, I'd like to (for example) be able to use ChaCha20 > instead of RC4. Is that what the (currently undocumented) $method > parameter is for? > > The $method param is for setting a cipher algorithm (the same name that you can pass to openssl_encrypt for example). Only the algorithms returned from openssl_get_cipher_methods() can be used though - atm only the ones with empty IV... Cheers Jakub
