Hi! > For instance nonce arguments ... > > $nonce = randombytes_buf(CRYPTO_SECRETBOX_NONCEBYTES); > crypto_secretbox(...
Speaking of which, what about just passing null there (or make it optional) that would make the function generate a new random nonce of suitable size? It's BTW would be very annoying to watch each time to use nonce of the suitable size and would produce a lot of bugs. Not talking about having to type CRYPTO_AEAD_CHACHA20POLY1305_IETF_NPUBBYTES and distinguish it from CRYPTO_AEAD_CHACHA20POLY1305_NPUBBYTES. > randombytes_uniform() has a weird name that does not really tell what it > does. random_int_uniform() would be better and match the existing > random_int() function. We don't really need the uniform part if we don't have the non-uniform one. If the only one we get is uniform, and it's the one we actually want, we should not spell it out in the name - we should name it something like random_int or random_range or random_between and explain in the docs that yes, it's the uniform one and it's the only you get because uniform is awesome. > Again, I really like the goal but I don't think that the current > proposal meets it. I also understand the desire to have it in 7.1 but it > is the same problem as in every company: rushing is bad! Once released > we're done. We cannot remove it anymore, we cannot change it anymore, we > have to live with it. All because we wanted something better but too fast. Hear, hear! -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
