Hi! > My position on the low level nature of libsodium's APIs is as follows: > That sounds like a call to action for > https://wiki.php.net/rfc/php71-crypto rather than a point of concern for > adopting libsodium.
I think there's a bit of misunderstanding here. The low-level nature of the API is not a problem per se - it is a problem that it is both very high level (such as giving functions names like "box" and "securebox" which hardly allow to understand what's going on) and very low level (like functions spelling out specific algorithm used - I can't even remember or type their name :). Even that might be not a problem if there was a clear segregation between them - i.e. there would be low level API space, which is "don't try this at home" part, and higher level API space which is "newbies welcome" part. So maybe it is just namespacing/docs problem. But right now the situation is like this: I am not a crypto expert, but I have dealt with crypto for years, I have taken multiple courses on both theoretical and practical cryptography, if I'm definitely not Ph.D. I can say I am at least B.Sc. and somewhere in the middle of M.Sc. curriculum :) I still am not completely sure how the whole thing works. I understand enough to say the overall goal is admirable and the infrastructure for it in there, but it seems to need some finish. Some better namespacing, more friendly/consistent names, more friendly arguments/defaults, this sort of thing. > Can you count the foot-bullets in that snippet that you'd need to be a > cryptography engineer to successfully avoid? That would be a nice exercise :) > Demo: https://3v4l.org/nYVPf > > Here's a congruent implementation in libsodium: I notice however the recipes in the doc are a bit more verbose... > <?php > /** > * Libsodium > */ > > ## ENCRYPTION ## > > $message = 'Prime Numbers Rock!'; > $bob_public_key = "... populate here ..."; Here's one of the unclear parts - where this key comes from? Do we even have key infrastructure covered? Do we plan to? > paragonie/halite-- I wholeheartedly endorse that discussion. But I don't > think we should try to solve that problem with this particular RFC. That is fine, but then we need a more clear scope definition - what are the goal we try to achieve here? If we add it, what would we tell the users we have and why it is awesome? > In closing, I don't disagree that a simple crypto API is a good goal to > have. I just think the ideal you're discussing is: > > A. Out of scope, and > B. Kind of belittling to how much of an improvement libsodium is to what > we already have. I don't think belittling libsodium was ever the intent. It is certainly admirable work towards an important goal. The question is just is it already ready for PHP core or it needs a little more work. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
