On Wed, Jan 11, 2017 at 7:22 PM, Scott Arciszewski <sc...@paragonie.com> wrote:
> Hi all, > > I'm resurrecting my RFC to add libsodium as a core extension to PHP 7.2. > > In response to feedback from Pierre Joye, I've outlined which parts of the > existing libsodium API I'd like exposed in the core extension. Most > notably: > > - Removed crypto_aead_aes256gcm_* because OpenSSL offers it > - Removed crypto_aead_chacha20poly1305_* because crypto_aead_* is awaiting > the CAESAR winner https://competitions.cr.yp.to/caesar.html > - Removed crypto_pwhash_scryptsalsa208sha256_* because we have Argon2i now > > If anyone would like to weigh in on this in the next few weeks, I'd greatly > appreciate it. > > I'm also developing a polyfill for most of the API features (except > pwhash): https://github.com/paragonie/sodium_compat > > I guess you are talking about this : https://wiki.php.net/rfc/libsodium Huge +1. What about libsodium usage under Windows ? I guess under *Nix, we'll rely on the OS shipping of the library , but that's not the same flavour for Windows, where we usually need to embed, and maintain the library. I see a second vote for the API , PHP is not really a language where You\Use\Things\Like\That , I'm all +1 to use_things_like_that() instead :-) After Mcrypt has been abandonned , we really really need such a library binding added to Core IMO. Julien.Pauli
