On Thu, Jan 12, 2017 at 5:23 AM, Julien Pauli <jpa...@php.net> wrote:
> On Wed, Jan 11, 2017 at 7:22 PM, Scott Arciszewski <sc...@paragonie.com> > wrote: > >> Hi all, >> >> I'm resurrecting my RFC to add libsodium as a core extension to PHP 7.2. >> >> In response to feedback from Pierre Joye, I've outlined which parts of the >> existing libsodium API I'd like exposed in the core extension. Most >> notably: >> >> - Removed crypto_aead_aes256gcm_* because OpenSSL offers it >> - Removed crypto_aead_chacha20poly1305_* because crypto_aead_* is awaiting >> the CAESAR winner https://competitions.cr.yp.to/caesar.html >> - Removed crypto_pwhash_scryptsalsa208sha256_* because we have Argon2i >> now >> >> If anyone would like to weigh in on this in the next few weeks, I'd >> greatly >> appreciate it. >> >> I'm also developing a polyfill for most of the API features (except >> pwhash): https://github.com/paragonie/sodium_compat >> >> > I guess you are talking about this : https://wiki.php.net/rfc/libsodium > > Huge +1. > > > > What about libsodium usage under Windows ? > I guess under *Nix, we'll rely on the OS shipping of the library , but > that's not the same flavour for Windows, where we usually need to embed, > and maintain the library. > > I see a second vote for the API , PHP is not really a language where > You\Use\Things\Like\That , I'm all +1 to use_things_like_that() instead :-) > > After Mcrypt has been abandonned , we really really need such a library > binding added to Core IMO. > > > Julien.Pauli > Yep, that's the correct URL. > What about libsodium usage under Windows ? > I guess under *Nix, we'll rely on the OS shipping of the library , but > that's not the same flavour for Windows, where we usually need to embed, > and maintain the library. I'll defer to Pierre Joye on the intricacies involved with Windows, as that's a topic I'm mostly unfamiliar with. Sorry I can't offer much more in response to that. Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com/>
