On Mon, Feb 2, 2015 at 2:30 PM, Daniel Lowrey <rdlow...@php.net> wrote:
> > The extra params aren't really _that_ bad.
>
> Okay, I'd like to reset the conversation a bit here. It's clear that the
> current API does not fit the problem domain very well. Tacking on more
> parameters only creates a bigger mess. Six parameters to a stateless
> function call is a completely incoherent API. It's unusable without
> consulting the manual. I think we need a completely different approach. Let
> me propose something else that won't break BC in any release and results in
> an API that's actually sane:
>
> class CryptoContext {
> private $mode;
> private $password;
> function __construct($mode, $password) {
> $this->mode = $mode;
> $this->password = $password;
> }
> function encrypt($data) {
> // ...
> return $encryptedData;
> }
> function decrypt($data) {
> // ...
> return $decryptedData;
> }
> function setOption($option, $value) {
> // ...
> }
> // more methods here to do anything you need
> }
>
> Thoughts on a stateful object API here? Personally I find this much more
> coherent than anything that's been proposed so far and it could be
> implemented without affecting existing functionality.
>
This is sort of what I was trying to do in crypto ext. I ended up with
something like this:
https://github.com/bukka/php-crypto#php-definition-for-the-classes which is
a bit simillar to your proposal and it already works as a bonus :). I'm not
sure if it makes sense to duplicate an effort and do the same thing (and
also call it Crypto which would be quite confusing...) in openssl ext which
is just functional extension. As I said the crypto extension is still in
pecl dev stability so I'm open any changes in it.
If we want to add a cipher context API to openssl ext, then I think that it
would be much better to use a functional API as openssl_pkey_* to keep ti
consistent.
Cheers
Jakub
