Hi,
I like Anthony's idea of a crypto framework (abstracting away whatever
underlying library is actually used). Not sure yet how this could be
implemented though.
For what it's worth, I started playing with libtomcrypt (yet another
crypto API) a few weeks ago as an attempt to replace the
Hi Scott,
On Mon, May 25, 2015 at 6:42 PM, Scott Arciszewski sc...@paragonie.com
wrote:
How should we reconcile your standard recommendations with NaCl proper and
how libsodium is used in other languages?
I'll try to loop Frank Denis in on this conversation again, but any
specific
On 26/05/2015 23:52, Scott Arciszewski wrote:
That's fair, and one of the reasons I wanted to make ext/libsodium part of
the core was so that segueing into a PDO-style cryptography API would be
more natural. Instead of wrap openssl and maybe wrap libsodium if it's
already installed it would be
Scott,
On Wed, May 20, 2015 at 9:15 PM, Scott Arciszewski sc...@paragonie.com wrote:
Hi Internals Team,
I'm sure everyone is really focused (and excited) for PHP 7.0.0 later this
year, and many of you might not want to discuss what 7.1.x looks like yet.
The current state of cryptography in
That's fair, and one of the reasons I wanted to make ext/libsodium part of
the core was so that segueing into a PDO-style cryptography API would be
more natural. Instead of wrap openssl and maybe wrap libsodium if it's
already installed it would be wrap what the language already has.
Am I
Hi Scott,
On Thu, May 21, 2015 at 10:15 AM, Scott Arciszewski sc...@paragonie.com
wrote:
Hi Internals Team,
I'm sure everyone is really focused (and excited) for PHP 7.0.0 later this
year, and many of you might not want to discuss what 7.1.x looks like yet.
The current state of
How should we reconcile your standard recommendations with NaCl proper and
how libsodium is used in other languages?
I'll try to loop Frank Denis in on this conversation again, but any
specific objections (esp. bikeshedding) would probably be best moved
towards new issues on the
I don't think that's a good idea. There are already production systems that
call it like \Sodium::function_here().
I'm not an extension developer; I don't know what level of effort would
even be required to refactor it from a class with static methods to a
namespace with functions.
And when you
On 21/05/15 09:49, Peter Petermann wrote:
Hi Scott,
I personally think the RFC is a bit short,
also I just had a very brief look at the documentation of the
extension in
question, and find its API a bit strange,
whats up with having everything in static method calls?
regards,
PP
On 21.05.2015 03:15, Scott Arciszewski wrote:
I've just opened an RFC for precisely this purpose:
https://wiki.php.net/rfc/libsodium
From https://github.com/jedisct1/libsodium-php :
// Binary to hexadecimal
$hex = Sodium::sodium_bin2hex($bin);
// Hexadecimal to binary
$bin =
Hi Scott,
I personally think the RFC is a bit short,
also I just had a very brief look at the documentation of the extension in
question, and find its API a bit strange,
whats up with having everything in static method calls?
regards,
PP
2015-05-21 3:15 GMT+02:00 Scott Arciszewski
Hi Internals Team,
I'm sure everyone is really focused (and excited) for PHP 7.0.0 later this
year, and many of you might not want to discuss what 7.1.x looks like yet.
The current state of cryptography in PHP is, well, abysmal. Our two main
choices for handling symmetric cryptography are
12 matches
Mail list logo
