Closed paragonie-scott closed 7 years ago
it seems like some other libraries just refuse to work if the func_overload is set. To me that seems like it should be an acceptable option?
That's a lazy option. Look at this, instead.
Anyway, I've decided to write a vendor-agnostic 2FA library so it doesn't really matter to me what decision you make, as it won't end up in any of my systems. :)
To reproduce these failures:
Solution: This constant-time encoding library offers two interfaces that will be useful:
Binary
for thesafeStrlen()
andsafeSubstr()
methods.Base64UrlSafe
which converts to/from the Base64UrlSafe alphabet as defined in RFC 4648Errors below: