lvh
commented
10 years ago For now, libsodium + caesium appears to be our best option for now:
- Not redesigning secretbox is better than redesigning secretbox.
- buddy/BouncyCastle doesn't support BLAKE2, meaning that we either use a (much slower) Java implementation, or a (also much slower) HKDF implementation.
While the crypto namespace defines all the necessary protocols (KDF, encryption scheme), it hardly explores all the implementations for those options.
For example, we're currently using caesium in order to get libsodium's secretbox construct. That's great, but relies on libsodium being available. If we used buddy (which we already use because of it's URL-safe base64 implementation), we could still have a comparable cryptosystem (ChaCha20 + Poly1305), based on BouncyCastle instead of libsodium, and be JVM-only (no jnr-ffi).