Open ghost opened 2 years ago
Using libsodium gives quite a good improvement on performance, it's around 6 times faster. Libsodium methods are constant-time, so there is no reason to discard them.
Correct. This is a pure-PHP implementation, but libsodium's is faster and you should prefer that over ours.
Note: We might want to update our code to just use libsodium's if it's available. This will require some compatibility testing, of course.
Any updates on this subject?
I'm curious if there is any specific reason that you haven't used
libsodium
for constant-time Base64 generation...