search

paragonie / paseto

Platform-Agnostic Security Tokens
https://paseto.io
Other
3.24k stars 108 forks source link

Split sodium_compat lib to distinguish Util from Polyfill #111

Closed Slamdunk closed 3 years ago

Slamdunk commented 4 years ago

Hi, I've started using this library, and I want only the most modern technologies to be used. So first I've read the doc, that says in 01-Protocol-Versions:

Version 1 is recommended only for legacy systems that cannot use modern cryptography.

Nice, I got directly into Version2 so.

After that, I've checked what I can strip out to double-check no old technology is used.

Looking into the composer.json I've found two external dependencies:

  1. phpseclib/phpseclib: only used in V1 and I use V2, so no need for this https://github.com/paragonie/paseto/blob/fa662c687f6dcdc3ae177ca3bdcae405cf6d6d89/src/Protocol/Version1.php#L31
  2. paragonie/sodium_compat: "PHP polyfill for the Sodium cryptography library (libsodium)", but I have libsodium, so no need for this neither

So I've added both dependencies to my composer.json in the replace topic:

    "replace": {
        "paragonie/sodium_compat": "*",
        "phpseclib/phpseclib": "*"
    },

This is a hardcore way to NOT install dependencies I don't want.

I'd expect everything to still work as expected, but when I try to sign a token I get:


  [Error] Class 'ParagonIE_Sodium_Core_Util' not found

#1  /var/www/html/vendor/paragonie/paseto/src/Util.php:120
#2  /var/www/html/vendor/paragonie/paseto/src/Protocol/Version2.php:190
#3  /var/www/html/vendor/paragonie/paseto/src/Builder.php:457

It appears that there are many hard-coded references to the polyfill library:

$ rg ParagonIE_Sodium_ vendor/paragonie/
vendor/paragonie/paseto/src/Util.php
120:        $accumulator = \ParagonIE_Sodium_Core_Util::store64_le(\count($pieces) & PHP_INT_MAX);
123:            $accumulator .= \ParagonIE_Sodium_Core_Util::store64_le($len & PHP_INT_MAX);

vendor/paragonie/paseto/src/Protocol/Version2.php
282:                \ParagonIE_Sodium_Compat::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES
288:            \ParagonIE_Sodium_Compat::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES
290:        $ciphertext = \ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_encrypt(
336:            \ParagonIE_Sodium_Compat::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES
340:            \ParagonIE_Sodium_Compat::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES,
341:            $len - \ParagonIE_Sodium_Compat::CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES
343:        return \ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt(

I may appear paranoid, but I'd prefer to rely on an extension much more than a library.

So, what I'm asking here (maybe wrong place, but this all started here):

  1. May we have a separate package for ParagonIE_Sodium_Core_Util which, except for ParagonIE_Sodium_Compat::$fastMult, isn't strictly related to libsodium?
  2. ~May we use libsodium constants/functions in this library, and update paragonie/sodium_compat to be a proper polyfill, which in theory should not autoload anything where libsodium is present?~ Solved by https://github.com/paragonie/paseto/pull/112
paragonie-security commented 3 years ago

We'll do this for #128.

paragonie-security commented 3 years ago

This will be resolved when #128 is merged, which will culminate in a new major version for this library.