Using sodium_compat slows down requests

[marcusirgens]

Hello, I'm wondering if my system is set up the wrong way or if this library is supposed to force the use of sodium_compat? As far as I can tell from some xdebugging and analysis with Blackfire, when executingVersion2::aeadDecrypt() (here), there is never an attempt to call sodium_crypto_aead_xchacha20poly1305_ietf_decrypt directly, but \ParagonIE_Sodium_Compat::crypto_aead_xchacha20poly1305_ietf_decrypt is used. Modifying that line of code to use the sodium function cuts the cost from 25 ms to 4 ms, with most of that being CPU time.

Am I doing something wrong, or is this an oversight? The sodium_compat documentation seems to specify that calling the library directly with ParagonIE_Sodium_Compat:: is for implementations targetting version below PHP 5.3, but as this library targets PHP 7.0, I can't see how that is relevant.

Thanks!

[paragonie-scott]

I thought the XChaCha20-Poly1305 ciphersuite was omitted from PHP 7.2. Looks like it wasn't. I'll make some modifications to sodium_compat.

[marcusirgens]

Fantastic to hear, @paragonie-scott. Thank you for an awesome library and standard.

[paragonie-scott]

https://github.com/paragonie/sodium_compat/releases/tag/v1.9.0 :)