paragonie-scott
commented
9 years ago $crypto = new \PCO\Asymmetric('openssl'); // should work, but
$crypto = new \PCO\Asymmetric('openssl:cipher=AES'); // should this fail?Closed paragonie-scott closed 8 years ago
paragonie-scott
commented
9 years ago $crypto = new \PCO\Asymmetric('openssl'); // should work, but
$crypto = new \PCO\Asymmetric('openssl:cipher=AES'); // should this fail?
ircmaxell
commented
9 years ago I would have it fail, if only for not specifying the variant of AES (should be openssl:cipher=AES-128)
paragonie-scott
commented
9 years ago I've updated the OP. That makes more sense than separating the keysize out as a second option.
$crypto = new \PCO\Asymmetric('openssl'); // should work, but
$crypto = new \PCO\Asymmetric('openssl:cipher=AES-128'); // should this fail?
AshleyPinner
commented
9 years ago @ircmaxell What about making it assume you want AES-128 and throw a notice?
ircmaxell
commented
9 years ago I wouldn't raise a notice. If we want to default to AES-128, that's fine. Just make that the default.
paragonie-scott
commented
9 years ago Updated the OP. I agree that AES should map to AES-128 since simply "openssl" is a sane default.
Since we are using DSN-like strings for the constructor, we should decide how they behave.
":cipher=AES-256;mode=GCM"should use whatever driver allowsaes-256-gcmor throw an exception if none are available"openssl:cipher=AES-256;mode=GCM"should use specifically openssl foraes-256-gcm, and throw an exception ifopensslis not installed"libsodium"should use libsodium (or throw an exception if it's not installed) in the default configuration"openssl"should use openssl in a secure, sane default"openssl:cipher=AES-128;mode=ECB"should throw an exception because we do not allow secure modes"openssl:cipher=AES"should useaes-128-ctrwithHMAC-SHA-256"openssl:cipher=AES-128;hash=SHA256"should useaes-128-ctrwithHMAC-SHA-256Thoughts or contrary positions are welcome.