Closed KJLJon closed 6 years ago
I’ve seen paragonie’s polyfill before, and adapted it once before (unfortunately under contract, so that work is pretty much inaccessible now). For this specific purpose it seems like overkill to bring the whole thing in, at least for now. Mainly because the whole point of Lockbox is encryption, so the drivers ought to already have a solid backing library like openssl or libsodium. I think that TODO was an optimistic look to a future where Lockbox\Crypto has relevance beyond CryptoKey.
It actually bothers me quite a bit that the crypto drivers added 6 files to the package, and that PHPUnit ever affected language version support decisions (however temporarily and ephemerily). I think there is a tendency towards class bloat and “dependency creep” that is worth resisting where possible.
True, the support should be there since it pretty much depends on a crypto library 😃
As for the 6 files, I'm sure that can be reworked / assumptions can be made, but that would be another gh issue that is named more appropriately.
closing this issue. 😃
This is a potential solution to support random bytes. (it is also released under MIT license, and can be required with composer)
see https://github.com/paragonie/random_compat
In regards to
https://github.com/starekrow/lockbox/blob/4af2d72ce277e0a250bf7325ac8d651975b40fb6/src/CryptoCoreBuiltin.php#L70-L80