search

starekrow / lockbox

Encrypted storage with built-in key management facilities
MIT License
95 stars 6 forks source link

polyfill for random_bytes #22

Closed KJLJon closed 6 years ago

KJLJon commented 6 years ago

This is a potential solution to support random bytes. (it is also released under MIT license, and can be required with composer)

see https://github.com/paragonie/random_compat

In regards to

https://github.com/starekrow/lockbox/blob/4af2d72ce277e0a250bf7325ac8d651975b40fb6/src/CryptoCoreBuiltin.php#L70-L80

starekrow commented 6 years ago

I’ve seen paragonie’s polyfill before, and adapted it once before (unfortunately under contract, so that work is pretty much inaccessible now). For this specific purpose it seems like overkill to bring the whole thing in, at least for now. Mainly because the whole point of Lockbox is encryption, so the drivers ought to already have a solid backing library like openssl or libsodium. I think that TODO was an optimistic look to a future where Lockbox\Crypto has relevance beyond CryptoKey.

It actually bothers me quite a bit that the crypto drivers added 6 files to the package, and that PHPUnit ever affected language version support decisions (however temporarily and ephemerily). I think there is a tendency towards class bloat and “dependency creep” that is worth resisting where possible.

KJLJon commented 6 years ago

True, the support should be there since it pretty much depends on a crypto library 😃

As for the 6 files, I'm sure that can be reworked / assumptions can be made, but that would be another gh issue that is named more appropriately.

closing this issue. 😃