[wp-trac] [WordPress Trac] #45806: Add sodium_compat -- a libsodium-compatible cryptography API for PHP <7.2

WordPress Trac noreply at wordpress.org
Tue Jan 1 18:22:50 UTC 2019


#45806: Add sodium_compat -- a libsodium-compatible cryptography API for PHP <7.2
------------------------------------------+-----------------------------
 Reporter:  paragoninitiativeenterprises  |      Owner:  (none)
     Type:  defect (bug)                  |     Status:  new
 Priority:  normal                        |  Milestone:  Awaiting Review
Component:  General                       |    Version:  trunk
 Severity:  normal                        |   Keywords:  has-patch
  Focuses:                                |
------------------------------------------+-----------------------------
 Related to the work in #39309, but also related to
 [https://threadreaderapp.com/thread/1071538452108316674.html the push to
 PHP 7+] (as mentioned by Jenny Wong on Twitter)...

 > Sodium is a modern, easy-to-use software library for encryption,
 decryption, signatures, password hashing and more.
 >
 > It is a portable, cross-compilable, installable, packageable fork of
 NaCl, with a compatible API, and an extended API to improve usability even
 further.
 >
 Its goal is to provide all of the core operations needed to build higher-
 level cryptographic tools.

 The Sodium cryptography library was integrated with the PHP core in PHP
 7.2 after a unanimous 37-0 vote in favor. It's the ''recommended''
 cryptography library for most modern software developers.

 ----

 Sodium_Compat is a pure-PHP implementation of ''most of'' libsodium, that
 has been in development for over two years (first commit: Nov 24, 2016)
 and has a stable API.

 Sodium_Compat functions on both 32-bit and 64-bit systems, Linux and non-
 Linux, and was engineered at every level to resist side-channel attacks.
 You can learn more about these design considerations
 [https://paragonie.com/blog/2017/02/cryptographically-secure-php-
 development here].

 Caveat: If `PHP_INT_SIZE === 4` its public-key cryptography
 implementations are much slower than `PHP_INT_SIZE === 8`, but there's
 **no safe way to get around this limitation**.

 You can detect this at runtime with
 `ParagonIE_Sodium_Compat::polyfill_is_fast()`. This will return TRUE if
 the libsodium extension is installed OR `PHP_INT_SIZE === 8`. It will
 return FALSE otherwise.

 The `pwhash` API was not polyfilled, because it is not possible to
 efficiently implement scrypt or Argon2 in pure-PHP.

 ----

 By adding sodium_compat to WordPress in the next major release (5.1 or
 5.2), you can guarantee that plugin developers have immediate access to
 the polyfilled features. This should make it easier to push for PHP 7.2 as
 a minimum supported version in the year 2020, as it enables plugins to be
 written for PHP 7 now without breaking old systems.

 It also makes the code diff for #39309 much smaller.

 The patch adds sodium_compat v1.8.0 to WordPress, but unlike the patches
 in #39309, doesn't do anything further. Our patch emphatically does not
 touch the auto-updater code at all, so there is no risk of breakage.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/45806>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list