[wp-trac] [WordPress Trac] #45806: Add sodium_compat -- a libsodium-compatible cryptography API for PHP <7.2
WordPress Trac
noreply at wordpress.org
Tue Jan 1 18:22:50 UTC 2019
#45806: Add sodium_compat -- a libsodium-compatible cryptography API for PHP <7.2
------------------------------------------+-----------------------------
Reporter: paragoninitiativeenterprises | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: trunk
Severity: normal | Keywords: has-patch
Focuses: |
------------------------------------------+-----------------------------
Related to the work in #39309, but also related to
[https://threadreaderapp.com/thread/1071538452108316674.html the push to
PHP 7+] (as mentioned by Jenny Wong on Twitter)...
> Sodium is a modern, easy-to-use software library for encryption,
decryption, signatures, password hashing and more.
>
> It is a portable, cross-compilable, installable, packageable fork of
NaCl, with a compatible API, and an extended API to improve usability even
further.
>
Its goal is to provide all of the core operations needed to build higher-
level cryptographic tools.
The Sodium cryptography library was integrated with the PHP core in PHP
7.2 after a unanimous 37-0 vote in favor. It's the ''recommended''
cryptography library for most modern software developers.
----
Sodium_Compat is a pure-PHP implementation of ''most of'' libsodium, that
has been in development for over two years (first commit: Nov 24, 2016)
and has a stable API.
Sodium_Compat functions on both 32-bit and 64-bit systems, Linux and non-
Linux, and was engineered at every level to resist side-channel attacks.
You can learn more about these design considerations
[https://paragonie.com/blog/2017/02/cryptographically-secure-php-
development here].
Caveat: If `PHP_INT_SIZE === 4` its public-key cryptography
implementations are much slower than `PHP_INT_SIZE === 8`, but there's
**no safe way to get around this limitation**.
You can detect this at runtime with
`ParagonIE_Sodium_Compat::polyfill_is_fast()`. This will return TRUE if
the libsodium extension is installed OR `PHP_INT_SIZE === 8`. It will
return FALSE otherwise.
The `pwhash` API was not polyfilled, because it is not possible to
efficiently implement scrypt or Argon2 in pure-PHP.
----
By adding sodium_compat to WordPress in the next major release (5.1 or
5.2), you can guarantee that plugin developers have immediate access to
the polyfilled features. This should make it easier to push for PHP 7.2 as
a minimum supported version in the year 2020, as it enables plugins to be
written for PHP 7 now without breaking old systems.
It also makes the code diff for #39309 much smaller.
The patch adds sodium_compat v1.8.0 to WordPress, but unlike the patches
in #39309, doesn't do anything further. Our patch emphatically does not
touch the auto-updater code at all, so there is no risk of breakage.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/45806>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list