Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:86370
Return-Path: <yohgaki@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 84411 invoked from network); 25 May 2015 06:10:07 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 25 May 2015 06:10:07 -0000
Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.218.41 as permitted sender)
X-PHP-List-Original-Sender: yohgaki@gmail.com
X-Host-Fingerprint: 209.85.218.41 mail-oi0-f41.google.com  
Received: from [209.85.218.41] ([209.85.218.41:33232] helo=mail-oi0-f41.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id C7/90-50927-BBCB2655 for <internals@lists.php.net>; Mon, 25 May 2015 02:10:04 -0400
Received: by oiww2 with SMTP id w2so51405234oiw.0
        for <internals@lists.php.net>; Sun, 24 May 2015 23:10:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc:content-type;
        bh=Ax2zr3zTY7IApuLpGVFPLyoml8x7XrfS5CPQe9nDODA=;
        b=c+d84u9W6N6oDlG62MA9sr1ghi1PERas52DVARHoTWLf24lZfYRad/ntAS5FuoUqk+
         4EyEj8L6bkMIe8FJu22WWIbX6YlKoHGPkumJC4hRhqvZS1beXWltGXKoXGBWHswxi0z4
         49FbP1J09oP9VZAtpn1bEKa/khfZ+IO372R4+tUsv/VgRnl5i7EA3boWM1ZV7jg90oPH
         rxUnYs4eT1pLIWBZQXl+ksF3tVcExGrW/e2bsD8/Ph4jISAqH8zBC65Wic0MnOFywWLz
         ICLe6k/bzmFBnBP8Klnr2TV1zCz82qJjMySqujJwDrCm60ZRawJ1vbwrsSsS+x8QNxV+
         U9Uw==
X-Received: by 10.182.47.225 with SMTP id g1mr3870123obn.82.1432534201301;
 Sun, 24 May 2015 23:10:01 -0700 (PDT)
MIME-Version: 1.0
Sender: yohgaki@gmail.com
Received: by 10.202.170.196 with HTTP; Sun, 24 May 2015 23:09:20 -0700 (PDT)
In-Reply-To: <CAKws9z0MVb8zAwmyW7ShkOjQOpJLEO_pdA=TnDT47nHa0x+wYQ@mail.gmail.com>
References: <CAKws9z0MVb8zAwmyW7ShkOjQOpJLEO_pdA=TnDT47nHa0x+wYQ@mail.gmail.com>
Date: Mon, 25 May 2015 15:09:20 +0900
X-Google-Sender-Auth: QZLrFJLDUd194hR0BlqSMuFXOCk
Message-ID: <CAGa2bXZ31g4ptJK8iqHuYoMfgTp3ygpgLThgj3f+WQu_quxt2A@mail.gmail.com>
To: Scott Arciszewski <scott@paragonie.com>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=089e0158ada23281b90516e1dce3
Subject: Re: [PHP-DEV] [RFC] [PHP 7.1] libsodium
From: yohgaki@ohgaki.net (Yasuo Ohgaki)

--089e0158ada23281b90516e1dce3
Content-Type: text/plain; charset=UTF-8

Hi Scott,

On Thu, May 21, 2015 at 10:15 AM, Scott Arciszewski <scott@paragonie.com>
wrote:

> Hi Internals Team,
>
> I'm sure everyone is really focused (and excited) for PHP 7.0.0 later this
> year, and many of you might not want to discuss what 7.1.x looks like yet.
>
> The current state of cryptography in PHP is, well, abysmal. Our two main
> choices for handling symmetric cryptography are libmcrypt (collecting dust
> since 2007) and openssl, which lacks a streaming API (e.g. mcrypt_generic)
> and GCM support.
>
> While mcrypt is slowly decomposing in the corner and code is being
> desperately migrated towards openssl in case a critical vulnerability is
> discovered in the abandonware choice, the libsodium extension has been
> growing steadily. Thanks to Remi, it should soon be compatible with both
> PHP 5.x and 7.x (decided at compile-time). The libsodium library itself has
> landed in Debian 8 and Ubuntu 15.04 and adoption is expected to persist by
> the next Ubuntu LTS is released.
>
> I think now is a good time to talk about the possibility of making
> libsodium a core PHP extension, depending on where things are when we near
> the 7.1 feature freeze.
>
> I've just opened an RFC for precisely this purpose:
> https://wiki.php.net/rfc/libsodium
>

These are examples from github

$nonce = Sodium::randombytes_buf(Sodium::CRYPTO_SECRETBOX_NONCEBYTES);
$key = [a binary string that must be CRYPTO_SECRETBOX_KEYBYTES long];
$ciphertext = Sodium::crypto_secretbox('test', $nonce, $key);
$plaintext = Sodium::crypto_secretbox_open($ciphertext, $nonce, $key);

We have coding standard.
https://github.com/php/php-src/blob/master/CODING_STANDARDS

6.  Method names follow the 'studlyCaps' (also referred to as 'bumpy case'
    or 'camel caps') naming convention, with care taken to minimize the
    letter count. The initial letter of the name is lowercase, and each
    letter that starts a new 'word' is capitalized::

    Good:
    'connect()'
    'getData()'
    'buildSomeWidget()'

    Bad:
    'get_Data()'
    'buildsomewidget'
    'getI()'


To include as a core extension, you need standard method names.
Keeping old names as alias is fine for me, but main names should be
standard names.

Regards,

--
Yasuo Ohgaki
yohgaki@ohgaki.net

--089e0158ada23281b90516e1dce3--