Comments (7)
Libsodium is included in PHP 7.2, but it does have to be compiled in (or included as a separate yum/apt/etc. package. I strongly recommend using PHP 7.2+ and when I started rebuilding the code almost a year ago I updated SodiumNonceValidator.php and moved all of the tests to use the new sodium functionality. I had also updated the Composer file to require at least PHP 7.2.
The other ED25519 options are still in the code base in case an older version of PHP needs to be supported, but since 5.6 is past EOL, I don't expect I'll update those any time soon.
from sqrl.
Yes it is. Also, if you're following the discussion on grc.com, I found that the php-sodium library doesn't include the verify signature functions, just encrypt and decrypt.
I am working on porting the python ED25519 implementation into PHP, but running into a couple snags (PHP has a few tricks you need to do to perform math with 256 bit integers). I should have an, admittedly slow, implementation up in the next couple days once I get some tests to pass.
I'll push up what I have so far tonight if you'd like to fork it and take a look yourself.
from sqrl.
O nice, started doing that myself 2 min ago (stopping now) :) Btw I have a java port that I'm working on for the android client https://github.com/geir54/ed25519-java. See if you find it useful.
Please push your code and I'll help if I get time :)
from sqrl.
@trianglman is the project still dependent on the libsodium extension? I've been hesitant to put serious effort into the WordPress plugin in the fear that there would be too many cases where the plugin couldn't be used due to this library dependency.
from sqrl.
Libsodium is no longer the only option. My EllipticCurveSignature PECL package https://github.com/trianglman/ellipticCurveSignature can also be used, which only has a soft dependency on OpenSSL (it's not necessary, but does improve performance), however you do still need to get a PECL package installed. Some shared host environments do allow local installation of PECL packages (StackOverflow has good information on how to do that here http://stackoverflow.com/questions/10907679/install-with-pecl-to-local-dir-on-shared-hosting) The PHP only ED25519 code is a third option, but the processing time it takes to do each authentication is really a bit too much to be worthwhile in any production environment.
Depending on the server environment, it may also be possible to include the Python library and call it from a PHP script. I haven't worked on a validator interface to do this, but it should be fairly simple. (https://github.com/trianglman/sqrl/blob/master/src/Trianglman/Sqrl/EcEd25519NonceValidator.php is an example that uses EllipticCurveSignature)
from sqrl.
So I just saw some talk that as of PHP 7.2 libsodium may in fact be included. Also, given that WordPress plugins can call out the minimum PHP version, and of course you can do a check and prevent plugin activation if the PHP version isn't met, then I might actually be able to move in the WordPress plugin for SQRL.
from sqrl.
@geir54 if you don't mind closing this issue? as said, php 5 is EOL and building support for it is a futile effort.
from sqrl.
Related Issues (16)
- Documentation is a bit out of date... HOT 2
- Please tell me how to install HOT 4
- Inclusion in Laravel (v3) bundle HOT 2
- sample.sql? HOT 1
- Need help HOT 2
- Help Needed HOT 6
- Replaced vuk,suk with suk,vuk HOT 2
- Inclusion in Drupal 7 module HOT 2
- Status? HOT 5
- Adding tags to this repository HOT 1
- composer.json for the example
- SQRL configuration MUST be loaded from file?
- ED25519 implementation speed issues HOT 7
- Key Formatting Question HOT 6
- PSR-1/2 HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sqrl.