Joomla-cms: JCryptSodium

Hi,

I've already worked with Sodium in Joomla, implementing the library with a plugin for a customer looking for an advanced cryptography solution.

What would be the benefits of integrating it into the core?

It would immediately mean that any Joomla extension can immediately integrate...

• Authenticated public key encryption
• Anonymous public key encryption (sealing APIs)
• Public key digital signatures (over an RFC 7748 curve)
• Authenticated symmetric encryption

...all without having to write their own crypto or install a PHP extension to their production server. (Though if they do have the libsodium extension installed, it will be faster.)

That means that, without adding a significant burden to system administrators everywhere, Joomla itself (or any Joomla product) can immediately depend on these cryptographic features being available. Even on PHP 5.3.10. (The libsodium RFC targets 7.2.)

The motivation for the project in general was outlined here.

There are many libraries that can be added to the CMS, and there are many extensions that implement these libraries in JED.

So, I think JCryptSodium can be also implemented as an extension.

mcrypt is being phased out of PHP core, which is what most of the JCryptCipher classes are based on. libsodium is being proposed for PHP 7.2, which if accepted, would for most intents and purposes be the replacement most should use. So I would say either we implement a compatible adapter for it (wouldn't suggest starting work on that until the RFC finishes voting) or we start phasing out JCrypt in general and stop providing a "core" cryptography API (not like anything in core actually makes use of it anyway).

No matter the result though once the polyfill is reviewed I will be adding the appropriate adapter to the Framework Crypt package.

The vote to include libsodium in core for 7.2 was accepted. So I'd suggest writing the JCryptCipherSodium adapter at least including PHP version checks for that version until the polyfill library has been audited.

@mbabker Any interest in JCryptCipherSodium that utilizes sodium_compat even without an audit?

Yes.

On Sun, Jun 11, 2017 at 12:44 AM Scott notifications@github.com wrote:

@mbabker https://github.com/mbabker Any interest in JCryptCipherSodium
that utilizes sodium_compat even without an audit?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/joomla/joomla-cms/issues/13568#issuecomment-307608268,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoTbmc--npTd6PZis9XbrfM0zCx_3ks5sC36ngaJpZM4LhUNs
.

>

• Michael Please pardon any errors, this message was sent from my iPhone.

At JAB17, there was an interesting session about a possible use case related to secure updates:

JAB17 - Friend or FOE: the software update conundrum

However, the challenges of certificate management at the community level are substantial. Besides, integrating the library itself, we must also take into account the required infrastructure to make it secure at every step (extensions, vaults, CA, etc).

See https://github.com/joomla/joomla-cms/pull/16754