A large part of what makes libsodium simple is that it does very little.
Some of doing little is great. It does not let you erratically mess with your encryption options, it does not let you apply a bad algorithm, and it does not let you use one algorithm for a task it's badly suited for (well, up to a point).
But some of it is just things the library doesn't do. You can't run a PKI with it, you can't deal with industry-standard file types, and your options for interoperability are just none.
It's really good to make those nice focused libraries that people can actually use. But that doesn't remove the need for kitchen-sink packages that will solve every problem under the Sun.
This is true, but a majority of projects are using this kitchen sink library, poorly, for roughly the same 0.2% of it. Not good.
Thankfully, the situation has improved; at least some old stuff has been moved off into a module in 3.x, and a lot of cruft has been cleaned up. But still, itβs hard to not want to pick a library with reduced scope, if you at all can.
Some of doing little is great. It does not let you erratically mess with your encryption options, it does not let you apply a bad algorithm, and it does not let you use one algorithm for a task it's badly suited for (well, up to a point).
But some of it is just things the library doesn't do. You can't run a PKI with it, you can't deal with industry-standard file types, and your options for interoperability are just none.
It's really good to make those nice focused libraries that people can actually use. But that doesn't remove the need for kitchen-sink packages that will solve every problem under the Sun.