Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:111989
Return-Path: <walterp@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 20286 invoked from network); 2 Oct 2020 20:17:19 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 2 Oct 2020 20:17:19 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id AEFDA18050B
	for <internals@lists.php.net>; Fri,  2 Oct 2020 12:29:46 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-Virus: No
X-Envelope-From: <walterp@gmail.com>
Received: from mail-oo1-f54.google.com (mail-oo1-f54.google.com [209.85.161.54])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Fri,  2 Oct 2020 12:29:43 -0700 (PDT)
Received: by mail-oo1-f54.google.com with SMTP id c4so630606oou.6
        for <internals@lists.php.net>; Fri, 02 Oct 2020 12:29:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
        bh=rT8VjedeCLFFsGRFtV8uTBBb5Hly7BIN7rTT8zv5Qo0=;
        b=cLWKwWP4CrWNN0946PyJ/Vv7pmu1C2rIuGWCxI/T7t6U4+KToXVAygJsAcRtsKS52c
         /r0TCCjEDI03drQXoMpuVfFLfgaXzuWcD1m4BwiYN+mShyUC+R61sW7kflqYvRZFrPPM
         FiC+hrV66G1cSn/erCbPR8J4GB/ZGoDee10Bp9ax+TuIYPW2p2qXdn9lQHx3FQASegaR
         TtqZprTJXxHS0h8E/1fCzvm2Ev5kYHNsSfsgIDcTtd+js03xXwWcPl7OwsAwb3OFJ/la
         MpMnlRyiB2+gAiSCxg5DHr8JLyKRjlxZNcNfemEk8YiO0I6i8U4cqfsZaJKE51zWVa/e
         poYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=rT8VjedeCLFFsGRFtV8uTBBb5Hly7BIN7rTT8zv5Qo0=;
        b=p4BYhF+bYP1l1CCjd4EL1ai2v6cURvZVMww3wygboogAA3XfWUHhXVarXEu8trCCec
         uU9mFFbHTbm5QwbtWg3JPTYgsebefkRmxWrkuVvP9wZY+1EyDi71GhIGLFKHlspiYrYZ
         M6x5rN/zE9aG01m7gCuLEwHN5y5gNKLA06w1+vqcd8GBVH3mkyyE5mjUUyr/NXNV+r5X
         BzIlaiZfOOGpR5PRpi+eDu4DwJ/RlOw057pOyDj/7UPJhRczyGLeVIaqxaeabYBALmCF
         Ua391gRxIDyjJr3azhw2JTaKSs5gZHkvbpcRSDeNyLgGxw/Y0coSGZUywIvVsFg4qY8y
         lRIQ==
X-Gm-Message-State: AOAM532MZhLfAlwSzzCWLNtEsUAJDfMdm7bdGnI7x8+8hsWehb58X23d
	V55/unBQRVXR2GsHfGZ+UscPQMlpBrpAgzeWcgho1gRbVHI=
X-Google-Smtp-Source: ABdhPJz5doXRL6XI5u8ZW78PjtEIp170EU3ubwh8n+LFudW8yPcZDSPmd3n1dq47WOV8FTKohnv2DguWlMkCPFBWvnA=
X-Received: by 2002:a4a:4845:: with SMTP id p66mr3026476ooa.68.1601666979707;
 Fri, 02 Oct 2020 12:29:39 -0700 (PDT)
MIME-Version: 1.0
References: <ME2P282MB02272021544EFDBE6BF44A23F2300@ME2P282MB0227.AUSP282.PROD.OUTLOOK.COM>
 <940131FA-19B3-406C-8982-0AD276FD1879@gmail.com> <CAF+90c8y6dpqMg8s+X-ndQwp52CDL7Q9oHL_DwDQ1OS-k1GR9w@mail.gmail.com>
 <142da816-f3bf-2f05-6147-ccd2117e1dfd@gmail.com> <CALKiJKoJy42Dcftkbwb2iSe-p_A5MsVEk8vKVTtrsn-bg-NWOw@mail.gmail.com>
 <CAEsg9X1S9JMuwnUHMkQ9Nmgz8A8ForVg+O5AZYnYgoRELr7dWA@mail.gmail.com>
In-Reply-To: <CAEsg9X1S9JMuwnUHMkQ9Nmgz8A8ForVg+O5AZYnYgoRELr7dWA@mail.gmail.com>
Date: Fri, 2 Oct 2020 12:29:28 -0700
Message-ID: <CAMPTd_AxrPKzV2LSXDzLqtD5N=jq_dWOCOiNqtRTxn84UYY=kw@mail.gmail.com>
To: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [PHP-DEV] RFC: execution opcode file without php source code file
From: walterp@gmail.com (Walter Parker)

On Fri, Oct 2, 2020 at 10:08 AM David Rodrigues <david.proweb@gmail.com> wrote:
>
> Hello folks,
>
> Instead of an opcode without a php source file, that I imagine is to
> protect the code itself, why not a method to encrypt phar files (not like a
> password). I do not know if exists a secure method to decrypt to execute
> only, without reveals the original source code, but maybe it could be done.
> So opcode could be generated based on encrypted phar to give more speed.
>
>

The flaw with decryption is that the image will have to get the
decryption key from somewhere. The history of the DVD industry over
the past 25 years has shown that getting that key to an untrusted
device and then keeping it secret is much harder than it looks (when
people care enough to go after the key, even hardware locks can be
made to fail). Or look at the phone industry, even phones with
hardware & software locked crypto get broken open.
Note, if the device is trusted, then encryption and decryption are not
needed (as you would then be able to trust the device to not give out
the source code).

Also, note that reverse engineering (decompling) raw binaries is a
thing (there are tools to do that). You need to decide on you threat
model for your code to decide on how much it is worth to lock your
code.

Walter


-- 
The greatest dangers to liberty lurk in insidious encroachment by men
of zeal, well-meaning but without understanding.   -- Justice Louis D.
Brandeis