Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:115923 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 59379 invoked from network); 2 Sep 2021 19:49:56 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 2 Sep 2021 19:49:56 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 670B8180539 for ; Thu, 2 Sep 2021 13:26:13 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_40,DKIM_SIGNED, DKIM_VALID,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2, SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-lf1-f50.google.com (mail-lf1-f50.google.com [209.85.167.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Thu, 2 Sep 2021 13:26:12 -0700 (PDT) Received: by mail-lf1-f50.google.com with SMTP id z2so7044055lft.1 for ; Thu, 02 Sep 2021 13:26:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paragonie-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=rntnLKiCI//4VXQsfqOiekt+te2x2pq/6mI9bkFFpTM=; b=ygz4Y9mG69HlNCVzUATGsLCkog1aKAkjN39P3yoLfZCrq1iIyCB5K6EwJZU8WbC3Xu 7zmmrYD6XfnFmHh9cg/L9clNwBl5prMBLAzlOmzZ8m+05JGY2Q+wkfKUiW+9NGFv/X3L 3805WUm1my7XlfwnUn0ZCczGkIGY6UTa5icF9JUeDv8Jt5lGTUfo2o0+yRGkl/VNEasH V8mTxSGZM9Bnl7SRXSn7CHcmA4izmm//+MNoc7tm62iKcCrvl02Jdlx9hYMQvIpzQtXk AFbBbcwehWfhBVg1EXFdQrFdgCHVQ7ORO63NXFguw799wjaN6AOjwzpjUc/R0XoYWsqH a6jA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=rntnLKiCI//4VXQsfqOiekt+te2x2pq/6mI9bkFFpTM=; b=cWiFVOS3qfia2ek1H7zcQ69gGAejPRwYgzt8ba3qPipvyePtR2ySFo9937sJrjGhSf CNSwNbAd3U18sm08F4wAhsVIUXdjivGBWVqhap1nUe4sdWglok1rtlQT0V2kjNEDKF31 Krvo+7v20qWVO+yPxXetMD/tmdZL1U6xql6HxlrfNxvisjsPiL+2IC9oglAf15FR8x7f m4BJLYW6UOc1ypCMsijJh7IJ0m6HTLd7bBrtDc55P95WEhNYjq0QcNvPqRTTc61wgNMk z3UmargCl+k08+A8dafaDdePPHk6IAMVVl7RfNtL1WX04eJ/SJoCHgf9agFU1UWRmX96 LZUw== X-Gm-Message-State: AOAM531cz9OYqpc0pR3QtRiQzzeX1fwPJhvqjOXP3iaCWaonySXeBsgX V8098npdA6eQACEnH/ZuWQrdJyO/aIAsIq1Ntvd3wJMnyuSAVl76 X-Google-Smtp-Source: ABdhPJyCwKWn1ewjdnfIJh2Xm0iZ0gVPs8+Fw1PfqdTOfhxx+4DkjIpHhj0AeRxO8DuIttnNdXVj1lGGjPnGt2Yjnu8= X-Received: by 2002:a05:6512:2290:: with SMTP id f16mr3990070lfu.525.1630614369164; Thu, 02 Sep 2021 13:26:09 -0700 (PDT) MIME-Version: 1.0 Date: Thu, 2 Sep 2021 16:25:59 -0400 Message-ID: To: PHP Internals Content-Type: multipart/alternative; boundary="0000000000003d731105cb08fee2" Subject: Sodium - Stream Counter API From: security@paragonie.com (Paragon Initiative Enterprises Security Team) --0000000000003d731105cb08fee2 Content-Type: text/plain; charset="UTF-8" The ext-sodium API exposes the following functions: * sodium_crypto_stream(int $len, string $nonce, string $key): string * sodium_crypto_stream_keygen(): string * sodium_crypto_stream_xor(string $message, string $nonce, string $key): string (And the new XChaCha variant landing in PHP 8.1, of course.) This is good for, like, 99% of the use cases for the crypto_stream API. However, there is a missed opportunity: Being able to seek arbitrary starting points in the XSalsa20 or XChaCha20 keystream when encrypting/decrypting data. The underlying libsodium API has a distinct feature for this: Functions with the _ic suffix . Let's add an optional integer argument to the following PHP functions: - sodium_crypto_stream_xor - sodium_crypto_stream_xchacha20_xor The only question I have is: Should this land in 8.1 (it's small and self-contained) or 8.2? --0000000000003d731105cb08fee2--