Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:126395
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by qa.php.net (Postfix) with ESMTPS id 9BCA91A00BC
	for <internals@lists.php.net>; Thu, 13 Feb 2025 16:40:08 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1739464645; bh=rI7bGH+nCr5u8ibzIkLuJ3RsinT/056OYURTiOW5ymc=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=F63H1LbF88r0Enr0MrZV7L11dWEixnCeBiHxpgCssPLudaaSI574wUjEGMdR2gO7P
	 axuG/K2YTimJExrhdf/YyBK+L39nWYlIgj90ag0Jd9G0xS1SIp7LBc1nz7ezWAot3u
	 BIV6J/3+Z9Rw9KaN2ley6yWax7kxu3nODUHgSZj8cdAz8tojB9f+2BkQuT/y6/XoFl
	 BEb/tVYL7jIeUtuDmkalIPy/IubgSBUABjeBagwcIfVL9Vjbb9B/FwSgmULt6WX53x
	 /i1XG1I2tQQh0S7515TqohiUG+2K0c5OsaBRKKjZm4jetO9WEfSrdcpuFGEq7V/3Sv
	 yJls4ath8d0IA==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id CF0731801D7
	for <internals@lists.php.net>; Thu, 13 Feb 2025 16:37:24 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net
X-Spam-Level: **
X-Spam-Status: No, score=2.1 required=5.0 tests=BAYES_50,DMARC_NONE,
	FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,
	HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,
	SPF_HELO_NONE,SPF_PASS,TRACKER_ID autolearn=no autolearn_force=no
	version=4.0.0
X-Spam-Virus: No
X-Envelope-From: <jakub.php@gmail.com>
Received: from mail-oa1-f49.google.com (mail-oa1-f49.google.com [209.85.160.49])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu, 13 Feb 2025 16:37:24 +0000 (UTC)
Received: by mail-oa1-f49.google.com with SMTP id 586e51a60fabf-2b85d1a9091so543611fac.0
        for <internals@lists.php.net>; Thu, 13 Feb 2025 08:40:07 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1739464806; x=1740069606;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=7XWa19kVxgdcUXV2/mtCgt/lSsMNp7ERvpJkuGnd8RM=;
        b=Z5PRxlsfXmTbTGbkRH+6YvnYCPKp3tiiD++OmoG+XieCDA/RosK9hIqctsdRRfSaIa
         LTJFZId6N5uYHpHI8w37mFNueS+AaoaQQj/s1l7qXNQSYfLzRgtT+hyzVVVEuovtsf0T
         6OFNM02TxPiJuGRn2s4r5fSpE3+kesCtHUOiTDZiUIDpvWOMTd0H90L/xM9eb59ApFKn
         yuygy5GLUzqv/OoPENJdkBruWvaJ5UTEFR/motwmlFqCkCoiBsJ8Z+nbVvPp+xq5EZ27
         l4reuN8La+vdAXekQNgJyPoJwC5fqRIwOQC48jGkBVWqAcVomCcpk8xaKbyy4ff8knbp
         IXbg==
X-Gm-Message-State: AOJu0Yzahe7qc+kFPq95tHOKRnqm7dveMyiku2cTN6cQCq0aWoTfoa1w
	MqytylQ1WZCDCM9iCaMZQGTUVpWX42ko1wCGCpQHdhdsd9lSxIwU0FCRr4gudwfrObo/stcxfEf
	wMaUHsCEbSeZV6I+2jViuRbh0j5jt7msO
X-Gm-Gg: ASbGncurJSPqTGViFBCUvJTJABUJ9LXtxh8UovAfPDEgU8ji6Ok7w8J3Ca7BR4kN38s
	FUcOgkGvhmJjt+jslc6AoTvy4lx5hgG5l5oMcvATIEld+qLFVrmjEKQhfee53GZz+YZgd3g==
X-Google-Smtp-Source: AGHT+IHpMEC6cEpgv79iAMV8hVvM0ouo+QEgeu0HQRRYrcmaIq8dmgXhiP6P63gGRPPr15Yzfqttqz9MRE0VkS8o8xA=
X-Received: by 2002:a05:6870:6981:b0:2b8:f595:2374 with SMTP id
 586e51a60fabf-2b8f5955205mr2736358fac.36.1739464806514; Thu, 13 Feb 2025
 08:40:06 -0800 (PST)
Precedence: bulk
list-help: <mailto:internals+help@lists.php.net
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: internals.lists.php.net
x-ms-reactions: disallow
MIME-Version: 1.0
References: <CAKws9z2-e8YnGbdpp0BJvEBEiEsqHQMzyAo+Vee4naXy5mK40w@mail.gmail.com>
In-Reply-To: <CAKws9z2-e8YnGbdpp0BJvEBEiEsqHQMzyAo+Vee4naXy5mK40w@mail.gmail.com>
Date: Thu, 13 Feb 2025 17:39:54 +0100
X-Gm-Features: AWEUYZneSz1BA4FATTA9aktIGRNFdUGo9Xkk3jxO2TxU3JxvL4Yu159covhn-tA
Message-ID: <CAEKnhAHTpd-REa43pg2E2gVve726g52ZPb4S94BUxgVpv7o4dQ@mail.gmail.com>
Subject: Re: [PHP-DEV] Update OpenSSL Extension to Support KEMs
To: Paragon Initiative Enterprises Security Team <security@paragonie.com>
Cc: PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000e44cdd062e08b56e"
From: bukka@php.net (Jakub Zelenka)

--000000000000e44cdd062e08b56e
Content-Type: text/plain; charset="UTF-8"

Hi,


> We intend to send a pull request later this year
>

Just note that there are some bigger internal changes being done on
separation of backend starting with
https://github.com/php/php-src/commit/d662ab5f08af83297dc64499edf0b79182d79e91
which should ultimately result in usage of custom libctx in OpenSSL 3.x. So
things might be moving around in the next couple of months.

to include PHP functions in the OpenSSL extension that look like this:
>
> function openssl_kem_encaps(OpenSSLAsymmetricKey $pk): array;
>

The name should be more openssl_pkey_encapsulate


>   // 0 -> shared secret (typically 32 bytes)
>   // 1 -> KEM ciphertext for decaps
>

Not really sure if this is good return format. Most functions currently
return additional data by reference which is probably not ideal either but
it would be probably a bit more consistent.


> function openssl_kem_decaps(OpenSSLAsymmetricKey $sk, string
> $kemCiphertext): string;
>   // Returns a shared secret or throws an exception upon decryption
> failure.
>
>
openssl_pkey_decapsulate


> I don't know if this change needs an RFC or not, but I wanted to start the
> discussion just in case.
>
>
We don't usually require RFC unless there would be some objections against
the API. Still makes sense to at least agree on API here and if we don't
agree, then it might need RFC.

Regards

Jakub

--000000000000e44cdd062e08b56e
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>Hi,</div><div class=3D"gmail_quote gmail_quote_contai=
ner"><div dir=3D"ltr" class=3D"gmail_attr"><br></div><blockquote class=3D"g=
mail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204=
,204,204);padding-left:1ex"><div dir=3D"ltr"><div><div style=3D"font-family=
:monospace,monospace"><br></div><div style=3D"font-family:monospace,monospa=
ce">We intend to send a pull request later this year </div></div></div></bl=
ockquote><div><br></div><div>Just note that there are some bigger internal =
changes being done on separation of backend starting with=C2=A0<a href=3D"h=
ttps://github.com/php/php-src/commit/d662ab5f08af83297dc64499edf0b79182d79e=
91">https://github.com/php/php-src/commit/d662ab5f08af83297dc64499edf0b7918=
2d79e91</a> which should ultimately result in usage of custom libctx in Ope=
nSSL 3.x. So things might be moving around in the next couple of months.</d=
iv><div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px=
 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div di=
r=3D"ltr"><div><div style=3D"font-family:monospace,monospace">to include PH=
P functions in the OpenSSL extension that look like this:</div><div style=
=3D"font-family:monospace,monospace"><br></div><div style=3D"font-family:mo=
nospace,monospace">function openssl_kem_encaps(OpenSSLAsymmetricKey $pk): a=
rray;</div></div></div></blockquote><div><br></div><div>The name should be =
more openssl_pkey_encapsulate</div><div>=C2=A0</div><blockquote class=3D"gm=
ail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,=
204,204);padding-left:1ex"><div dir=3D"ltr"><div><div style=3D"font-family:=
monospace,monospace">=C2=A0 // 0 -&gt; shared secret (typically 32 bytes)</=
div><div style=3D"font-family:monospace,monospace">=C2=A0 // 1 -&gt; KEM ci=
phertext for decaps</div></div></div></blockquote><div><br></div><div>Not r=
eally sure if this is good return format. Most functions currently return a=
dditional data by reference which is probably not ideal either but it would=
 be probably a bit more consistent.</div><div>=C2=A0</div><blockquote class=
=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rg=
b(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div><div style=3D"font-f=
amily:monospace,monospace">function openssl_kem_decaps(OpenSSLAsymmetricKey=
 $sk, string $kemCiphertext): string;</div><div style=3D"font-family:monosp=
ace,monospace">=C2=A0 // Returns a shared secret or throws an exception upo=
n decryption failure.</div><div style=3D"font-family:monospace,monospace"><=
br></div></div></div></blockquote><div><br></div><div>openssl_pkey_decapsul=
ate</div><div>=C2=A0</div><blockquote class=3D"gmail_quote" style=3D"margin=
:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"=
><div dir=3D"ltr"><div><div style=3D"font-family:monospace,monospace"></div=
><div style=3D"font-family:monospace,monospace">I don&#39;t know if this ch=
ange needs an RFC or not, but I wanted to start the discussion just in case=
.</div></div><div><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"lt=
r"><br></div></div></div></div></blockquote><div><br></div><div>We don&#39;=
t usually require RFC unless there would be some objections against the API=
. Still makes sense to at least agree on API here and if we don&#39;t agree=
, then it might need RFC.</div><div><br></div><div>Regards</div><div><br></=
div><div>Jakub</div></div></div>

--000000000000e44cdd062e08b56e--