Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:126396
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by qa.php.net (Postfix) with ESMTPS id B7F801A00BC
	for <internals@lists.php.net>; Thu, 13 Feb 2025 17:16:18 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1739466815; bh=d24/x2RuUJh5X0919EVbGuUR4SMQQfxOGckC9TGWMTA=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=CMkaX/elvkRQdpt1KBkETOnjJiMZl0PCE1e0Xs9/69myI42K8vr32nY7RSsm6UDkJ
	 yHSk9wn5eJCoat+5yepeM37X/r5PYIy0rOQfFXcu3Q8Td/a7jHXZaxIrvcmFk94vuQ
	 8BoTJCsBak3fwF9GZLQ2cDtBBfs2qftFnGddS4ogGyj+iD/jQYdvbAjCNqfZfkGnrh
	 m2RnNeYE83mC0idouAbg2LVxBt3/3erAs+KYjKNqAvDSrBLq3sMd0AHw5icbULKCxk
	 jAGufhPoBzrdEPcYtksS66/4vwj+oNLraSpLvSCdPKU39cnjkSY7c003bgG9GelVDx
	 ElylRgGqek0kg==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id E35591801DA
	for <internals@lists.php.net>; Thu, 13 Feb 2025 17:13:34 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_50,DMARC_NONE,
	FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,
	HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=4.0.0
X-Spam-Virus: No
X-Envelope-From: <jakub.php@gmail.com>
Received: from mail-oa1-f44.google.com (mail-oa1-f44.google.com [209.85.160.44])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu, 13 Feb 2025 17:13:34 +0000 (UTC)
Received: by mail-oa1-f44.google.com with SMTP id 586e51a60fabf-2a9ef75a20dso1216290fac.2
        for <internals@lists.php.net>; Thu, 13 Feb 2025 09:16:17 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1739466977; x=1740071777;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=d24/x2RuUJh5X0919EVbGuUR4SMQQfxOGckC9TGWMTA=;
        b=KdlpwObNrFXlZKgCjV8ohK/J8n3z4o0za+TJb5oEdgK2FMmmSHT00NKagI+2pTqTng
         V+XGOJJg4f4cVMRwH387jImzjvnatOJc/jpTDMgwsV7To9SnLcY3otbTYgtw7apIPEBA
         Zj0XfXs4z2FjYeoTnXuSMG+5I57xJZy8d5ii32KWm7UcM/Z19+hl5vMsBcPc8ImFTqKC
         /Bx4L2xlZ1PzeMXV3c4HOWBLVuDaQeNSzRDyk/2Yj/4kplGesm86hVwYtYjjwdyNGjWj
         A+iAtEZeM+t9q7VF3rjBAr/hGJgxTogaxfAi1j0LSc1OEJhaNvd1CD4ZGZa53yeBFJ5a
         Cd5Q==
X-Gm-Message-State: AOJu0Yw/YYeA7c5hUX11IgZIVjFaF/2OmIWXm2Ix/EEqDtB7Dc2wnKmk
	H7Rtw+N9rgJo3xyyShgUbeCw/tmD1MXbbpU+RtmspDnznP9kiHdkNg90O2gQx8czu9vQ4X+Pk5g
	jr/RT7HeWx/u3tplF/fsUd6cLSqI=
X-Gm-Gg: ASbGncscLO9aOOV8UmUCRzgi5yprKj2Yt8IniCIjGx3EoSM7RVhRMOytbi6kskxC3zI
	pjDuvpL3Ux9JDA4Aqb9NA9vto1F9etJG2+sn8+oS0KMMzmRfhrgusw2c9TCLhupuAsgVV2w==
X-Google-Smtp-Source: AGHT+IE3do9ZNXc550FEnEscyIi5dgo6uReynVMqZPXW/ClXeg3rewuNuuY2UxzElvfZB0vLVZFRkNCXXmRD/eK7hGo=
X-Received: by 2002:a05:6870:4d0c:b0:2b8:efab:d5e3 with SMTP id
 586e51a60fabf-2b8f8fe0416mr2653913fac.35.1739466975849; Thu, 13 Feb 2025
 09:16:15 -0800 (PST)
Precedence: bulk
list-help: <mailto:internals+help@lists.php.net
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: internals.lists.php.net
x-ms-reactions: disallow
MIME-Version: 1.0
References: <CAKws9z2-e8YnGbdpp0BJvEBEiEsqHQMzyAo+Vee4naXy5mK40w@mail.gmail.com>
 <CAEKnhAHTpd-REa43pg2E2gVve726g52ZPb4S94BUxgVpv7o4dQ@mail.gmail.com>
In-Reply-To: <CAEKnhAHTpd-REa43pg2E2gVve726g52ZPb4S94BUxgVpv7o4dQ@mail.gmail.com>
Date: Thu, 13 Feb 2025 18:16:04 +0100
X-Gm-Features: AWEUYZkmWVCmVqFKXtmawawJq2MHo-SZpQ4-dfbYa5ceaLNFhYKK-aXwhBqp42U
Message-ID: <CAEKnhAGWXg47YDLoWNi1hTRddUsoJmNB3q9fH5==1WSVvm==1g@mail.gmail.com>
Subject: Re: [PHP-DEV] Update OpenSSL Extension to Support KEMs
To: Paragon Initiative Enterprises Security Team <security@paragonie.com>
Cc: PHP Internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="00000000000031b3b5062e093764"
From: bukka@php.net (Jakub Zelenka)

--00000000000031b3b5062e093764
Content-Type: text/plain; charset="UTF-8"

>
>
> to include PHP functions in the OpenSSL extension that look like this:
>>
>> function openssl_kem_encaps(OpenSSLAsymmetricKey $pk): array;
>>
>
> The name should be more openssl_pkey_encapsulate
>
>

I just did a bit more checking and we should consider having required kem
operation as selected by EVP_PKEY_CTX_set_kem_op . There are currently just
single operations (e.g. RSAVE for RSA and DHKEM for others). OpenSSL chose
not set default which has got some good reasoning described in
https://github.com/openssl/openssl/pull/12750 . I haven't checked out how
it is in the current PQC (whether there are already more operations) but
possibly there might be more in the future. This would make the function
harder to use as one would need to know the operations but setting our own
defaults prove usually not ideal in the long term (it's hard to change
those defaults (BC break) if there are issues with them) so it might be
just better to leave that to user space maybe. Or it might be worth to
check what other implementations do. It should certainly have some
consideration.

Regards

Jakub

--00000000000031b3b5062e093764
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_quote gmail_quote_container"><blockquo=
te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px =
solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div class=3D"gma=
il_quote"><div><br></div><blockquote class=3D"gmail_quote" style=3D"margin:=
0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">=
<div dir=3D"ltr"><div><div style=3D"font-family:monospace,monospace">to inc=
lude PHP functions in the OpenSSL extension that look like this:</div><div =
style=3D"font-family:monospace,monospace"><br></div><div style=3D"font-fami=
ly:monospace,monospace">function openssl_kem_encaps(OpenSSLAsymmetricKey $p=
k): array;</div></div></div></blockquote><div><br></div><div>The name shoul=
d be more openssl_pkey_encapsulate</div><div>=C2=A0<br></div></div></div></=
blockquote><div><br></div><div>I just did a bit more checking and we should=
 consider having required kem operation as selected by=C2=A0EVP_PKEY_CTX_se=
t_kem_op . There are currently just single operations (e.g. RSAVE for RSA a=
nd DHKEM for others). OpenSSL chose not set default which has got some good=
 reasoning described in <a href=3D"https://github.com/openssl/openssl/pull/=
12750">https://github.com/openssl/openssl/pull/12750</a> . I haven&#39;t ch=
ecked out how it is in the current PQC (whether there are already more oper=
ations) but possibly there might be more in the future. This would make the=
 function harder to use as one would need to know the operations but settin=
g our own defaults prove usually not ideal in the long term (it&#39;s hard =
to change those defaults (BC break) if there are issues with them) so it mi=
ght be just better to leave that to user space maybe. Or it might be worth =
to check what other implementations do. It should certainly have some consi=
deration.</div><div><br></div><div>Regards</div><div><br></div><div>Jakub</=
div></div></div>

--00000000000031b3b5062e093764--