Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:67464
Return-Path: <adam@adamharvey.name>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 16871 invoked from network); 23 May 2013 20:39:58 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 23 May 2013 20:39:58 -0000
Authentication-Results: pb1.pair.com header.from=adam@adamharvey.name; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=adam@adamharvey.name; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain adamharvey.name designates 209.85.223.178 as permitted sender)
X-PHP-List-Original-Sender: adam@adamharvey.name
X-Host-Fingerprint: 209.85.223.178 mail-ie0-f178.google.com  
Received: from [209.85.223.178] ([209.85.223.178:62351] helo=mail-ie0-f178.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id B0/00-16824-C9E7E915 for <internals@lists.php.net>; Thu, 23 May 2013 16:39:57 -0400
Received: by mail-ie0-f178.google.com with SMTP id f4so2669590iea.9
        for <internals@lists.php.net>; Thu, 23 May 2013 13:39:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=adamharvey.name; s=google;
        h=mime-version:sender:in-reply-to:references:from:date
         :x-google-sender-auth:message-id:subject:to:cc:content-type
         :content-transfer-encoding;
        bh=lfbXreQrGCQDqDi2KtgzX8bPDK4xLGtt6LvQ7DhvOr8=;
        b=AhmtcZAsrB4QRZkPCmiXIRjAlpxOEVGMDq0s3QC5G9PZs9KgwIXcbGxBfSCIV0s1Iz
         9gFxKkEsQfK0GShope0SAqVk0zChPSGrs9llRp1UmAZqeoJnNu9YhHznkedHbOijUVLM
         5mVdU/nHToz2bU26TbGcdxwjzjcK+s1xnmWVQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:from:date
         :x-google-sender-auth:message-id:subject:to:cc:content-type
         :content-transfer-encoding:x-gm-message-state;
        bh=lfbXreQrGCQDqDi2KtgzX8bPDK4xLGtt6LvQ7DhvOr8=;
        b=IdqQMU2jC7hiRVegYUjki1wIqrbEuXwU9Fq1oP5XxTqwMyN0mmQx3uZnSVW6z04fti
         7wX7BKeMeY5seXn5MEEaV/iMYAAXeDUtFcYUkGKcKt8ltnWMMa6OkAnpt2FxQ5AErXWg
         dPW+LaSfWrjA4piIy+e8t09J8lgNI8trT+c+4ceiW7L6ciXTYUuXU2csTdmemtsZxNFc
         HMHqJ0dJzAvRHo6q3wR3kAm3arZu5NP4BhCa5YQWR5JOCxggsF401CccylNk1iXtTdjc
         Li26yfycl4Anr9NRrfiNQAt8rsuJq3Y9TmROf5KDttbXL6wciaChVHIa3Zm4k0B0RGZr
         tUlw==
X-Received: by 10.43.138.196 with SMTP id it4mr11479968icc.3.1369341594075;
 Thu, 23 May 2013 13:39:54 -0700 (PDT)
MIME-Version: 1.0
Sender: adam@adamharvey.name
Received: by 10.43.105.138 with HTTP; Thu, 23 May 2013 13:39:34 -0700 (PDT)
In-Reply-To: <CAF+90c-6yGbQwi0LfAAer5wqgN=7j1N+h6BYBDWNh0x8a8=v+A@mail.gmail.com>
References: <CAF+90c-6yGbQwi0LfAAer5wqgN=7j1N+h6BYBDWNh0x8a8=v+A@mail.gmail.com>
Date: Thu, 23 May 2013 13:39:34 -0700
X-Google-Sender-Auth: _xpzdx_srSzqLhteNsa-EWfcMgU
Message-ID: <CADajX4CskTALYnO=x4LQS_oy7mAyNUKL3_Lg7_8LLKmyiZkEnw@mail.gmail.com>
To: Nikita Popov <nikita.ppv@gmail.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmvr3qISg3kY+4LtIkNZsRQe6D8PFHRRmOZpVgeuPYdA+CZj96ts+UUHHXWSvVa9oTqNsGQ
Subject: Re: [PHP-DEV] Re: hash_pbkdf2 vs openssl_pbkdf2
From: aharvey@php.net (Adam Harvey)

On 23 May 2013 13:31, Nikita Popov <nikita.ppv@gmail.com> wrote:
> On Sat, May 18, 2013 at 11:48 AM, Nikita Popov <nikita.ppv@gmail.com> wro=
te:
>
>> Hi internals!
>>
>> I just noticed that we added the PBKDF2 algorithm two times in PHP 5.5.
>> Once in the hash extension, once in the OpenSSL extension.
>>
>> The hash_pbkdf2 function was added via this RFC:
>> https://wiki.php.net/rfc/hash_pbkdf2
>>
>> The openssl_pbkdf2 function probably was not noticed at that time becaus=
e
>> it was just commited, but not mentioned anywhere else (NEWS, UPGRADING,
>> etc). Only saw it in vrana's documentation updates just now. The relevan=
t
>> commit is here: https://github.com/php/php-src/commit/f4847ef
>>
>> It would be nice if we could have only one of those functions. I'm
>> currently tending towards the hash_ variant because of the commit messag=
e
>> of the openssl_ function:
>>
>> > No easy way to put these in the hash extension since we don't really
>> support optional
>> > parameters to certain algorithms. Implemented in openssl for now since
>> it has it already
>> > and is pretty stable.
>> >
>> > Only SHA1 is confirmed to work as an algorithm but openssl has a
>> parameter so it can be
>> > changed in the future.
>>
>> It seems that the author already would have preferred it in the hash
>> extension and that the openssl variant only works with sha1 (or was only
>> tested with it? not sure).
>>
>> Nikita
>>
>
> No more opinions? It would be nice to have this resolved before 5.5,
> otherwise there will be no way back.

I'm not really convinced this is a problem in practice =E2=80=94 hash_pbkdf=
2()
is likely to be the commonly used one because it doesn't have the
OpenSSL dependency, but it probably doesn't hurt to have the ability
to also call OpenSSL's independent implementation (say, if a bug is
found in one or the other).

Adam