Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:68650 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 28554 invoked from network); 28 Aug 2013 20:42:54 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 28 Aug 2013 20:42:54 -0000 Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.43 as permitted sender) X-PHP-List-Original-Sender: jakub.php@gmail.com X-Host-Fingerprint: 209.85.216.43 mail-qa0-f43.google.com Received: from [209.85.216.43] ([209.85.216.43:36965] helo=mail-qa0-f43.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 77/06-33204-DC06E125 for ; Wed, 28 Aug 2013 16:42:54 -0400 Received: by mail-qa0-f43.google.com with SMTP id bv4so721365qab.9 for ; Wed, 28 Aug 2013 13:42:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=rd1pIEnbvSTRyQTrhmJpuvbxd2amonliJMxxAnEKcKU=; b=wfHTRkCUJoq5qig/femf2NJCq1JDMMnqC+JrltFKkfRSM0c4NKoT5zTUpQWGleO//B ghlaez0hGtvKQ8CjhsZ/HhQkNGnc8oFOsQhbmgA7XDJnSnkuvZ7nNlzOyzvsQ5uFEawM Emlf7wlteiHpk9kBk7DWLxGCgM6GmModHSkllMAGH9A2PbBZhqiJu2kqnkGCsif2RXz1 Rve6TZz5LdJmK+CtvZ1BYLYVie+yM34b/kfy8SNolpVwpwWZya8b4QNGwCHVCK4zXtwY Cu8hDT2Z/lghroI0luXjJKmlxNm1VA9i6s2SwHcro5/T1Ap1UMRY0kLS7jsJtyKAywVJ eo3Q== MIME-Version: 1.0 X-Received: by 10.224.35.196 with SMTP id q4mr445006qad.106.1377722570640; Wed, 28 Aug 2013 13:42:50 -0700 (PDT) Sender: jakub.php@gmail.com Received: by 10.224.69.199 with HTTP; Wed, 28 Aug 2013 13:42:50 -0700 (PDT) In-Reply-To: References: <505B2CA7.6050505@codeangel.org> Date: Wed, 28 Aug 2013 21:42:50 +0100 X-Google-Sender-Auth: BA5PJJbByG8T-QEirVHfDpmfBOg Message-ID: To: Jan Ehrhardt Cc: PHP internals list Content-Type: multipart/alternative; boundary=089e0149c73a6c0ffb04e508085c Subject: Re: [PHP-DEV] Authenticated Encryption in PHP From: bukka@php.net (Jakub Zelenka) --089e0149c73a6c0ffb04e508085c Content-Type: text/plain; charset=ISO-8859-1 Hi, > Added this to all my builds, including PHP 5.3 (based on the Aug 20 > snapshot): > http://www.apachelounge.com/viewtopic.php?t=5537 > > That's great! Thanks a lot! I would like to correct myself about using GCM and CCM in PHP. These modes are available for encryption/decryption but there is no way how to get an authentication tag. That's a bit problem as it doesn't make sense to use gcm or ccm if you can't get a tag... On top of it the AAD (Additional Authentication Data) can't be set either... I decided to fix that in php-crypto. I have created an issue about PHP API for this modes: https://github.com/bukka/php-crypto/issues/4 . There are two ideas how the API could be designed. It would be very helpful for me to get any feedback as it could result in more usable API. There also are two other issues in https://github.com/bukka/php-crypto/issues . The first is about API for Algorithm class and the second is about choosing a name for the method that create a digest in one step (currenty Digest::make that is not really explaining...). All issues are just about PHP user interface for this extension (there is nothing about internal C implementation). In addition if anyone knows about any objective crypto library that he used in past and thinks that some ideas could be used in this extension, please let me know. I was looking to Zend\Crypt and also plan to properly look to crypto++. Thanks Jakub --089e0149c73a6c0ffb04e508085c--