Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:81593 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 45501 invoked from network); 2 Feb 2015 16:07:11 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Feb 2015 16:07:11 -0000 Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.169 as permitted sender) X-PHP-List-Original-Sender: jakub.php@gmail.com X-Host-Fingerprint: 209.85.213.169 mail-ig0-f169.google.com Received: from [209.85.213.169] ([209.85.213.169:38160] helo=mail-ig0-f169.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 20/E1-34915-FA0AFC45 for ; Mon, 02 Feb 2015 11:07:11 -0500 Received: by mail-ig0-f169.google.com with SMTP id hl2so18010374igb.0 for ; Mon, 02 Feb 2015 08:07:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=MR62EDvA5A+Q3v9oAtRracC1NtuGiIOEfqSFldotStc=; b=c39QjeVJ0dv2nNbajsQ3j0eC55bVM+D78SJjGAn6SIxDixrX4kmPRtUX+qjougumtD 4Gj6ei/pzcL2B6FKi1CfZnrS0yyDpaW9dFf3KeqP4/nFqJFQyAFiJ74ica+R+3OAAoAA cDKEmY1KYPWI7BnbEzQB1fc/bXtlaeMlDNQWHbix9hRlWmKZApfLN+2zMMJ/ATLpW/ee Kox2PN7q9RBODyByqDyp30dD6KeKUnlEVRA1+xAXXA+WvsoC5sipaEli0FSSoy5pGAxr Sp/xS4v2SG/WdPDBmNcDv+U/E/f/pGHyN0C7upULgT4ZbBxRjx3vZsNhkpmAcfW+bei7 Q+qw== MIME-Version: 1.0 X-Received: by 10.107.136.143 with SMTP id s15mr4710144ioi.8.1422893228213; Mon, 02 Feb 2015 08:07:08 -0800 (PST) Sender: jakub.php@gmail.com Received: by 10.107.55.8 with HTTP; Mon, 2 Feb 2015 08:07:08 -0800 (PST) In-Reply-To: References: Date: Mon, 2 Feb 2015 16:07:08 +0000 X-Google-Sender-Auth: VXjJwVZUzxCCn-f8TAvkthkVHjE Message-ID: To: Daniel Lowrey Cc: Leigh , "internals@lists.php.net" Content-Type: multipart/alternative; boundary=001a113ed55a6be8cc050e1d25a9 Subject: Re: [PHP-DEV] Re: OpenSSL ext. improvements for authenticated cipher modes. From: bukka@php.net (Jakub Zelenka) --001a113ed55a6be8cc050e1d25a9 Content-Type: text/plain; charset=UTF-8 On Mon, Feb 2, 2015 at 2:30 PM, Daniel Lowrey wrote: > > The extra params aren't really _that_ bad. > > Okay, I'd like to reset the conversation a bit here. It's clear that the > current API does not fit the problem domain very well. Tacking on more > parameters only creates a bigger mess. Six parameters to a stateless > function call is a completely incoherent API. It's unusable without > consulting the manual. I think we need a completely different approach. Let > me propose something else that won't break BC in any release and results in > an API that's actually sane: > > class CryptoContext { > private $mode; > private $password; > function __construct($mode, $password) { > $this->mode = $mode; > $this->password = $password; > } > function encrypt($data) { > // ... > return $encryptedData; > } > function decrypt($data) { > // ... > return $decryptedData; > } > function setOption($option, $value) { > // ... > } > // more methods here to do anything you need > } > > Thoughts on a stateful object API here? Personally I find this much more > coherent than anything that's been proposed so far and it could be > implemented without affecting existing functionality. > This is sort of what I was trying to do in crypto ext. I ended up with something like this: https://github.com/bukka/php-crypto#php-definition-for-the-classes which is a bit simillar to your proposal and it already works as a bonus :). I'm not sure if it makes sense to duplicate an effort and do the same thing (and also call it Crypto which would be quite confusing...) in openssl ext which is just functional extension. As I said the crypto extension is still in pecl dev stability so I'm open any changes in it. If we want to add a cipher context API to openssl ext, then I think that it would be much better to use a functional API as openssl_pkey_* to keep ti consistent. Cheers Jakub --001a113ed55a6be8cc050e1d25a9--