Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:82473
Return-Path: <leight@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 16447 invoked from network); 11 Feb 2015 12:13:52 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 11 Feb 2015 12:13:52 -0000
Authentication-Results: pb1.pair.com header.from=leight@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=leight@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.182 as permitted sender)
X-PHP-List-Original-Sender: leight@gmail.com
X-Host-Fingerprint: 74.125.82.182 mail-we0-f182.google.com  
Received: from [74.125.82.182] ([74.125.82.182:48566] helo=mail-we0-f182.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 88/05-22055-F774BD45 for <internals@lists.php.net>; Wed, 11 Feb 2015 07:13:52 -0500
Received: by mail-we0-f182.google.com with SMTP id l61so2959891wev.13
        for <internals@lists.php.net>; Wed, 11 Feb 2015 04:13:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=txhViKzIxz3bGJQajy/qll+OGsBgiH//9ymLeXUEcN0=;
        b=eF6IWJVKzDr+oAo5AbpXD5wXwpe5C3mw/K4ZNJVHJXpLS+1XrQtxMvkLZM9gFV0m4i
         5F/bT80XfMXsAXRmzwJstUpaBeFc2wKS28ogjRSgNozLg0Sok6hoKL8+0vwDrfSFmlNs
         npyyz0oLmcwvNrPkoKswgjtRh6BL3oai3BPVop/LIikv7La1lRqM18gwgcVbb9FtdiFJ
         d77e443rmEYxCwUcfedCiWiirHXUX1GpyO31WDGSlGdkVdoTeDbe2alq+63UqUCgpkXe
         M0vl9QDUyA7zhvVwzZq9OGtzkQZbz/O51QdWb4InMhdoNXbPBJtY0Elc/05wddadn3jg
         ByaQ==
MIME-Version: 1.0
X-Received: by 10.194.108.162 with SMTP id hl2mr2314373wjb.134.1423656828539;
 Wed, 11 Feb 2015 04:13:48 -0800 (PST)
Received: by 10.216.50.139 with HTTP; Wed, 11 Feb 2015 04:13:48 -0800 (PST)
Date: Wed, 11 Feb 2015 12:13:48 +0000
Message-ID: <CAPwsocE-YJUWgv2+ZAgVNWMc3FOj82weiR-FGST_GnUyNeVtcA@mail.gmail.com>
To: internals@lists.php.net
Content-Type: text/plain; charset=UTF-8
Subject: A generic cryptographic framework for PHP core
From: leight@gmail.com (Leigh)

I don't think there is time to get something finalised for 7.0, I
certainly wouldn't want anything cryptography related to be rushed, so
this is a pre-RFC discussion to gather ideas and opinions for
something we can work towards in PHP 7.1 and that can live as a PECL
extension between now and then.

I would like to propose a generic cryptographic framework is added
into core. We already have a generic hashing framework in ext/hash
that we are comitted to supporting and I think our users would benefit
from having a set of widely used cryptographic functions available
without having a to depend on external libraries or extensions.

However this framework should also be extensible by third-party
extensions. The preferred behaviour of an extension that provides a
cipher or hash function would be to register it with the framework and
then it would become available through the same methods as any of the
built-in algorithms. This also provides a way of swapping underlying
libraries without changing the way they are called, hopefully making
problems such as the ones we're facing with mcrypt a thing of the
past.

The framework should provide as core features (in my opinion):

*    A set of built-in widely used and accepted ciphers.
*    A set of built-in widely used and accepted hashes and MACs.
(ext/hash becomes part of this framework)
*    A portable high quality random number generator
*    Built-in interfaces for crypto-providing extensions to implement.
*    Crypto contexts as objects with familar init/update/final type methods.
*    Stream filters for enc/dec/hash/mac etc. that can take a crypto
context object.
*    Easy to use one-shot functions that handle the context behind the scenes.

There is obviously no work on an implementation yet, but I know Jakub
has already spent a lot of time on the php-crypto objective OpenSSL
wrapper. I think a lot of his work would be very useful for
bootstrapping a generic framework project.

Lets try and avoid discussions on names and syntax, that can wait. I'd
really welcome any and all feedback on this as a proposal, with a view
to starting a project to give us a stable and maintainable foundation
for the future.

Would this be considered a valuable addition?

Is it possible to provide a succinct API for the overwhelming majority
of peoples crypto needs?

Are there any major concerns about this type of framework being added?

Does anyone think this is the wrong approach entirely (and have a better idea!)?