Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:83904
Return-Path: <ircmaxell@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 28199 invoked from network); 26 Feb 2015 16:17:30 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Feb 2015 16:17:30 -0000
Authentication-Results: pb1.pair.com header.from=ircmaxell@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=ircmaxell@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.214.171 as permitted sender)
X-PHP-List-Original-Sender: ircmaxell@gmail.com
X-Host-Fingerprint: 209.85.214.171 mail-ob0-f171.google.com  
Received: from [209.85.214.171] ([209.85.214.171:47881] helo=mail-ob0-f171.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 8A/A5-32582-9174FE45 for <internals@lists.php.net>; Thu, 26 Feb 2015 11:17:30 -0500
Received: by mail-ob0-f171.google.com with SMTP id gq1so12027105obb.2
        for <internals@lists.php.net>; Thu, 26 Feb 2015 08:17:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=dCOj0RJyWKZbHht1AAsOzq5BMCiPuUunVRF+mNMA0OE=;
        b=v0av1+QqstUyYQl6lQ1YornfEAkfimwLZN5IlotjPFCiF5BvwMA7qeFZwN6BFU9q+U
         SP1lyvwegsRwQFhxsSYhNJx4b25GPqod/iheyanW8Uxym9ubLDNL6hfvS5S4ioIlpX5C
         10kJHjUmlvHXOtxB6fGzbLe0slil53nlizie0VI+dN5z2GBrYtNscxTVrbRMaHKg/IwH
         kyL3ySXwtrGk6qjR0ZG2ZQ1QnqCqLjecH41vin+leYDC9axIfM5Q+F/BVmI5JsCNL7Dd
         +Xud9s6BDkf3zew80uiwYSQb38gznAesv4xLhi5x1cRTp4jobDZkF7amiOgUVCKPo3Tt
         G7sw==
MIME-Version: 1.0
X-Received: by 10.107.166.146 with SMTP id p140mr12126076ioe.61.1424967447535;
 Thu, 26 Feb 2015 08:17:27 -0800 (PST)
Received: by 10.36.67.9 with HTTP; Thu, 26 Feb 2015 08:17:27 -0800 (PST)
In-Reply-To: <CAPwsocGTbg-WBfLtfHK_dxnr4yOBkhadb7NFj-qV9aOQueaVJw@mail.gmail.com>
References: <D114A04E.5DE53%fsb@thefsb.org>
	<CAPwsocGTbg-WBfLtfHK_dxnr4yOBkhadb7NFj-qV9aOQueaVJw@mail.gmail.com>
Date: Thu, 26 Feb 2015 11:17:27 -0500
Message-ID: <CAAyV7nE9vdzd17QczTXVUNKKMvtfOWrr_Cm2xBxdA+UwV0YOvQ@mail.gmail.com>
To: Leigh <leight@gmail.com>
Cc: Tom Worster <fsb@thefsb.org>, php-internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] crypto_something
From: ircmaxell@gmail.com (Anthony Ferrara)

Leigh and all,

On Thu, Feb 26, 2015 at 11:12 AM, Leigh <leight@gmail.com> wrote:
> On 26 February 2015 at 15:37, Tom Worster <fsb@thefsb.org> wrote:
>> On 2/26/15, 3:48 AM, "Stanislav Malyshev" <smalyshev@gmail.com> wrote:
>>
>>>The custom is that the first word names the function group (yes, I know
>>>old functions do not follow it, but this is new one). Unless we're going
>>>to introduce a group of functions called secure_*, random_* is a natural
>>>choice.
>>
>> This reminds me of the other problem. There is no one crypto lib that
>> is in good shape or really covers what's needed.
>
>> The problems with mcrypt have been discussed.
>
>> The limitations of OpenSSL became apparent
>
> Agree 100%.
>
> I've spoken with Anthony and a couple of others about something in the
> same vein as the new csprng functions. I think core needs a pair of
> functions that handles the needs of the 99%. Those functions are.
>
> aes_encrypt(string $data, string $key): string
>
> aes_decrypt(string $data, string $key): string
>
> I have discussed this briefly with Anthony and Nikita, and we haven't
> reached a consensus on whether AES-n would be determined by key-length
> (adding complexity for the user), or whether $key should be
> $passphrase and should have key-stretching performed (this would avoid
> the case where people pass in hex for a key), in which case we would
> default to AES-128.
>
> The default mode would be CTR
>
> An IV would be taken from the csprng random functions, and would be
> prepended to the result.
>
> A strong MAC would be calculated and appended to the result.
>
> This doesn't leave any room for interoperability where things are done
> differently, but it also doesn't leave any room for people to mess it
> up. I think it's important that when it comes to crypto, we give
> people the ability to "just get it right", without having to know
> about why something is right or wrong.
>
> I welcome any thoughts on this.

One thing I'd like to make clear: I do not intend to target 7 with
this functionality (possibly 7.1 or later). I'd rather build a POC and
play with it for a bit. So while I do want to discuss it, I just
wanted to set expectations properly.

Anthony