Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:87614 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 70423 invoked from network); 4 Aug 2015 15:50:29 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 4 Aug 2015 15:50:29 -0000 Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.181 as permitted sender) X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 209.85.217.181 mail-lb0-f181.google.com Received: from [209.85.217.181] ([209.85.217.181:36117] helo=mail-lb0-f181.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 48/93-49831-44FD0C55 for ; Tue, 04 Aug 2015 11:50:28 -0400 Received: by lbbud7 with SMTP id ud7so8605410lbb.3 for ; Tue, 04 Aug 2015 08:50:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=KqGLdFkal5pIhuMM/3iiPRpcywcSH1koidXGpaeeJHA=; b=kxWiLtzJp5BV0IQ5l7iFxRuZO/TN+2o3epyPK86E9YGTCEVj5itAZYeu31QLqclHlw w4tLSXupdQeJme2vv5Pz+/f/45VzwWxJNbLtlLOas1/rc74zyEEB0xth9OXqs4jJ9aj/ FrcONPFSLR3ct87aeYyZxHmcrj0Lna7jFvKImbAL9ltzPArqWQZQPiijVa4ORugclT1w 67qL0Mkl1RRNSc2BsA6BP0T+FzAeSK++c4CRcnqEVwBug6Qls4ph3b/QfFVM6AQg5ZV3 HICpChQ8bFw136rktBy1GSt1kA27c2z3IwNLQqRkeYxHRp8b3R1bMvVHgACM35kPInBM Ah/A== MIME-Version: 1.0 X-Received: by 10.152.28.73 with SMTP id z9mr4273040lag.93.1438703425286; Tue, 04 Aug 2015 08:50:25 -0700 (PDT) Received: by 10.112.33.7 with HTTP; Tue, 4 Aug 2015 08:50:25 -0700 (PDT) In-Reply-To: References: Date: Tue, 4 Aug 2015 22:50:25 +0700 Message-ID: To: Scott Arciszewski Cc: PHP Internals Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] PHP 7.1 Cryptography Projects From: pierre.php@gmail.com (Pierre Joye) On Tue, Aug 4, 2015 at 3:54 AM, Scott Arciszewski wrote: > Hi, > > I would like to make it easier for PHP developers to implement > cryptography features in their applications. I intend to work on some > of these ideas and submit them for inclusion in PHP 7.1. Awesome and long due work :) > Some of these might be familiar to some of you. > > 1. Pluggable Cryptography Frontend > > Work is currently underway for a PHP prototype for this idea > originally suggested by ircmaxell, that will basically be like PDO for > cryptography. Our current project name, subject to change, is PHP > Crypto Objects (PCO). > > The idea is that you could write code like this to add secure > authenticated encryption to your application without having to worry > about the details. > > $AES = new \PCO\Symmetric('openssl:cipher=AES-128'); > $ciphertext = $AES->encrypt($plaintext, $someKey); > > $PKC = new \PCO\Asymmetric('libsodium'); > $offlineDecryptable = $PKC->seal($plaintext, $someX25519PublicKey); > > When it's finished, I'd like to turn it into a PECL extension so users > can play with it in PHP 7.0 and submit it for inclusion in 7.1. I like the idea of a common API for all possible supported backend. I am however really convinced about the one proposed here. That's something we will need to really design well and userfriendly. > 2. Cache-timing-safe character encoding functions > > Alternatives for existing functions that should function like their > unsafe counterparts, but without branches or data-based index lookups. > > * hex2bin() -> hex2bin_ts() > * bin2hex() -> bin2hex_ts() > * base64_encode() -> base64_encode_ts() > * base64_decode() -> base64_decode_ts() For most functions I would prefer an option. -- Pierre @pierrejoye | http://www.libgd.org