Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:90240
Return-Path: <bishop.bettini@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 19801 invoked from network); 6 Jan 2016 21:32:51 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 6 Jan 2016 21:32:51 -0000
Authentication-Results: pb1.pair.com header.from=bishop.bettini@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=bishop.bettini@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.43 as permitted sender)
X-PHP-List-Original-Sender: bishop.bettini@gmail.com
X-Host-Fingerprint: 74.125.82.43 mail-wm0-f43.google.com  
Received: from [74.125.82.43] ([74.125.82.43:33368] helo=mail-wm0-f43.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 83/32-21755-1088D865 for <internals@lists.php.net>; Wed, 06 Jan 2016 16:32:50 -0500
Received: by mail-wm0-f43.google.com with SMTP id f206so75194106wmf.0
        for <internals@lists.php.net>; Wed, 06 Jan 2016 13:32:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:reply-to:sender:in-reply-to:references:from:date
         :message-id:subject:to:cc:content-type;
        bh=f0TQhr4PSbSjjvgzfmQWNhnzMEJ/SwaNIc/O3X9rmpw=;
        b=wc4rEwzciKHTdBuGtjR1j4kE1ohiJDpH6c7M9HPwEcoNt4Z9/p5+xGxSma+RZWn1LN
         2OoJg82/e+20T/tV5a/5pxd1wjyQCqY5o0E3A8X+W7b+kZfJtV6aYy/gAYpbyVlRDHE8
         LbO1mMkEla5M5iOnRa6+rMhltyyW3ggpL7bUo8yaVXZlCb/Xn7tviqRLe7RW8xmpYdAY
         jFrN98ExMxvdO2IR4Xw0QEkYr9fVGextv35bPY9KOEmcC0LaLXY8N/tfXn3i9tA3ItY9
         ub8VfH+uDpI1EG28MvuFa/HkB/eo81CL3/tuVQqH28rIt8EBc03WaxJDM67FHMaBIalW
         jybA==
X-Received: by 10.28.175.147 with SMTP id y141mr5178857wme.64.1452115966936;
 Wed, 06 Jan 2016 13:32:46 -0800 (PST)
MIME-Version: 1.0
Reply-To: bishop@php.net
Sender: bishop.bettini@gmail.com
Received: by 10.194.45.230 with HTTP; Wed, 6 Jan 2016 13:32:17 -0800 (PST)
In-Reply-To: <CAEKnhAGU=OEA54xRzZ4djtCGaQsndxpT5zXBenRFYisH654abA@mail.gmail.com>
References: <CAEKnhAHGK0Uj-nGyGGXWXS1jE6P+nqLgLMJjje3pyT78hVUBLA@mail.gmail.com>
 <CAEYWF=7tMegJ9GDA8ZQBpybp6JNec65-hF+j1Z=X_UxY_i5Z7Q@mail.gmail.com>
 <CAEKnhAFFazCoVct5gMs9NGAUwWm6YEDY2+j2HDhr8k2U=QwMiA@mail.gmail.com>
 <CAEYWF=4R2_JdNwOOSXyL2C706FvdK7B39gTN+csfX=KKHAFA-Q@mail.gmail.com> <CAEKnhAGU=OEA54xRzZ4djtCGaQsndxpT5zXBenRFYisH654abA@mail.gmail.com>
Date: Wed, 6 Jan 2016 16:32:17 -0500
X-Google-Sender-Auth: vshSj6Ts7x32so_BJadUheSkM24
Message-ID: <CAEYWF=5xfr2+feMJYbnybDVxz-4ibhYXuGQdpk7dv5vGivPA-g@mail.gmail.com>
To: Jakub Zelenka <bukka@php.net>
Cc: PHP internals list <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a11443f0a61cbc90528b118dc
Subject: Re: [PHP-DEV] [RFC] OpenSSL AEAD support
From: bishop@php.net (Bishop Bettini)

--001a11443f0a61cbc90528b118dc
Content-Type: text/plain; charset=UTF-8

On Wed, Jan 6, 2016 at 2:59 PM, Jakub Zelenka <bukka@php.net> wrote:

> On Wed, Jan 6, 2016 at 7:28 PM, Bishop Bettini <bishop@php.net> wrote:
>
>> On Wed, Jan 6, 2016 at 11:09 AM, Jakub Zelenka <bukka@php.net> wrote:
>>
>>> Hi,
>>>
>>> On Wed, Jan 6, 2016 at 3:35 PM, Bishop Bettini <bishop@php.net> wrote:
>>>
>>>>
>>>> I think the API might need to be more generic so that any future cipher
>>>> modes with different parameters could also be passed in.
>>>>
>>>> Please see note in
>>> https://wiki.php.net/rfc/openssl_aead#rejected_features . Any context
>>> related features will add a lot to the size of the implementation. In this
>>> case it would also mean introducing an object with dimension handler to the
>>> openssl ext which doesn't really match with the rest of the extension API.
>>> The proposed API is more conformant to the rest and the code addition is
>>> also limited which is very important from the maintenance point of view.
>>>
>>
>> Ok, a context resource may not be pragmatic. Perhaps a compromise in the
>> form of a thin wrapper:
>>
>> string openssl_encrypt_aead(string $data , string $method , string
>> $password [, int $options = 0 [, string $iv = "" [, string &$tag = "" [,
>> string $aad = "" [, int $tag_length = 16 ]]]])
>>
>> string openssl_decrypt_aead(string $data , string $method , string
>> $password [, int $options = 0 [, string $iv = "" [, string $tag = "" [,
>> string $aad = "" ]]]] )
>>
>> This actually feels more right anyway: openssl_encrypt only does
>> encryption, whereas openssl_encrypt_aead does encryption *and*
>> integrity.  I would hate for users to pass a method of aes128 and think
>> they can forgo an HMAC because they thought PHP would give them back a
>> valid tag.
>>
>
> This is a good point. I would probably go with a bit different and maybe
> simpler solution. How about emitting notice when $tag param is supplied for
> non aead mode?
>

I think the need for a message highlights an API design problem, and I'd
rather eliminate the need with a purpose-built API.

Still, AEAD is a valuable addition to the API.  Thanks for submitting the
RFC!

--001a11443f0a61cbc90528b118dc--