Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:90883
Return-Path: <jakub.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 8830 invoked from network); 24 Jan 2016 12:08:05 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 24 Jan 2016 12:08:05 -0000
Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.49 as permitted sender)
X-PHP-List-Original-Sender: jakub.php@gmail.com
X-Host-Fingerprint: 209.85.213.49 mail-vk0-f49.google.com  
Received: from [209.85.213.49] ([209.85.213.49:33079] helo=mail-vk0-f49.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id C1/A3-16574-3AEB4A65 for <internals@lists.php.net>; Sun, 24 Jan 2016 07:08:04 -0500
Received: by mail-vk0-f49.google.com with SMTP id e64so62204184vkg.0
        for <internals@lists.php.net>; Sun, 24 Jan 2016 04:08:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:date:message-id:subject
         :from:to:cc:content-type;
        bh=LTSx7vNnFmTmrleJUF99BiB6DGIcdnD3qytXBj5EFyc=;
        b=g/H3LVESKAcZ3+x6o7epI0aXXP+tGK/d606ctuarX4v6xkNPl8JsLAW0XfVnOAB+VC
         y9RUti4DfFBOQYrnQVPS+/pqLyOfXkSNvfVaJVsTUOeRg5Gy7Zh6JAOZvGybAqzgMOxg
         kx75Xuw8RCr9PSYUTzgD+zGgIMnRTLsei3GAg91+JOpeLBjTUGIkM5TzTh7i64ovXMZB
         tN2sFUPOUWFDULAGLytLrl4f7GNubt00armS9/exQA8bMF4D1BYIDQ/ufE5wfqSD2QEW
         sWtmgpjbg+lB2C8EP6/qU/I00/Os9xer/WMIZdJKcBZXWzdAKPHh77hb/mMib+2TL7u7
         Mjpg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:date
         :message-id:subject:from:to:cc:content-type;
        bh=LTSx7vNnFmTmrleJUF99BiB6DGIcdnD3qytXBj5EFyc=;
        b=mZVFizjDsNfo2j1gW0A3jFHOkjKkgBWEYhDzLyqIefcd3vvfZrGo0LhCfs7M29mLVk
         do1MuEbgCRVDRSHoB62QG+vgA5jroolwV1BoLWK9ChggXy7clKVrF30+F3wkAty17OqN
         S61SewMqnUfXS7Yggqf/3mT3mptqJXVT2mb2ThlWI5f8fVat6D9+p/OPIRsQAoix+oca
         kLmZCTvHO4PWEhTEeGvbUNaFOAm/RDzZ1QmFBTbik3l4ar96Z5TCvCiWv8SpP4fe2JOJ
         sojf1Nw7ikJWer1pvyiGS8U1/uRbCuIFb6pBbM3pGkwuZ4n4FRg4odNmCVlzOS7vbTPJ
         STIw==
X-Gm-Message-State: AG10YOS/Wo/icih9janp+vymKedfcegS/O9TUKfOGyEoWCpW2YxqcBUlwDkgUvuD6MHivhZkf0a6wAqjT2Y2Qw==
MIME-Version: 1.0
X-Received: by 10.31.192.147 with SMTP id q141mr7971539vkf.96.1453637280923;
 Sun, 24 Jan 2016 04:08:00 -0800 (PST)
Sender: jakub.php@gmail.com
Received: by 10.31.96.214 with HTTP; Sun, 24 Jan 2016 04:08:00 -0800 (PST)
Received: by 10.31.96.214 with HTTP; Sun, 24 Jan 2016 04:08:00 -0800 (PST)
In-Reply-To: <CADyq6sKcmXSm9ouGS-K_+0hNm=vnUq4Fa_BpW=OHYZ1+b4V4uA@mail.gmail.com>
References: <CAEKnhAHJW_v-yHx8ZJwu8O63Yfwc+9+bJnRoJwH7qXdzWE8T=w@mail.gmail.com>
	<CADyq6sKcmXSm9ouGS-K_+0hNm=vnUq4Fa_BpW=OHYZ1+b4V4uA@mail.gmail.com>
Date: Sun, 24 Jan 2016 12:08:00 +0000
X-Google-Sender-Auth: Q8PiVEZPLT7ImU4wX4190tJDwJo
Message-ID: <CAEKnhAFeMj0RgpjjZgOxzBwFRj0z6NbYPJL6WfR0EuT0daXCwA@mail.gmail.com>
To: Marco Pivetta <ocramius@gmail.com>
Cc: PHP internals list <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=001a11439d40c3367d052a134dec
Subject: Re: [PHP-DEV] [RFC][VOTE] OpenSSL AEAD support
From: bukka@php.net (Jakub Zelenka)

--001a11439d40c3367d052a134dec
Content-Type: text/plain; charset=UTF-8

Hi,

On 23 Jan 2016 21:01, "Marco Pivetta" <ocramius@gmail.com> wrote:
>
> Just FYI, I'm voting against this proposal, as the number of parameters
is simply growing out of control, which involves:
>  - more BC breaks if default parameters change

What bc breaks? There are no defaults except tag length and that will never
change for the curent cipher algs.

>  - more security issues if the defaults are unsafe (or become unsafe, for
whatever reason)

The tag length default can be dependent on a cipher algorithm of course.
That would address all concerns because the current value (16) is effective
maximum for the currently supported AEAD cipher algs and it cannot change.
Another solution could be to have no default but that would make it much
harder for users to use as it would require an understanding what the max
and min is for the selected cipher algs.

In any case I'm not sure how it is related to the growing number of
function parameters...

>  - more cognitive load (it's arguably more complex)
>
> In general, this simply pushes too many responsibilities on the interface.
> Support for AEAD can be moved to a separate function, which involves a
minor BC break: collision with pre-existing functions, if anybody was
crazy/stupid enough to implement crypto in userland, and even worse in the
global namespace.

I'm not sure what your idea about AEAD function is but if you mean an
adding of a new function with the proposed signature, then you would still
have the same number of arguments and the same defaults. It would just be a
new function that would work only for selected cipher algs. It wouldn't
address any of your concerns and would just duplicate things.

If you mean some fancy context related set of functions, then it would
require some special handling and much more work. It would add to the
maintenance effort as well. As I said before I have a crypto pecl extension
that does exactly that. Personaly I think that such decision would probably
mean that we won't have AEAD support in openssl ext for quite a long time
as it won't be done anytime soon.

That being said I know that the current proposal is not the nicest but I
think it fits to the current openssl ext API which is not the nicest
either. I think that the main thing is that it adds the AEAD support and
the users could finally use it with just openssl ext.

Cheers

Jakub

--001a11439d40c3367d052a134dec--