Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:93990
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Received-SPF: pass (pb1.pair.com: domain snowgarden.ch designates 194.126.200.144 as permitted sender)
To: internals@lists.php.net
Message-ID: <57609B96.6080905@snowgarden.ch>
Date: Wed, 15 Jun 2016 02:04:38 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: [OpenSSL] Support for ECC public key generation
From: dol+php@snowgarden.ch (Dominic Luechinger)

This is a short introduction of a feature I've been working on.

Summary
-------
The current OpenSSL extension only supports generating RSA key pairs.
The PR [1] adds support for ECC (Elliptic curve cryptography) key
generation. The corresponding bug is 61204 [2].
-------

Motivation
----------
Why needs PHP support for creating ECC key pairs?
ECC has the benefit to give the same security grantees as RSA but with
smaller key sizes.
The current workaround without this improvement is to generate a key
pair with the help of the OpenSSL CLI tool (PHP exec) or use a userland
library like phpecc [3]. To protect against cryptography attack vectors
like timing attack or other side-channel attacks in PHP is quite
difficult. A native support would solve this issue or at least gives the
responsibility to the underlying crypto library.
----------

In details
----------
The PR introduces new '$configargs' setting to openssl_pkey_new [4].
E.g.:

openssl_pkey_new(
  array(
    'curve_name' => 'secp384r1',
    'private_key_type' => OPENSSL_KEYTYPE_EC,
  )
);


With the new ECC support it's also possible to load ECC key parameters
into the openssl_pkey_new to create a key resource.

openssl_pkey_new(
  array(
    'ec' => array(
      'curve_name' => 'prime256v1',
      'd' =>
gmp_export('3138550867681922400546388175470823984762234518836963313664'),
    ),
  )
);

A use case of this possibility is e.g. the transformation on a JWK [5]
to a ECC key resource.

Despite the extension of openssl_pkey_new a new PHP function is introduced:
openssl_get_curve_names() list names of the supported curves of the
underlying OpenSSL core. This function could be used to check if a
certain curve is supported and could be referenced when generating a new
key pair.

I'd like to outline that the ECC support is not a new feature. PHP is
capable of reading and working with ECC key pairs. I've contributed some
patches to improve the support.

To work with ECC key pairs but not being able to generate a new key pair
is the main motivation of this PR.
----------

Reference to other languages
----------------------------
The following languages have support for a ECC key pair generation:
Ruby [6]
Python via cryptography [7]
Golang [8]
Java via Bouncycastel [9]
----------------------------

Regards

Dominic Luechinger


[1] https://github.com/php/php-src/pull/1686
[2] https://bugs.php.net/bug.php?id=61204
[3] https://github.com/phpecc/phpecc
[4] http://php.net/manual/en/function.openssl-pkey-new.php
[5] https://tools.ietf.org/html/rfc7517#page-25
[6]
http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/PKey/EC.html
[7] https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/
[8] https://golang.org/pkg/crypto/elliptic/#GenerateKey
[9]
http://www.bouncycastle.org/wiki/display/JA1/Elliptic+Curve+Key+Pair+Generation+and+Key+Factories