On Tue, Aug 4, 2015 at 2:13 PM, Scott Arciszewski <sc...@paragonie.com>
wrote:
> On Tue, Aug 4, 2015 at 8:57 AM, Jakub Zelenka <bu...@php.net> wrote:
> > Hi,
> >
> > On Mon, Aug 3, 2015 at 9:54 PM, Scott Arciszewski <sc...@paragonie.com>
> > wrote:
> >>
> >> Hi,
> >>
> >> I would like to make it easier for PHP developers to implement
> >> cryptography features in their applications. I intend to work on some
> >> of these ideas and submit them for inclusion in PHP 7.1.
> >>
> >> Some of these might be familiar to some of you.
> >>
> >> 1. Pluggable Cryptography Frontend
> >>
> >> Work is currently underway for a PHP prototype for this idea
> >> originally suggested by ircmaxell, that will basically be like PDO for
> >> cryptography. Our current project name, subject to change, is PHP
> >> Crypto Objects (PCO).
> >>
> >> The idea is that you could write code like this to add secure
> >> authenticated encryption to your application without having to worry
> >> about the details.
> >>
> >> $AES = new \PCO\Symmetric('openssl:cipher=AES-128');
> >> $ciphertext = $AES->encrypt($plaintext, $someKey);
> >>
> >> $PKC = new \PCO\Asymmetric('libsodium');
> >> $offlineDecryptable = $PKC->seal($plaintext, $someX25519PublicKey);
> >>
> >> When it's finished, I'd like to turn it into a PECL extension so users
> >> can play with it in PHP 7.0 and submit it for inclusion in 7.1.
> >>
> >> 2. Cache-timing-safe character encoding functions
> >>
> >> Alternatives for existing functions that should function like their
> >> unsafe counterparts, but without branches or data-based index lookups.
> >>
> >> * hex2bin() -> hex2bin_ts()
> >> * bin2hex() -> bin2hex_ts()
> >> * base64_encode() -> base64_encode_ts()
> >> * base64_decode() -> base64_decode_ts()
> >>
> >> Other formats are out of scope, unless someone can make the case that
> >> we need to support RFC 4648 base32 encoding (e.g. for Tor Hidden
> >> Service integration).
> >>
> >> 3. Other ideas (not yet committed to at all, but might be of interest
> >> to others):
> >>
> >> * Improving the OpenSSL API, or at least the documentation
> >> * Adding streaming encryption/decryption support to OpenSSL
> >> * Adding AE and AEAD interfaces to OpenSSL
> >> * Aliasing MCRYPT_AES -> MCRYPT_RIJNDAEL_128, adding MCYPT_MODE_CTR
> >>
> >> What I need from you is guidance on what features or changes you want
> >> to see in 7.1 and which can be put off until later (or never proposed
> >> as an RFC at all).
> >>
> >> Seriously, all I need is your opinion and whether or not you'd like to
> >> see any of these happen. If you have specific implementation details
> >> you'd like to discuss or requests, of course those are welcome too. :D
> >>
> >
> > I have been actually working on something similar for some time. It's
> > already on PECL and it's called php-crypto:
> >
> > https://github.com/bukka/php-crypto
> >
> > I have been doing lots of changes and fixes including support for PHP 7
> (it
> > also supports PHP 5 using https://github.com/bukka/phpc wrapper) and php
> > streams. The internal part has been almost completely rewritten since
> > version 0.1.0 and I plan to release soon 0.2.0 so I will send some update
> > then.
> >
> > I'm currently working on fixing some issues, improving tests and mainly
> > documentation that is still very incomplete (just hash is partially
> > documented in the main readme) so probably the best doc at the moment is
> > generated api doc:
> >
> > https://github.com/bukka/php-crypto/blob/master/docs/Crypto.php
> >
> > There also are some examples in
> > https://github.com/bukka/php-crypto/blob/master/examples and even more
> > examples in tests where is about 70 tests:
> > https://github.com/bukka/php-crypto/blob/master/tests
> >
> > In case you are interested in what I plan to do in the near future, it's
> all
> > in my TODO list: https://github.com/bukka/php-crypto/blob/master/TODO.md
> >
> > In the long term I would like to add support for asymmetric encryption. I
> > actually wrote an extension called php-rsa (
> > https://github.com/bukka/php-rsa ) just to play with OpenSSL rsa.h
> (there is
> > no doc but you can look to the tests if you are interested). However the
> way
> > how it should be done in crypto is more about using PKEY which is much
> more
> > flexible but it will be supported only for OpenSSL 1.0.0+.
> >
> > The providers (pluggable api) is a nice thing but it will require quite a
> > bit of thinking to make it right from the internal PoV (address all
> needs of
> > particular libs - especially OpenSSL) and it's quite a bit of work as
> well
> > :) But it would be definitely nice to have and I have been thinking
> about it
> > for some time. But the priority is a creating of a good wrapper for
> OpenSSL
> > first and then split it to more layers.
> >
> > Cheers
> >
> > Jakub
>
> This does not appear to authenticate ciphertexts, nor does it serve as
> a gateway to Libsodium / OpenSSL.
>
>
It has a general wrapper for EVP_CIPHER including AEAD modes (gcm):
https://github.com/bukka/php-crypto/blob/master/examples/gcm.php
In addition there is a support for HMAC as well as CMAC so you can
authenticate ciphertext of course.
My primary goal is to provide such functionality so the user can use it.
Not exactly the same goal as Sodium but it definitely serves as a gateway
to OpenSSL crypto lib...
We are, in fact, working on different projects with different goals.
>
>
I said similar, not the same... :)
> > In the long term I would like to add support for asymmetric encryption. I
> > actually wrote an extension called php-rsa (
> > https://github.com/bukka/php-rsa ) just to play with OpenSSL rsa.h
> (there is
> > no doc but you can look to the tests if you are interested). However the
> way
> > how it should be done in crypto is more about using PKEY which is much
> more
> > flexible but it will be supported only for OpenSSL 1.0.0+.
>
> Strictly personally speaking, I'm far more interested in EdDSA and
> ECDH than I am in RSA.
>
>
RSA was just one of the examples of the low level api. What I was trying to
say is that I would like to use EVP_PKEY over low level apis. ECDH and
ECDSA can be of course used by EVP_PKEY interface and should be supported...
Anyway good luck with your project! ;)
Jakub
