Hi Anthony, Am 04.08.2015 um 15:25 schrieb Anthony Ferrara: > Lauri, > > On Tue, Aug 4, 2015 at 9:12 AM, Lauri Kenttä <lauri.ken...@gmail.com> wrote: >> On 2015-08-04 14:54, Scott Arciszewski wrote: >>> >>> we do not allow secure modes >> >> I hope that was a typo... ;) > > Indeed, it was not. > > If you want to build an insecure cipher, the primitives will still > exist (openssl/etc).
The point here is the missing "in" in the original quote ;-= > Rather than human readable (since that would consume a lot of space in > the resulting ciphertext), I'd suggest a formalized open specification > of the storage formats. Similar to the headers used by TLS and other > formats. That way anyone can build to the specification, which would > be maintained along side the implementation. > > So something like: > > byte 0 : Version identifier > > Version 1: > byte 1 : cipher identifier > byte 2 : mode identifier > byte 3 : authmode identifier > byte 4-8 : cipher-specific settings That is a very good idea to have some crypto format specification that contains the meta data. But is this such a new idea that now format exists already that can hold the required information? No available format we can embrace and that has implementations already? Greets Dennis -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
