On Tue, Jun 14, 2016 at 8:04 PM, Dominic Luechinger <dol+...@snowgarden.ch> wrote:
> This is a short introduction of a feature I've been working on. > > Summary > ------- > The current OpenSSL extension only supports generating RSA key pairs. > The PR [1] adds support for ECC (Elliptic curve cryptography) key > generation. The corresponding bug is 61204 [2]. > ------- > > Motivation > ---------- > Why needs PHP support for creating ECC key pairs? > ECC has the benefit to give the same security grantees as RSA but with > smaller key sizes. > The current workaround without this improvement is to generate a key > pair with the help of the OpenSSL CLI tool (PHP exec) or use a userland > library like phpecc [3]. To protect against cryptography attack vectors > like timing attack or other side-channel attacks in PHP is quite > difficult. A native support would solve this issue or at least gives the > responsibility to the underlying crypto library. > ---------- > > In details > ---------- > The PR introduces new '$configargs' setting to openssl_pkey_new [4]. > E.g.: > > openssl_pkey_new( > array( > 'curve_name' => 'secp384r1', > 'private_key_type' => OPENSSL_KEYTYPE_EC, > ) > ); > > > With the new ECC support it's also possible to load ECC key parameters > into the openssl_pkey_new to create a key resource. > > openssl_pkey_new( > array( > 'ec' => array( > 'curve_name' => 'prime256v1', > 'd' => > gmp_export('3138550867681922400546388175470823984762234518836963313664'), > ), > ) > ); > > A use case of this possibility is e.g. the transformation on a JWK [5] > to a ECC key resource. > > Despite the extension of openssl_pkey_new a new PHP function is introduced: > openssl_get_curve_names() list names of the supported curves of the > underlying OpenSSL core. This function could be used to check if a > certain curve is supported and could be referenced when generating a new > key pair. > > I'd like to outline that the ECC support is not a new feature. PHP is > capable of reading and working with ECC key pairs. I've contributed some > patches to improve the support. > > To work with ECC key pairs but not being able to generate a new key pair > is the main motivation of this PR. > ---------- > > Reference to other languages > ---------------------------- > The following languages have support for a ECC key pair generation: > Ruby [6] > Python via cryptography [7] > Golang [8] > Java via Bouncycastel [9] > ---------------------------- > > Regards > > Dominic Luechinger > > > [1] https://github.com/php/php-src/pull/1686 > [2] https://bugs.php.net/bug.php?id=61204 > [3] https://github.com/phpecc/phpecc > [4] http://php.net/manual/en/function.openssl-pkey-new.php > [5] https://tools.ietf.org/html/rfc7517#page-25 > [6] > http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/PKey/EC.html > [7] https://cryptography.io/en/latest/hazmat/primitives/asymmetric/ec/ > [8] https://golang.org/pkg/crypto/elliptic/#GenerateKey > [9] > > http://www.bouncycastle.org/wiki/display/JA1/Elliptic+Curve+Key+Pair+Generation+and+Key+Factories > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > While we're at it, can we also add a function to generate (ephemeral) Elliptic Curve Diffie-Hellman keys, and then use openssl_dh_compute_key() with ECDH keys? Because that would be a lot saner than having to shell_exec() to the OpenSSL binary in userland. Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com/>