Skip to content

OpenSSL AEAD support #1716

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 43 commits into from
Jun 19, 2016
Merged

OpenSSL AEAD support #1716

merged 43 commits into from
Jun 19, 2016

Conversation

bukka
Copy link
Member

@bukka bukka commented Jan 6, 2016

bukka added 30 commits September 20, 2015 14:00
@bukka
Add an initial preparation for OpenSSL AEAD
2ed246e
@bukka
Add and check AEAD params in openssl_encrypt and openssl_decrypt
96698b5
@bukka
Add and use function for loading cipher mode info
2f744cd
@bukka
Use openssl allocated cipher context
a6534b8
@bukka
Merge branch 'master' into openssl_aead
054b27d
@bukka
Add php_openssl_cipher_init
496c469
@bukka
Merge branch 'master' of git.php.net:php-src into openssl_aead
6418786
@bukka
Merge branch 'master' into openssl_aead
19e60a1
@bukka
Use correct type for tag_len
c09f3e3
@bukka
Use php_openssl_cipher_init in openssl_encrypt
789ee14
@bukka
Use php_openssl_cipher_init in openssl_decrypt
2eb3e2c
@bukka
Change return value from php_openssl_validate_iv
3ce5e46
@bukka
Move php_openssl_validate_iv to php_openssl_cipher_init and fix some …
dcabd94 
…issues
@bukka
Merge branch 'master' of git.php.net:php-src into openssl_aead
3fb12d2
@bukka
Merge branch 'master' of git.php.net:php-src into openssl_aead
be57caf
@bukka
Move password checkign to php_openssl_cipher_init
4b22c06
@bukka
Merge branch 'master' into openssl_aead
55b5160
@bukka
Add AEAD IV init
c993151
@bukka
Set AEAD tag or tag_len if supplied
e74368a
@bukka
Add php_openssl_cipher_update to group enc and dec logic
32495cb
@bukka
Implement AAD setting
da0c2a4
@bukka
Simplify AAD condition
c541742
@bukka
Retrieve tag in AEAD cipher mode encryption
fc3575a
@bukka
Fix EVP_EncryptFinal and EVP_DecryptFinal
213844d
@bukka
Add AES CCM ciphers when linked with OpenSSL 1.0.1
5e9540f 
These ciphers are not added by OpenSSL_add_all_algorithms in 1.0.1
@bukka
Add an initial openssl encrypt GCM test
a00d1ec
@bukka
Add more aes-128-gcm test vectors
8070e04
@bukka
Add an initial openssl decrypt GCM test
74f2998
@bukka
Test and fix encrypting empty IV for AEAD mode
52ffdf9
@bukka
Test invalid auth tag length in encryption
a866503
@bukka
Copy link
Member Author

bukka commented Jan 6, 2016

I plan to do a bit more testing later but works fine with 1.0.2 (will need to test older versions if disabling and skipping works fine)

@Minishlink
Copy link

Thanks ! 👍

@bukka bukka closed this Jun 19, 2016
@php-pulls php-pulls merged commit 26abb1b into php:master Jun 19, 2016
@nikic
Copy link
Member

nikic commented Jun 19, 2016

Please, don't merge PRs with convoluted history, squash the changes into one commit instead.

@bukka
Copy link
Member Author

bukka commented Jun 19, 2016

I prefer not to squash it. At least I don't see any requirement for that in https://wiki.php.net/vcs/gitworkflow. However I should have rebased I guess so sorry for that.

jrfnl added a commit to jrfnl/PHPCompatibility that referenced this pull request Oct 2, 2016
@jrfnl
PHP 7.1: add new OpenSSL parameters to the NewFunctionParameters sniff
2d482ae 
See:
* http://php.net/manual/en/migration71.new-features.php#migration71.new-features.support-for-aead-in-ext-openssl
* https://wiki.php.net/rfc/openssl_aead

At the time of opening this issue, the new parameters weren't documented yet in the PHP documentation of the affected functions.
* http://php.net/manual/en/function.openssl-encrypt.php
* http://php.net/manual/en/function.openssl-decrypt.php

PR based on the RFC and the merged PR php/php-src#1716.

Includes unit tests.
jrfnl added a commit to jrfnl/PHPCompatibility that referenced this pull request Oct 2, 2016
@jrfnl
PHP 7.1: add new OpenSSL parameters to the NewFunctionParameters sniff
63044e6 
See:
* http://php.net/manual/en/migration71.new-features.php#migration71.new-features.support-for-aead-in-ext-openssl
* https://wiki.php.net/rfc/openssl_aead

At the time of opening this issue, the new parameters weren't documented yet in the PHP documentation of the affected functions.
* http://php.net/manual/en/function.openssl-encrypt.php
* http://php.net/manual/en/function.openssl-decrypt.php

PR based on the RFC and the merged PR php/php-src#1716.

Includes unit tests.
@jrfnl jrfnl mentioned this pull request Oct 2, 2016
Merged
@H4R0
Copy link

H4R0 commented Oct 26, 2019

Any updates on ocb support ? Took me quiet some time to figure out why ocb is not working.

Because openssl_get_cipher_methods() returns "aes-256-ocb".

https://wiki.php.net/rfc/openssl_aead states "Future Scope: Adding support for ocb mode once the extension supports OpenSSL 1.1"

Seems to me like ocb is supported and has to be implemented into the php wrapper.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@bukka @Minishlink @nikic @H4R0 @php-pulls