Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Constant-Time bin2hex() implementation #909

Closed
wants to merge 6,270 commits into from

Conversation

sarciszewski
Copy link
Contributor

Contant time bin2hex() implementation, taken from jedisct1/libsodium@814df1e

@laruence
Copy link
Member

hmm... did you ever try to make after your fix?

 hex[i * 2U] = (char) (87 + b + (((b - 10) >> 31) & -39));

where is hex's definition?

and since hexconvtab not used anymore, the definition of it should also be removed.

thanks

@sarciszewski
Copy link
Contributor Author

How does this look now? :)

@nikic
Copy link
Member

nikic commented Nov 22, 2014

Can you provide information as to how this performs compared to the previous implementation? I'm not fully convinced that PHP has need for a constant time bin2hex implementation.

@sarciszewski
Copy link
Contributor Author

I'm not fully convinced that PHP has need for a constant time bin2hex implementation.

Do PHP developers use bin2hex() (or base64_encode()) on cryptographic secrets for the purpose of storing in configuration files (.ini, .json, .yaml, or .conf.php)? If so, then PHP has a need for constant time implementations of these functions.

http://tonyarcieri.com/cream-the-scary-ssl-attack-youve-probably-never-heard-of
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

(Spoiler: Yes, we do use these features to encode cryptographic secrets. So I would argue that they are a good enhancement to include in PHP 7)

@smalyshev
Copy link
Contributor

I think this needs some discussion on internals. If we worry about such things just replacing random functions is not enough - you should be sure all functions that handle your secret are constant-time, including the engine primitives, etc. I'm not sure just having one function does anything. But maybe I'm missing something here.

@sarciszewski
Copy link
Contributor Author

If we worry about such things just replacing random functions is not enough - you should be sure all functions that handle your secret are constant-time, including the engine primitives, etc.

This is just a start. I'd love to discuss it with "internals", but my only exposure to PHP's core dev is through github.

@laruence
Copy link
Member

@sarciszewski you can drop a mail to internals at lists.php.net :)

@nikic
Copy link
Member

nikic commented Nov 29, 2014

@sarciszewski
Copy link
Contributor Author

Ah, thank you.

dstogov and others added 26 commits January 28, 2015 06:56
…test

* 'typed_returns' of github.com:morrisonlevi/php-src:
  Implement return types
* 'master' of https://git.php.net/push/php-src:
  Fixed #68868 (Segfault in clean_non_persistent_constants() in SugarCRM 6.5.20)
Conflicts:
	ext/phar/phar_object.c
* PHP-5.6:
  Fixed Bug #68941 mod_files.sh is a bash-script
* pull-request/1016:
Implement RFC: Introduce session_start() options
* PHP-5.6:
  Use bash rather than sh
@sarciszewski
Copy link
Contributor Author

Ugh, this got messy. Time to start over.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet