This is an old revision of the document!
PHP RFC: Your Title Here
- Version: 0.1
- Date: 2016-01-02
- Author: Jakub Zelenka, bukka@php.net
- Status: Draft
Introduction
The PHP OpenSSL extension has functions for data encryption (openssl_encrypt) and decryption (openssl_decrypt). These function works fine for all cipher algorithms (cipher + mode) except ciphers with AEAD (Authenticated Encrypt with Associated Data). These modes requires special handling in OpenSSL and a need for supplying or retrieving the authenticated tag and optionally AAD (associated application data)
Proposal
This RFC proposes adding extra parameters to openssl_encrypt and openssl_decrypt for accessing authenticated tag and data.
Backward Incompatible Changes
none
Proposed PHP Version(s)
PHP 7.1
RFC Impact
To SAPIs
none
To Existing Extensions
none
To Opcache
none
New Constants
none
Open Issues
Default tag length and parameters order.
Unaffected PHP Functionality
The current encryption and decryption is unaffected. The new parameters are optional.
Future Scope
Adding support for OCB mode once the extension supports OpenSSL 1.1
Proposed Voting Choices
50%+1 majority
Patches and Tests
Implementation
After the project is implemented, this section should contain
- the version(s) it was merged to
- a link to the git commit(s)
- a link to the PHP manual entry for the feature
References
Links to external references, discussions or RFCs
Rejected Features
Keep this updated with features that were discussed on the mail lists.