This is an old revision of the document!

PHP RFC: Your Title Here

Version: 0.1
Date: 2016-01-02
Author: Jakub Zelenka, bukka@php.net
Status: Draft

Introduction

The PHP OpenSSL extension has functions for data encryption (openssl_encrypt) and decryption (openssl_decrypt). These function works fine for all cipher algorithms (cipher + mode) except ciphers with AEAD (Authenticated Encrypt with Associated Data). These modes requires special handling in OpenSSL and a need for supplying or retrieving the authenticated tag and optionally AAD (associated application data)

Proposal

This RFC proposes adding extra parameters to openssl_encrypt and openssl_decrypt for accessing authenticated tag and data.

Backward Incompatible Changes

none

Proposed PHP Version(s)

PHP 7.1

RFC Impact

To SAPIs

none

To Existing Extensions

none

To Opcache

none

New Constants

none

Open Issues

Default tag length and parameters order.

Unaffected PHP Functionality

The current encryption and decryption is unaffected. The new parameters are optional.

Future Scope

Adding support for OCB mode once the extension supports OpenSSL 1.1

Proposed Voting Choices

50%+1 majority

Patches and Tests

https://github.com/php/php-src/compare/master...bukka:openssl_aead

Implementation

After the project is implemented, this section should contain

the version(s) it was merged to
a link to the git commit(s)
a link to the PHP manual entry for the feature

References

Links to external references, discussions or RFCs

Rejected Features

Keep this updated with features that were discussed on the mail lists.

PHP RFC: Your Title Here

Introduction

Proposal

Backward Incompatible Changes

Proposed PHP Version(s)

RFC Impact

To SAPIs

To Existing Extensions

To Opcache

New Constants

Open Issues

Unaffected PHP Functionality

Future Scope

Proposed Voting Choices

Patches and Tests

Implementation

References

Rejected Features

Page Tools

Table of Contents