PR #5251 adds support for CMS (RFC5662)

  110127
May 11, 2020 09:59 lear@lear.ch (Eliot Lear)
--0nqjWNwn0enqsmeZh9DzK3q4L7C84XkeT
Content-Type: multipart/alternative;
 boundary="------------DF0C3A491EBE9371DB04283C"
Content-Language: en-US

This is a multi-part message in MIME format.
--------------DF0C3A491EBE9371DB04283C
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi everyone,

I am new to the PHP development process, so please forgive me if I have
this wrong.

In PR #5251[1] I=E2=80=99ve created OpenSSL CMS functions that are nearly=
 direct
analogues to the openssl PKCS#7 functions.=C2=A0 Cryptographic Message Sy=
ntax
is defined in RFC 5652[2], and is a follow-on to PKCS#7.=C2=A0 These
functions are useful to developers who are creating or verifying
PKI-based signatures (this is the case for me or anyone else who is
implementing or deploying RFC 8520[3]), and there are other IoT services
that are using CMS as well (not to mention certain modern mailing systems=
).

There are one or two changes- one can specify the encoding format as an
argument, for instance, and error out out the use of DETACHED with
S/MIME encoding, as nobody seems to know what that would mean.

I=E2=80=99ve been working with Jakub and others who have been very genero=
us with
their time on code reviews.=C2=A0 I would be grateful for any additional
feedback you would have, with an eye toward merging this PR.=C2=A0 The PR=
 is
already marked as RFC I have not yet formalized that.(*)

Best regards,

Eliot

(*) I tried adding an RFC page on the wiki, but sensibly, as I just
created the account, the system did not permit me to do so.

[1] https://github.com/php/php-src/pull/5251
[2] https://www.rfc-editor.org/rfc/rfc5652.html
[3] https://www.rfc-editor.org/rfc/rfc8520.html

--------------DF0C3A491EBE9371DB04283C
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable


  

    
  
  
    

Hi everyone,=

I= am new to the PHP development process, so please forgive me if I have this wrong.
<= br>
I= n PR #5251[1] I=E2=80=99ve created OpenSSL CMS functions that are= nearly direct analogues to the openssl PKCS#7 functions.=C2=A0 Cryptographic Message Syntax is defined in RFC 5652[2], and is a follow-on to PKCS#7.=C2=A0 These functions are useful to developers who are creating or verifying PKI-based signatures (this is the case for me or anyone else who is implementing or deploying RFC 8520[3]), and there are other IoT services that are using CMS as well (not to mention certain modern mailing systems).
<= br>
T= here are one or two changes- one can specify the encoding format as an argument, for instance, and error out out the use of DETACHED with S/MIME encoding, as nobody seems to know what that would mean.
<= br>
I= =E2=80=99ve been working with Jakub and others who have been very generous with their time on code reviews.=C2=A0 I would be grateful for = any additional feedback you would have, with an eye toward merging this PR.=C2=A0 The PR is already marked as RFC I have not yet formalized that.(*)
<= br>
B= est regards,
<= br>
E= liot
<= br>
(= *) I tried adding an RFC page on the wiki, but sensibly, as I just created the account, the system did not permit me to do so.
<= br>
[= 1] https://github.com/php/php-src/pull/5251">https://git= hub.com/php/php-src/pull/5251
[3] https://www.rfc-editor.org/rfc/rfc8520.html">https://ww= w.rfc-editor.org/rfc/rfc8520.html
--------------DF0C3A491EBE9371DB04283C-- --0nqjWNwn0enqsmeZh9DzK3q4L7C84XkeT--
  110130
May 11, 2020 10:45 cmbecker69@gmx.de ("Christoph M. Becker")
On 11.05.2020 at 11:59, Eliot Lear wrote:

> Hi everyone, > > I am new to the PHP development process, so please forgive me if I have > this wrong. > > In PR #5251[1] I’ve created OpenSSL CMS functions that are nearly direct > analogues to the openssl PKCS#7 functions.  Cryptographic Message Syntax > is defined in RFC 5652[2], and is a follow-on to PKCS#7.  These > functions are useful to developers who are creating or verifying > PKI-based signatures (this is the case for me or anyone else who is > implementing or deploying RFC 8520[3]), and there are other IoT services > that are using CMS as well (not to mention certain modern mailing systems). > > There are one or two changes- one can specify the encoding format as an > argument, for instance, and error out out the use of DETACHED with > S/MIME encoding, as nobody seems to know what that would mean. > > I’ve been working with Jakub and others who have been very generous with > their time on code reviews.  I would be grateful for any additional > feedback you would have, with an eye toward merging this PR.  The PR is > already marked as RFC I have not yet formalized that.(*) > > Best regards, > > Eliot > > (*) I tried adding an RFC page on the wiki, but sensibly, as I just > created the account, the system did not permit me to do so. > > [1] https://github.com/php/php-src/pull/5251 > [2] https://www.rfc-editor.org/rfc/rfc5652.html > [3] https://www.rfc-editor.org/rfc/rfc8520.html
Thanks for working on CMS support! I have granted you RFC karma. Best of luck with the RFC. :) -- Christoph M. Becker
  110147
May 12, 2020 15:10 george.banyard@gmail.com ("G. P. B.")
On Mon, 11 May 2020 at 12:45, Christoph M. Becker <cmbecker69@gmx.de> wrote:

> On 11.05.2020 at 11:59, Eliot Lear wrote: > > > Hi everyone, > > > > I am new to the PHP development process, so please forgive me if I have > > this wrong. > > > > In PR #5251[1] I’ve created OpenSSL CMS functions that are nearly direct > > analogues to the openssl PKCS#7 functions. Cryptographic Message Syntax > > is defined in RFC 5652[2], and is a follow-on to PKCS#7. These > > functions are useful to developers who are creating or verifying > > PKI-based signatures (this is the case for me or anyone else who is > > implementing or deploying RFC 8520[3]), and there are other IoT services > > that are using CMS as well (not to mention certain modern mailing > systems). > > > > There are one or two changes- one can specify the encoding format as an > > argument, for instance, and error out out the use of DETACHED with > > S/MIME encoding, as nobody seems to know what that would mean. > > > > I’ve been working with Jakub and others who have been very generous with > > their time on code reviews. I would be grateful for any additional > > feedback you would have, with an eye toward merging this PR. The PR is > > already marked as RFC I have not yet formalized that.(*) > > > > Best regards, > > > > Eliot > > > > (*) I tried adding an RFC page on the wiki, but sensibly, as I just > > created the account, the system did not permit me to do so. > > > > [1] https://github.com/php/php-src/pull/5251 > > [2] https://www.rfc-editor.org/rfc/rfc5652.html > > [3] https://www.rfc-editor.org/rfc/rfc8520.html > > Thanks for working on CMS support! > > I have granted you RFC karma. Best of luck with the RFC. :) > > -- > Christoph M. Becker > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > Does this really require an RFC?
This seems like just exposing some underlying functionality from OpenSSL to userland which I wouldn't have expected to need an RFC to be added. Best regards George P. Banyard
  110148
May 12, 2020 15:39 lear@lear.ch (Eliot Lear)
Hi!

On 12.05.20 17:10, G. P. B. wrote:
> Does this really require an RFC? > This seems like just exposing some underlying functionality from OpenSSL > to userland which I wouldn't have expected to need an RFC to be added.
Whether or not you wish to use the full process (voting and all) is not something I can comment on, but I will say that just writing out the RFC helped me realize that I could improve a few things in the code.  I also pretty much wrote out the documentation for the calling interface in the draft RFC.  I hope this will prove useful. Eliot