Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:107295 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 78702 invoked from network); 23 Sep 2019 15:23:31 -0000 Received: from unknown (HELO php-smtp3.php.net) (208.43.231.12) by pb1.pair.com with SMTP; 23 Sep 2019 15:23:31 -0000 Received: from php-smtp3.php.net (localhost [127.0.0.1]) by php-smtp3.php.net (Postfix) with ESMTP id B2DFB2C0B0C for ; Mon, 23 Sep 2019 06:02:09 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp3.php.net X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: X-Spam-Virus: No Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by php-smtp3.php.net (Postfix) with ESMTPS for ; Mon, 23 Sep 2019 06:02:09 -0700 (PDT) Received: by mail-lj1-x22c.google.com with SMTP id y3so12205605ljj.6 for ; Mon, 23 Sep 2019 06:02:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZEvAQpNAfSn0M96tK4QUEW83Q7YCfVUAPtpm2/TrDP8=; b=pUUKdW5G92Fw8gWHWYnCVuj3xrY/XWj3wEjA1Tjq3C2foxH9jqCuIiMQb6/dPFm468 2FgA2vXCQKmpZMQJ1EgdC9jepgmAYSazMvS+8iRS50HcwxRREj8fU/2Kz85SmUNEVN3L xokjwD76x3OQNUI6Wc1wn35wpY2j83VnNKvg6CQb1XK4wb6v2dYdOkGhR08qe/pBv4jA gYxFUxnQA3cfYpS5u9BQt8oUaBVp9oKRamZm/07IJiCul4qIPT/uvwN+Z7iwAMufk+c0 AozaxKLwMKx5YYQBPJoAX+qVS+SLgpsggV8f+1/imzPNMcICEy63H9w6Qv6bKFv3lzEW Ge6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZEvAQpNAfSn0M96tK4QUEW83Q7YCfVUAPtpm2/TrDP8=; b=AtaghYudipZCh6XT6NHxuTT0jxH18lyxGvVtqsXdqUVxWxLNQ+wKS7lYPM7zaCuGOD OWuhDwRf4X/3VLjl77+k1zC/u2JPs4O0ZwaORthzDDNbXVvHkkfRxSf95vdxM75KtxUy dTyv6ChtvzulxFi5Zdlm3L9C1SxcGXamvdivdcZvdk19UgmRRzyMnr/mI8tG/T7i3C4f ie50sGnA4SKmMO8skYMz8qK9qMSdneZLN+LHOCSklbHrP7qiq2c0v+dZaeLWQWyRmSna Dhj4BcpXECko1APcA8r+sx02FAhXJ+RW3UI3RIV7Iv6ub1SzmUV4V7tmYipWixLNzVs8 RKaw== X-Gm-Message-State: APjAAAUdSSejcev1v5yHR5cpDHXl98i2Zlt6MjmJb4b9/z+WhxGLKK2Y omOr0dBTsiyXIYrqrUpYFKVP7So7lDklnfyfpxA= X-Google-Smtp-Source: APXvYqwTPDzwg6d3X8IEFi+uMFWbwxetjqPUkkSBAQyzI/w38TN2ekifK+GZuu7ZmeyAoH9LZbTOTw/v9QsOj5YGLMw= X-Received: by 2002:a2e:9d50:: with SMTP id y16mr14800953ljj.70.1569243727805; Mon, 23 Sep 2019 06:02:07 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: Date: Mon, 23 Sep 2019 15:01:51 +0200 Message-ID: To: Christian Schneider Cc: PHP internals Content-Type: multipart/alternative; boundary="000000000000f641030593380614" X-Envelope-From: Subject: Re: [PHP-DEV] PHP 7.4 BC break with openssl_random_pseudo_bytes() From: nikita.ppv@gmail.com (Nikita Popov) --000000000000f641030593380614 Content-Type: text/plain; charset="UTF-8" On Mon, Sep 23, 2019 at 2:52 PM Christian Schneider wrote: > Hi, > I just noted (too late in the process, I know) that > openssl_random_pseudo_bytes(0) now throws an exception. > > This breaks code like > $ivsize = openssl_cipher_iv_length($method); > $iv = openssl_random_pseudo_bytes($ivsize); > $data = openssl_encrypt($string, $method, $key, OPENSSL_RAW_DATA, > $iv); > if $method is 'aes-256-ecb' because $ivsize is 0. > > I do realize that ECB mode ciphers are deprecated but having them throw an > exception indirectly via openssl_random_pseudo_bytes() seems a bit strange, > even in the context of security. > > I checked the RFC > https://wiki.php.net/rfc/improve-openssl-random-pseudo-bytes and it > doesn't mention this BC break: > "False-checks on the return value of openssl_random_pseudo_bytes() will do > nothing since the function fails closed. Usage of $crypto_strongwill > generate errors." > > While I would have preferred the exception to be thrown only when $ivsize > is not an integer or less than 0 but I guess this cannot be changed at the > RC stage. > > I would recommend though that we aim to keep BC breaks to what's mentioned > in RFCs. > This was noted during the PR review in: https://github.com/php/php-src/pull/3649#discussion_r230598754 Especially in conjunction with your example, I think we should revert this part an make openssl_random_pseudo_bytes(0) return "" without exception or warning. Ideally we'd adjust random_bytes() to do the same. Nikita --000000000000f641030593380614--