Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:110213
Return-Path: <george.banyard@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 46489 invoked from network); 19 May 2020 11:51:25 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 19 May 2020 11:51:25 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 6C8B41804C2
	for <internals@lists.php.net>; Tue, 19 May 2020 03:29:47 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS
	autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <george.banyard@gmail.com>
Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com [209.85.218.47])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Tue, 19 May 2020 03:29:46 -0700 (PDT)
Received: by mail-ej1-f47.google.com with SMTP id z5so11324503ejb.3
        for <internals@lists.php.net>; Tue, 19 May 2020 03:29:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=1OGGpehR6BJ09LGfeENCx0EfSvTtqJxuLVri1eBKdHY=;
        b=Ry+dHBNxGIEy7YS/TkZm3upgaSHP7y7AZk5cD8ACl8ilGKufcllN9nfP86EBBp/cLk
         /OW9ajfOYievlO8/91Oe3RadIhLsPh9DDNKcDrzlmc2Ky/E5b3oPkTwCeVPR3oxrsZUT
         ZpglhtIqkeFj8aZlgmJWfHogkdsUgyIrfrS9fKJ3pQAy2B2Sw2RccqsxOEGYRXfM+TS1
         mMkfJ4lwXO64ijKgWhxPR6Ae9qQFUzodmqipepyKT782+4y+ERgbl/2A/yrUvOB1F22Z
         B25fT83NU9lFIbMsRFKjb0NHI9v69MTsq0vPc0sxpXinlNH94hEHwtoPCqMwOJ8ezl7z
         +3nQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=1OGGpehR6BJ09LGfeENCx0EfSvTtqJxuLVri1eBKdHY=;
        b=TFAj758VTHkHG2BCHwZ07IYbIm5aZhgz1gtVDOxpAvwwjPSF+wXxKuafVm1mH14Y3Q
         kBMl7YGcv/xkMIZzyI4frOUvjUIoNJks4cWvTm1XlXFz7KW9ewVq8HqGgs5XmRecFl5D
         PuzYPxkgfDLIuT54aYcOQUD/f7Y4vIA2HWUNuhM74yw+ApL1ZHRYi50q8/to0SD6kYM3
         GUMk1nj6YSGol+MfNECsKAeO8ISrqe/eIHBD6EYnDavlJmRPhm5NkwxKRH2Kd7I0+MxN
         PZNmowwC2ORt7B5MAG9boBS8Ri+9MrSiX0v4ewa4yXyDh2K5O0V+457WWTL/1RS+45aO
         lD1Q==
X-Gm-Message-State: AOAM5321MNVxUvcwC68MCn8HdY5vZJq2MQleVBlHM8iiDa9z0CLBEefb
	7WFOfrnSs15+EHBeE5NRvNfmtiHaFq+/HqnLgug=
X-Google-Smtp-Source: ABdhPJzxAfVlWQ9DgoNY36Q0aOPILWWUAcYic5d84iNShEVewL0v67J15TueXEGtXWJQUTlKoLYn7cRUapJenc0iWTE=
X-Received: by 2002:a17:906:f885:: with SMTP id lg5mr6427423ejb.327.1589884185731;
 Tue, 19 May 2020 03:29:45 -0700 (PDT)
MIME-Version: 1.0
References: <95831d80-baa0-a57c-e83a-bc34ae62ecf5@lear.ch> <c1b1242e-fdd8-adce-f204-7f5096b5c561@lear.ch>
 <CA+kxMuRfnj+QSUi=qhEc8GfS1BUizRkQh8wUjf-AQfFytUcwBQ@mail.gmail.com> <688cc886-394d-b245-d001-c5aefa332882@lear.ch>
In-Reply-To: <688cc886-394d-b245-d001-c5aefa332882@lear.ch>
Date: Tue, 19 May 2020 12:29:34 +0200
Message-ID: <CAFPFaMKtt1c5KjC=sJ5wE_-hDEysobSAocz3zr_3HunRvu0kvA@mail.gmail.com>
To: Eliot Lear <lear@lear.ch>
Cc: Dan Ackroyd <Danack@basereality.com>, PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="0000000000001fe92805a5fdc26d"
Subject: Re: [PHP-DEV] [RFC] Add CMS Support
From: george.banyard@gmail.com ("G. P. B.")

--0000000000001fe92805a5fdc26d
Content-Type: text/plain; charset="UTF-8"

On Tue, 19 May 2020 at 11:44, Eliot Lear <lear@lear.ch> wrote:

> Dan, thanks.  Please see below.
>
> On 18.05.20 13:49, Dan Ackroyd wrote:
> >> Returns TRUE on success and FALSE on failure.
> > Have you considered using an exception for failures?
> >
> > First, having a cryptographic function fail is bad enough that it
> > needs to break control flow, aka it would be easy to forget to check
> > for false. If the $outfile already existed before the call, and the
> > error condition wasn't checked, that could lead to Bad things.
> >
> > Second, I imagine there are multiple possible reasons why a crypto
> > function could fail. If the error is just 'false', then there would be
> > no way of figuring out what the problem is. More details could be
> > provided in the message of an exception ("can't open file for
> > writing", "signkey wrong format" etc) which would avoid a significant
> > amount of frustration.
>
> On your second point, the designers of OpenSSL and the earlier work on
> the PHP interface agree with you, as do I.  That is why there is indeed
> an interface to return multiple errors that is already defined
> (openssl_error_string) that can be called repeatedly.  This is similar
> to other OpenSSL interfaces.
>
> On your first point, I might academically want to explore it, but then
> we should do so for the entire openssl interface.
>
> Eliot
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>

I did start some work in this direction in:
https://github.com/php/php-src/pull/5111
But I'm not super familiar with OpenSSL myself, any review/help would be
appreciated (I do need to rebase it).

Best regards

George P. Banyard

--0000000000001fe92805a5fdc26d--