Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:124588
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by qa.php.net (Postfix) with ESMTPS id 63EDA1A00B7
	for <internals@lists.php.net>; Thu, 25 Jul 2024 15:33:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1721921694; bh=j7iBrn6zkgsM52f7DNKUrg0qR5Se3So5bMvRomBtczM=;
	h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
	b=HRrrMQXzCZK/QPgMUR1ZIAQGPQ182HNuB05qonqKkHqAAxrE+8ML2K4TtMNY4Rg51
	 F0OkmOgkRfdWDwI46fMIBFMecu/QO9gvoxkcEfYCagQcMrn5g07HmlxkArsmnuajjA
	 q9dG9mm8xpmEirsQRirUqO7Rh+yL1U4oyzBNMHm/RdIetDNjWLnI501aVr7lSx2Uxw
	 kKUFbt+JGo44DnIwhXqMT8twJxf4Wa5BOgKadvUG9oJ+6GSXD+P7WHwpKJ1JhsbggG
	 OZv8m1lq2WPvw29sW8vzKIZosvTyuNOws1k/ACRrbBc1T7eW5JzbUudHFh488rLzlr
	 jvjCaESc35djA==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 9358D18006E
	for <internals@lists.php.net>; Thu, 25 Jul 2024 15:34:54 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=0.6 required=5.0 tests=BAYES_50,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=4.0.0
X-Spam-Virus: No
X-Envelope-From: <tim@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu, 25 Jul 2024 15:34:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1721921598;
	bh=YfPGq9iLM6QdrSMD/nvEAdU7w2z3pfuGekYZdzozgPM=;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:
	 In-Reply-To:Content-Type:from:to:cc:subject:message-id;
	b=LCeiMXOFdbdHTMWBbzM9liGft2D0L9ooS8roallTq1n1kpv0/loKMhZcMowEs8EUM
	 hQxCCA8Y9mzA0gNlDSterrqsLzXmqT9cGjdKUrwfJD/zdGQMEENd73OIfCYsv51aBq
	 tGsAgeztPWW+P+HHZZeuOXV1qx+NZtKoyKK7cw2zaji1dBa5SfkXlJSmZQqM+uA3Og
	 xkzVy6CSZ75Hjiz3CDpbuYEn7EKH/XeJxrqwLCgoEVFXdtuElAk1U2oTZVGVqdoRgL
	 2n/vtSeUjgDcvXZ1vYI2rzTIrmWR1hAevqjysin58nRFJZY0tQt/hm8AN6T4JXwWtR
	 XuWp4BBviK5wA==
Message-ID: <95147d9d-d6e8-4396-bf0b-409c33679f90@bastelstu.be>
Date: Thu, 25 Jul 2024 17:33:16 +0200
Precedence: bulk
list-help: <mailto:internals+help@lists.php.net
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: internals.lists.php.net
x-ms-reactions: disallow
MIME-Version: 1.0
Subject: Re: [PHP-DEV] [RFC] [VOTE] Deprecations for PHP 8.4
To: Peter Stalman <sarkedev@gmail.com>, Derick Rethans <derick@php.net>
Cc: PHP internals <internals@lists.php.net>
References: <USzt7tZZlO1DmAbSTLhD-bqa23FqZn0zk2aah8Ndxgk9c7RY5PefQ8MjbYPUYAzr2_m4Cf-5AI4PuNBTS84rim_FNS6RaT-cWSv714HEvvU=@gpb.moe>
 <1a88918e-e808-d778-45e1-53797660e093@php.net>
 <CAPrKfG5Cw_nU7g7FR+t4C1-YZ8CDsDO_-sRs=yEsHO5kCTZL+A@mail.gmail.com>
Content-Language: en-US
In-Reply-To: <CAPrKfG5Cw_nU7g7FR+t4C1-YZ8CDsDO_-sRs=yEsHO5kCTZL+A@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=C3=BCsterhus?=)

Hi

On 7/24/24 05:58, Peter Stalman wrote:
> is already quite specific. We're talking about end users who are rolling
> their own security implementations and are unaware of the security risks
> but somehow know how to use these functions without reading the
> documentation and warnings.

No, we are talking about end users who are following tutorials that were 
written when PHP 4 was the most recent PHP version.

We are also talking about end users who look at existing code bases for 
"inspiration", see md5() used, notice that the output looks random and 
use it, believing they know what they are doing, but in that process use 
it in a way that is insecure.

As an example, using md5_file() to implement a cache buster is fine, but 
a less-experienced developer may believe that md5_file() uniquely 
identifies the file contents and use it in a way where strong 
collision-resistance against an adversary is required.

> On the other hand, who will be impacted by these deprecations? Potentially
> everyone, as these are included in many projects and in many vendor
> packages.  It's busy work for the people who aren't affected.  Sure,
> eventually, it will all be sorted out as CI warnings slowly subside because
> of this.

I'm positive that even existing projects written by experienced 
developers would benefit from re-checking if their use of MD5 and SHA-1 
is actually safe instead of assuming that this is the case, when the 
specific functionality has been untouched for the last 10 years.

Looking back at my own code, I'm seeing places where using SHA-1 is not 
strictly insecure, but where a stronger hash function nevertheless would 
have been more appropriate, if only to simplify code audits. I just used 
sha1(), because it was temptingly convenient compared to hash('sha256', …).

Best regards
Tim Düsterhus