Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:48307 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 75175 invoked from network); 18 May 2010 06:41:57 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 18 May 2010 06:41:57 -0000 Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass; domainkeys=bad Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.170 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 74.125.82.170 mail-wy0-f170.google.com Received: from [74.125.82.170] ([74.125.82.170:52921] helo=mail-wy0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 36/DD-05421-3B632FB4 for ; Tue, 18 May 2010 02:41:56 -0400 Received: by wya21 with SMTP id 21so258181wya.29 for ; Mon, 17 May 2010 23:41:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ZwgnimEj0fKSAT2D+y07+XPPLLijqfRQmBxOKZ2RD2Y=; b=h0MU6baqsnQGsx9DwIMbker+8AoCjkktvrFfH3jeXAdXbqChV/zu2kX6G+EgHuLkiB qnWU2WgK8zWCgTeuujncm/C08hZsvcfnF8zi78gZmF2cIGz9sUz9WaAsznezzor9E9rh OATraDMz2JySpiO9l2HxG1pMYMixm4+PY43Ww= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=mlvpAYCGP1ItGGY4JogE71f9XHoxgl/Icn8jQJqggVU/hgln6c10JbAX6b303fJTlT BoHbSSLLwVEEDgZKtzU6xZ+Odrpf15IalrETYwqhzQSbEK5qeOU0VpG0mnwhJUow7hje fDKnPVZu/kd6eMZxVyrwg2d5rgX7eBL8QXfUw= MIME-Version: 1.0 Received: by 10.216.87.65 with SMTP id x43mr3772398wee.208.1274164913020; Mon, 17 May 2010 23:41:53 -0700 (PDT) Received: by 10.216.177.146 with HTTP; Mon, 17 May 2010 23:41:52 -0700 (PDT) In-Reply-To: References: Date: Tue, 18 May 2010 08:41:52 +0200 Message-ID: To: Sara Golemon Cc: internals@lists.php.net Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] openssl_(en|de)crypt missing IV From: pierre.php@gmail.com (Pierre Joye) hi Sara, On Tue, May 18, 2010 at 3:53 AM, Sara Golemon wrote: > I was just looking through the implementation of openssl_encrypt() (and > openssl_decrypt()) today because I need to make some encrypted payloads, = but > the prototype didn't have anywhere to place an initialization vector. > > On opening ext/openssl/openssl.c, I noticed line 4620 which simply hardco= des > IV as a string of NULL bytes. > > This is a bad idea roughly equivalent to hashing passwords without salt; > Worse, it prevents interoperability at the application layer by preventin= g > the decryption of a data stream where the generator used an IV other than > all-null. > > Fixing this is a simple matter, but I wanted to bounce approaches for BC = (or > lack thereof) off everyone else since this version of openssl_encrypt() i= s > already "in the wild". > I think it's worth a BC break. =A0Comments? To break BC is a no go, even if your arguments are appealing (even in a major version). I would suggest a new function: openssl_encrypt_iv($data, $method, $key, $iv, $raw=3Dfalse); Which will use the same internal implementations internally but with a different entry point. please note that I moved iv to the 4th position as well. Cheers, --=20 Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org