Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:48327
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 32274 invoked from network); 18 May 2010 21:27:03 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 18 May 2010 21:27:03 -0000
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass; domainkeys=bad
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.170 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 74.125.82.170 mail-wy0-f170.google.com  
Received: from [74.125.82.170] ([74.125.82.170:55288] helo=mail-wy0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 89/D0-27340-62603FB4 for <internals@lists.php.net>; Tue, 18 May 2010 17:27:03 -0400
Received: by wyb40 with SMTP id 40so126417wyb.29
        for <internals@lists.php.net>; Tue, 18 May 2010 14:26:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:received:in-reply-to
         :references:date:message-id:subject:from:to:cc:content-type
         :content-transfer-encoding;
        bh=YMYBXeir49DiRhgd6rod/yvZSCKRimHiE/LageVZBKY=;
        b=w1XKu+YumcNUEJLx7dk4zgAOX0JwKNoNmr5W4zLc/TD+9sMaK8tQaJCRYwCA17pFSm
         Be/+jvmkNSrSo5c7kRRC3GkEZyjMU94p/mnNn4jjBqbvud0Pq6KM90Gm8b21+uur/8gM
         7D23l6bFlXFSXqHvFRmmWfMWgMUCMYu8s3l4E=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        b=OR4FvJ1/U5aqw+apxftnTWsmsrM1KH25wzyxOWKv+X7H8jNHKHwDt0jxAnxno50K+0
         hZf0enyawMNbfah3PLZLHUfp54qwoZLIFvCouMMUo+slx1fxBTPhYTjlALb4ziy/1Tgs
         aLjdE+wvHsov10/RqeL39nycGR3BuQKm20FAE=
MIME-Version: 1.0
Received: by 10.216.187.194 with SMTP id y44mr4526046wem.28.1274218018906; 
	Tue, 18 May 2010 14:26:58 -0700 (PDT)
Received: by 10.216.177.146 with HTTP; Tue, 18 May 2010 14:26:58 -0700 (PDT)
In-Reply-To: <A8.40.27340.20403FB4@pb1.pair.com>
References: <D0.2B.05421.113F1FB4@pb1.pair.com>
	 <AANLkTilSOPh0yWZ6dcXCK-v7fcQDeRUcV85M6aOeD4in@mail.gmail.com>
	 <A8.40.27340.20403FB4@pb1.pair.com>
Date: Tue, 18 May 2010 23:26:58 +0200
Message-ID: <AANLkTildJlXp3Re94TdFNhB7yoWo2YhYD_F4ENm8KR-o@mail.gmail.com>
To: Sara Golemon <pollita@php.net>
Cc: internals@lists.php.net
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] openssl_(en|de)crypt missing IV
From: pierre.php@gmail.com (Pierre Joye)

On Tue, May 18, 2010 at 11:17 PM, Sara Golemon <pollita@php.net> wrote:
>>> Fixing this is a simple matter, but I wanted to bounce approaches for B=
C
>>> (or
>>> lack thereof) off everyone else since this version of openssl_encrypt()
>>> is
>>> already "in the wild".
>>
>>> I think it's worth a BC break. =A0Comments?
>>
>> To break BC is a no go, even if your arguments are appealing (even in
>> a major version).
>>
>
> I disagree about it's no-go-ness, given the fact that these functions are=
n't
> particularly usable as-is, but it's also not worth a fight.
>
> Given the comments made on list my intentions are as follows:
>
> 1) Add $iv as a fifth, optional parameter to openssl_(en|de)crypt()
> 2) Throw a warning if openssl_encrypt() is used without an IV
> 3) Add openssl_cipher_get_iv_length($cipher)
>
> I intend to make these changes on both trunk and PHP_5_3 because, IMO, th=
is
> is a bug, not merely a missing feature.
>
> The only BC break is the warning raised when using openssl_encrypt() with=
out
> an IV. =A0Given the extremely bad practice using a NULL IV represents, I =
think
> this is a reasonable course of action.

It changes the signature making the fifth argument a complete
different thing. I strongly disagree with this strategy, even if I can
understand your reasoning. We can't begin to "fix" things by changing
existing API signatures, that's going to end badly.

To define a new and clean API is not only BC but may also allow
obvious naming. And last but not least, it can then be merged in 5.3
without worrying about any possible impact.

Cheers,
--=20
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org