Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72896 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 18540 invoked from network); 2 Mar 2014 09:42:16 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Mar 2014 09:42:16 -0000 Authentication-Results: pb1.pair.com header.from=tyra3l@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=tyra3l@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.52 as permitted sender) X-PHP-List-Original-Sender: tyra3l@gmail.com X-Host-Fingerprint: 209.85.216.52 mail-qa0-f52.google.com Received: from [209.85.216.52] ([209.85.216.52:51672] helo=mail-qa0-f52.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id BD/40-13869-7FCF2135 for ; Sun, 02 Mar 2014 04:42:16 -0500 Received: by mail-qa0-f52.google.com with SMTP id m5so2440636qaj.11 for ; Sun, 02 Mar 2014 01:42:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=AG3xx+GmQay82wPq8q+gc2v1KnYopMFhKIKgYcRpa7w=; b=LpJpW1GWhuD2sSz4qIsoMYoCWdXRY1SqazbBDSZ9Z1KryPNKP8I0XxjBxHbwtnUEEg X+bg7B/dE4EjQm23/++RPDrJGZgNzPsHyX00xR2vpxaaBlglfZ04Ss/JZ+CeBDoig0Lj zSPyXYGkyGWWV9JGEO82HkB6ETmIXrZp3+igxZfJOytp/GnaJjJX18i3MYb1p8E1lfeW PxgnZCEuzHrUxgDC8W+bvXWqXbAQeCiKRt4pt2976XzuNcRSvWa6bQN9kS8FspsMBK+F 7kc40fHdB30CAPkWPjhSKNmk1xUIJJECCVNV5WJj+8VPd7kdsWcSDHYE5WIVsFe8Rymb FNpg== MIME-Version: 1.0 X-Received: by 10.224.122.20 with SMTP id j20mr15747282qar.79.1393753333066; Sun, 02 Mar 2014 01:42:13 -0800 (PST) Received: by 10.140.92.41 with HTTP; Sun, 2 Mar 2014 01:42:12 -0800 (PST) Received: by 10.140.92.41 with HTTP; Sun, 2 Mar 2014 01:42:12 -0800 (PST) In-Reply-To: References: Date: Sun, 2 Mar 2014 10:42:12 +0100 Message-ID: To: Nikita Popov Cc: PHP internals Content-Type: multipart/alternative; boundary=089e0149c186526e6e04f39c7cf4 Subject: Re: [PHP-DEV] Stricter error handling in mcrypt extension From: tyra3l@gmail.com (Ferenc Kovacs) --089e0149c186526e6e04f39c7cf4 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable 2014.03.02. 1:13, "Nikita Popov" ezt =C3=ADrta: > > Hi internals! > > I would like to add a number of additional error checks in > php_mcrypt_do_crypt - which affects the mcrypt_encrypt, mcrypt_decrypt an= d > mcrypt_{BLOCK_CHAINING_MODE} userland functions. > > The proposed changes are: > * Throw a warning and return bool(false) if the IV size is invalid. The > old behavior was to throw a warning and use a NUL-byte IV. > * Throw a warning and return bool(false) if no IV was specified, but the > block chaining mode requires an IV. The old behavior was to throw a warning > and use a NUL-byte IV. > * Throw a warning and return bool(false) if the key size is invalid. The > old behavior was to **silently** pad the string to the next valid key siz= e > with NUL bytes or, if the key is too long, to throw a warning and truncat= e > it to the maximum valid key size. > > An implementation of these changes can be found in the PR > https://github.com/php/php-src/pull/610. > > The reason why I'd like to make the mcrypt input handling stricter is to > ensure that incorrectly implemented encryption will fail and fail > violently. With the current lax input checking it is very easy to > completely compromise confidentiality through simple mistakes - like usin= g > a password as the encryption key. > > Thanks, > Nikita > > PS: I'm running this change by the list because stricter error handling i= s > technically a BC break. Of course this change is targeting PHP 5.6 only. Hi Nikita, While I think that the overwhelming majority of the voters would support this change, so an rfc could seem as an overkill, but I still think that it is better to require an rfc for every BC break. Which unfortunately would mean that this can't target 5.6.0. :( --089e0149c186526e6e04f39c7cf4--