Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:87952 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 92914 invoked from network); 30 Aug 2015 20:07:29 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 30 Aug 2015 20:07:29 -0000 Authentication-Results: pb1.pair.com smtp.mail=jakub.php@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=jakub.php@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.223.178 as permitted sender) X-PHP-List-Original-Sender: jakub.php@gmail.com X-Host-Fingerprint: 209.85.223.178 mail-io0-f178.google.com Received: from [209.85.223.178] ([209.85.223.178:33711] helo=mail-io0-f178.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 94/12-17125-08263E55 for ; Sun, 30 Aug 2015 16:07:29 -0400 Received: by iods203 with SMTP id s203so139182749iod.0 for ; Sun, 30 Aug 2015 13:07:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=tXZ/NlUxP9KPK+fEYYURj0L8lJDB+x+9+tSiwaOXH4g=; b=dFDaz+yVD0bOdhc4/Vv2pDr6GFqXmgJoHBkWweVLCW7QXFuF1rWk/dNw5948iKN0Hw i3B55a+2TT33k2LBE/nO7EcUBTQ5lWvwF9lrwnhRH+045wQJJYn7V/YRjCtHR/SRP4Si 0ygaxOc4kUfxoUIbmNYgc6tRrX7jNDN1r/5BCquyS6JIOBai7y1Vy4fj1rn/CAprEJBo GQgcg1CxhasLi0fSkvO+mJ4Hejiu3VlTm2FawOPcPF7lR2aq/wvKE3D11TSrdebmGSef WlkKQEigc/RSo/t6ZCDOjBD8m97zoZeI2gfzWA5ZiAPeurWN254sZCnWslw7EPejgpjk 8gJw== MIME-Version: 1.0 X-Received: by 10.107.9.11 with SMTP id j11mr20692133ioi.191.1440961830404; Sun, 30 Aug 2015 12:10:30 -0700 (PDT) Sender: jakub.php@gmail.com Received: by 10.107.155.70 with HTTP; Sun, 30 Aug 2015 12:10:30 -0700 (PDT) Date: Sun, 30 Aug 2015 20:10:30 +0100 X-Google-Sender-Auth: gdt5M9aiqSDmrZIXkHIsDNtLEBw Message-ID: To: PHP internals list , Ferenc Kovacs , Anatol Belski , Pierre Joye Content-Type: multipart/alternative; boundary=001a113f905a0948e8051e8c1233 Subject: openssl_seal new param From: bukka@php.net (Jakub Zelenka) --001a113f905a0948e8051e8c1233 Content-Type: text/plain; charset=UTF-8 Hi, I have been looking to https://bugs.php.net/bug.php?id=60632 which is about failing (segfaulting) openssl_seal when used with cipher alg that requires IV (e.g. AES-128-CBC). I think that the patch looks reasonable from the quick look. The only question and the reason why I'm sending this here is if everyone (and mainly Ferenc ) is ok with adding new ref arg to openssl_seal that will return iv to 5.6? So the definition is: int openssl_seal ( string $data , string &$sealed_data , array &$env_keys , array $pub_key_ids [, string $method[, string &$iv ]] ) (the last iv is new). There would be also a new param for openssl_open that would allow to pass that IV for opening sealed data. Alternatively we could just disable IV ciphers in 5.6 to at least prevent the segfault and add it to 7 if Anatol and Kalle are ok with that or 7.1 if not :) ? There also is an another thing for TS Win build (probably question for Anatol and Pierre :) ). The thing is that EVP_SealInit uses internally RAND_bytes. IIRC there is some locking issue with openssl RAND on TS win ( the reason why openssl_random_pseudo_bytes uses Win random) so I was wondering if it should be disabled on win? The thing is that it is already a case for other functions. One example is generating key params in openssl_pkey_new: openssl_pkey_new(array( 'dh'=> array( 'p' => $bin_prime, 'g' => '2' ))); This will also call RAND_bytes when generating priv key. Could that be an issue on Win? Cheers Jakub --001a113f905a0948e8051e8c1233--