archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-18 15:08:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
122692 commits 526 branches 1434 tags 877 MiB
Commit graph

8 commits

Author SHA1 Message Date
Nikita Popov
2540f68d0e Merge branch 'PHP-7.4' into PHP-8.0 
* PHP-7.4:
  Allow passing $tag for non-authenticated encryption
 2020-10-14 10:56:51 +02:00
Nikita Popov
6c6a58e930 Allow passing $tag for non-authenticated encryption 
openssl_encrypt() currently throws a warning if the $tag out
parameter is passed for a non-authenticated cipher. This violates
the principle that a function should behave the same if a parameter
is not passed, and if the default value is passed for the parameter.

I believe this warning should simply be dropped and the $tag be
populated with null, as is already the case. Otherwise, it is not
possible to use openssl_encrypt() in generic wrapper APIs, that are
compatible with both authenticated and non-authenticated encryption.

Closes GH-6333.
 2020-10-14 10:54:06 +02:00
Máté Kocsis
e8e4ddce77
Improve parameter handling in ext/openssl 
Closes GH-6025
 2020-09-12 22:08:41 +02:00
Nikita Popov
852485d8ec Adjust tests for zpp TypeError change 2019-03-11 11:32:20 +01:00
Gabriel Caruso
2d48d734a2 Fix some misspellings 2018-02-06 16:59:00 +01:00
Jakub Zelenka
0c707fcb10 Add OPENSSL_DONT_ZERO_PAD_KEY constant to prevent key padding 
It fixes bug #71917 (openssl_open() returns junk on envelope < 16 bytes)
and bug #72362 (OpenSSL Blowfish encryption is incorrect for short
keys).
 2017-06-25 18:08:50 +01:00
Jakub Zelenka
e453af3851 Warn about passing tag for non AEAD modes 2016-01-09 17:25:53 +00:00
Henrique do Nascimento Angelo
158239004e New tests 2008-07-18 23:52:01 +00:00