Re: Stricter error handling in mcrypt extension

From:	Nikita Popov	Date:	Wed, 05 Mar 2014 12:36:38 +0000
Subject:	Re: Stricter error handling in mcrypt extension
References:	1	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

On Tue, Mar 4, 2014 at 9:32 PM, Andrey Andreev <[email protected]> wrote:

> Hey,
>
> Speaking of bugs in MCrypt and IVs ... in ECB mode it complains if you
> don't pass an IV, even though it is ignored afterwards.
>

You're probably referring to mcrypt_generic here, rather than
mcrypt_encrypt. I can bring that function in line with mcrypt_encrypt, i.e.
add the same error checks and make the IV only required if the mode
requires it.

However I'm not sure what kind of return value I should use with this
function. Currently it returns a long result, which is 0 on success and a
negative number on error. However mcrypt does not define error codes for
all possible error conditions, e.g. while it has a code for invalid key
sizes, it doesn't have a code for invalid IV sizes.

Personally I'd just switch it to true/false for success/error, as the
warnings already tell you what kind of error occurred. Would that be okay
with you, Derick?

Nikita


   

Thread (14 messages)

• Nikita PopovSun, 02 Mar 2014 00:12:58 +0000
  • Sherif RamadanSun, 02 Mar 2014 01:50:15 +0000
  • Yasuo OhgakiSun, 02 Mar 2014 02:15:27 +0000
  • Ferenc KovacsSun, 02 Mar 2014 09:42:12 +0000
  • Derick RethansSun, 02 Mar 2014 17:07:34 +0000
    • Pierre JoyeSun, 02 Mar 2014 17:46:53 +0000
      • Derick RethansSun, 02 Mar 2014 17:54:52 +0000
        • Pierre JoyeSun, 02 Mar 2014 20:08:53 +0000
• Andrey AndreevTue, 04 Mar 2014 20:32:13 +0000Re: Stricter error handling in mcrypt extension
  • Derick RethansWed, 05 Mar 2014 09:08:59 +0000
  • Nikita PopovWed, 05 Mar 2014 12:36:38 +0000
    • Derick RethansWed, 05 Mar 2014 12:56:07 +0000
      • Andrey AndreevWed, 05 Mar 2014 13:15:50 +0000
      • Nikita PopovWed, 05 Mar 2014 14:46:40 +0000