rfc:mcrypt-viking-funeral

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
rfc:mcrypt-viking-funeral [2016/03/16 17:27] sarciszewskirfc:mcrypt-viking-funeral [2016/07/10 18:23] – Add link to original patch by Scott cmb
Line 3: Line 3:
   * Date: 2016-01-09   * Date: 2016-01-09
   * Author: Scott Arciszewski, security@paragonie.com   * Author: Scott Arciszewski, security@paragonie.com
-  * Status: Voting+  * Status: Accepted
   * First Published at: http://wiki.php.net/rfc/mcrypt-viking-funeral   * First Published at: http://wiki.php.net/rfc/mcrypt-viking-funeral
  
Line 72: Line 72:
   * It's using MCRYPT_RAND for IV generation, which isn't a CSPRNG   * It's using MCRYPT_RAND for IV generation, which isn't a CSPRNG
   * fnEncrypt() will rtrim() null bytes off the encrypted value before base64 encoding it, which means a 1/256 chance of data corruption that prevents decryption   * fnEncrypt() will rtrim() null bytes off the encrypted value before base64 encoding it, which means a 1/256 chance of data corruption that prevents decryption
-  * fnDecrypt() will rtrim() null bytes off the decrypted plaintext, which means if your plaintext message was raw binary (e.g. gzip compressed), it's now irrecoverable+  * fnDecrypt() will rtrim() null bytes off the decrypted plaintext, which means if your plaintext message was raw binary (e.g. gzip compressed), it's now corrupted
   * There is no MAC, so you transmit this over a network, [[https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken|it's vulnerable to chosen-ciphertext attacks]]   * There is no MAC, so you transmit this over a network, [[https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken|it's vulnerable to chosen-ciphertext attacks]]
  
Line 124: Line 124:
 Since this would break backwards compatibility, a 2/3 majority is required. Since this would break backwards compatibility, a 2/3 majority is required.
  
-<doodle title="Deprecate then Remove Mcrypt from the PHP Core?" auth="sarciszewski" voteType="single" closed="false">+<doodle title="Deprecate then Remove Mcrypt from the PHP Core?" auth="sarciszewski" voteType="single" closed="true">
    * Yes    * Yes
    * No    * No
Line 133: Line 133:
 ===== Patches and Tests ===== ===== Patches and Tests =====
  
-If this RFC is accepted, I will author the patches to deprecate ext/mcrypt.+Patches are available:  
 +  * <https://github.com/php/php-src/pull/1995> 
 +  * <https://github.com/php/php-src/pull/1996>
  
 ===== References ===== ===== References =====
rfc/mcrypt-viking-funeral.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1

Page Tools