phpstan-src icon indicating copy to clipboard operation
phpstan-src copied to clipboard

Published 20 hours ago verified publisher icon phpstan

Add more precise return types for the openssl cipher functions

Open stof opened this issue 5 months ago • 2 comments

Those functions return false (and trigger a warning) only when the argument is an unknown algorithm, which is not something worth checking when using them with a known algorithm.

I'm providing this improvement only on PHP 8+, because PHP 7 can have other kind of warnings (that have been upgraded to ValueError in PHP 8)

Replaces https://github.com/phpstan/phpstan-src/pull/3582

stof avatar Jun 04 '25 11:06 stof

Needs cs fix

staabm avatar Jun 04 '25 18:06 staabm

@staabm done

stof avatar Jun 05 '25 08:06 stof

Thank you.

ondrejmirtes avatar Sep 12 '25 11:09 ondrejmirtes

@ondrejmirtes I discovered that in PHP <8.5, the openssl_get_cipher_methods function uses a different source of truth than the resolution of cipher algorithms in other functions, which means that some algorithms returned in this function are actually not supported in openssl_cipher_iv_length. See https://github.com/php/php-src/issues/19994

Maybe this return type extension should be restricted to run only on PHP 8.5+ instead of PHP 8.0+. Or maybe it should perform actual filtering by attempting to read the iv length for PHP 8.0 to 8.4.

stof avatar Oct 15 '25 08:10 stof

Please open an issue, this comment would get lost.

ondrejmirtes avatar Oct 15 '25 08:10 ondrejmirtes