won't return data when no IV was specified under RC4.
| Bug #70625 | mcrypt_encrypt() : won't return data when no IV was specified under RC4. | ||||
|---|---|---|---|---|---|
| Submitted: | 2015-10-02 19:14 UTC | Modified: | 2015-10-02 20:29 UTC | ||
| From: | jparedes at gmail dot com | Assigned: | |||
| Status: | Closed | Package: | mcrypt related | ||
| PHP Version: | 5.6 | OS: | Linux | ||
| Private report: | No | CVE-ID: | None | ||
[2015-10-02 19:14 UTC] jparedes at gmail dot com
Description: ------------ Ommiting $iv in mcrypt_encrypt() under MCRYPT_ARCFOUR cipher returns false. But when "null" parameter is specified it work as expected. Test script: --------------- <?php //This works php<7.0 only $enc_value = mcrypt_encrypt(MCRYPT_ARCFOUR,'secretkey','payload',MCRYPT_MODE_STREAM); var_dump($enc_value); //This work tested under 7.0RC4 $enc_value = mcrypt_encrypt(MCRYPT_ARCFOUR,'secretkey','payload',MCRYPT_MODE_STREAM,null); var_dump($enc_value); Expected result: ---------------- The result of $enc_value should be the result of the encryption. Actual result: -------------- Function returns false.
Patches
Pull Requests
History
AllCommentsChangesGit/SVN commits
[2015-10-02 20:12 UTC] nikic@php.net
-PHP Version: 7.0.0RC4 +PHP Version: 5.6
[2015-10-02 20:12 UTC] nikic@php.net
[2015-10-02 20:13 UTC] jparedes at gmail dot com
-PHP Version: 5.6 +PHP Version: 7.0.0RC4
[2015-10-02 20:17 UTC] jparedes at gmail dot com
-PHP Version: 7.0.0RC4 +PHP Version: 5.6
[2015-10-02 20:17 UTC] jparedes at gmail dot com
[2015-10-02 20:29 UTC] nikic@php.net
[2015-10-03 08:15 UTC] nikic@php.net
-Status: Open +Status: Closed