[RFC] deprecate md5_file and sha1_file

  108441
February 10, 2020 21:49 internals@lists.php.net ("Tom Van Looy via internals")
Hi

While in some environments the use of MD5 and SHA1 are still acceptable for
some use cases like file integrity verification etc. the use of these
algorithms should be discouraged and not be your choice when developing new
applications.

I suggest to deprecated the functions md5_file() and sha1_file(). This will
make people think about upgrading to a better alternative. If you still
need this functionality you can always switch to the hash_file() function.

Carrying around these two dedicated functions seems a bit too much for a
modern PHP. What do you think?

My feeling was that this is a no brainer. Should I open an RFC for this?

Kind regards,

Tom Van Looy
  108442
February 10, 2020 21:52 zardozrocks@gmail.com (j adams)
I disagree. While MD5 and SHA1 might not be suitable for modern
cryptographic operations, these functions might be needed for legacy
situations -- e.g., munging through old data.


On Mon, Feb 10, 2020 at 1:50 PM Tom Van Looy via internals <
internals@lists.php.net> wrote:

> Hi > > While in some environments the use of MD5 and SHA1 are still acceptable for > some use cases like file integrity verification etc. the use of these > algorithms should be discouraged and not be your choice when developing new > applications. > > I suggest to deprecated the functions md5_file() and sha1_file(). This will > make people think about upgrading to a better alternative. If you still > need this functionality you can always switch to the hash_file() function. > > Carrying around these two dedicated functions seems a bit too much for a > modern PHP. What do you think? > > My feeling was that this is a no brainer. Should I open an RFC for this? > > Kind regards, > > Tom Van Looy >
  108443
February 10, 2020 21:56 internals@lists.php.net ("Tom Van Looy via internals")
the hash_file() function still supports md5 and sha1 so people that need it
should then migrate to hash_file('md5', ...) or hash_file('sha1', ...)
instead. That was the idea

Kind regards,

Tom

On Mon, Feb 10, 2020 at 10:52 PM j adams <zardozrocks@gmail.com> wrote:

> I disagree. While MD5 and SHA1 might not be suitable for modern > cryptographic operations, these functions might be needed for legacy > situations -- e.g., munging through old data. > > > On Mon, Feb 10, 2020 at 1:50 PM Tom Van Looy via internals < > internals@lists.php.net> wrote: > >> Hi >> >> While in some environments the use of MD5 and SHA1 are still acceptable >> for >> some use cases like file integrity verification etc. the use of these >> algorithms should be discouraged and not be your choice when developing >> new >> applications. >> >> I suggest to deprecated the functions md5_file() and sha1_file(). This >> will >> make people think about upgrading to a better alternative. If you still >> need this functionality you can always switch to the hash_file() function. >> >> Carrying around these two dedicated functions seems a bit too much for a >> modern PHP. What do you think? >> >> My feeling was that this is a no brainer. Should I open an RFC for this? >> >> Kind regards, >> >> Tom Van Looy >> >
  108450
February 11, 2020 06:00 smalyshev@gmail.com (Stanislav Malyshev)
Hi!

> the hash_file() function still supports md5 and sha1 so people that need it > should then migrate to hash_file('md5', ...) or hash_file('sha1', ...) > instead. That was the idea
This means spending time and effort to cause extra work to people that already have working code with existing PHP and don't need our "help". I don't think we should be doing that. -- Stas Malyshev smalyshev@gmail.com
  108447
February 10, 2020 22:43 derick@php.net (Derick Rethans)
On 10 February 2020 21:52:42 GMT, j adams <zardozrocks@gmail.com> wrote:
>I disagree. While MD5 and SHA1 might not be suitable for modern >cryptographic operations, these functions might be needed for legacy >situations -- e.g., munging through old data. > > >On Mon, Feb 10, 2020 at 1:50 PM Tom Van Looy via internals < >internals@lists.php.net> wrote: > >> Hi >> >> While in some environments the use of MD5 and SHA1 are still >acceptable for >> some use cases like file integrity verification etc. the use of these >> algorithms should be discouraged and not be your choice when >developing new >> applications. >> >> I suggest to deprecated the functions md5_file() and sha1_file(). >This will >> make people think about upgrading to a better alternative. If you >still >> need this functionality you can always switch to the hash_file() >function. >> >> Carrying around these two dedicated functions seems a bit too much >for a >> modern PHP. What do you think? >> >> My feeling was that this is a no brainer. Should I open an RFC for >this? >> >> Kind regards, >> >> Tom Van Looy >>
Deprecation doesn't mean immediate removal. It's a nudge to move to something better. Because this deprecation isn't in the last PHP 7, these functions can't be removed until PHP 9. cheers, Derick
  108444
February 10, 2020 21:57 george.banyard@gmail.com ("G. P. B.")
On Mon, 10 Feb 2020 at 22:50, Tom Van Looy via internals <
internals@lists.php.net> wrote:

> Hi > > While in some environments the use of MD5 and SHA1 are still acceptable for > some use cases like file integrity verification etc. the use of these > algorithms should be discouraged and not be your choice when developing new > applications. > > I suggest to deprecated the functions md5_file() and sha1_file(). This will > make people think about upgrading to a better alternative. If you still > need this functionality you can always switch to the hash_file() function. > > Carrying around these two dedicated functions seems a bit too much for a > modern PHP. What do you think? > > My feeling was that this is a no brainer. Should I open an RFC for this? > > Kind regards, > > Tom Van Looy >
I feel that if we deprecate the file versions of these algorithms we probably should also deprecate the ones which work with plain old strings, namely md5() and sha1(). [1] [2] It should be noted that these hash functions would still be available through the Hash extension which is always available as of PHP 7.4 as it became a core extension. Depending on how controversial these deprecations are they could be bundled with the big deprecation RFC for PHP 8.0, which is currently in draft. [3] George P. Banyard [1] https://www.php.net/manual/en/function.md5.php [2] https://www.php.net/manual/en/function.sha1.php [3] https://wiki.php.net/rfc/deprecations_php_8_0
  108445
February 10, 2020 22:36 marandall@php.net (Mark Randall)
On 10/02/2020 21:49, Tom Van Looy via internals wrote:
> I suggest to deprecated the functions md5_file() and sha1_file(). This will > make people think about upgrading to a better alternative.
It won't. At best it will make people switch to the hash function. At worst people will not upgrade. If people are using the existing md5 / sha1 algorithms, chances are it's because they're actually wanting to get a hash to compare to something that has already been stored. There's not much point in deprecating the algorithm if we don't eventually plan to remove it, and there is an exactly zero percent chance of it being removed at any point in the next 50 years. Mark Randall
  108449
February 11, 2020 05:59 smalyshev@gmail.com (Stanislav Malyshev)
Hi!

> I suggest to deprecated the functions md5_file() and sha1_file(). This will
Not sure what's the point of it. SHA1 and MD5 didn't change. The recommendations for their usage has changed, but we generally don't use deprecation warnings to improve users' code and recommend them how to structure their code better. Deprecation is usually for functions that are unsupported (and going to go away) or not having any non-broken uses anymore. We have crc32() function which is much less secure than md5 for check-summing obviously, and we don't deprecate it because of that. I don't think we should use deprecations for that purpose.
> Carrying around these two dedicated functions seems a bit too much for a > modern PHP. What do you think?
There's zero effort expended on "carrying around" these functions, and I don't see why it's "too much" for "modern PHP"? What changed in "modern PHP" that suddenly brought forward the need to minimize the number of existing functions? I don't see any reason for that. On the contrary, deprecating it causes work for people that legitimately use these functions, and makes them either turn off deprecation warnings (unsafe and may lead to real deprecations pass unnoticed) or work around this. I don't think it is beneficial. -- Stas Malyshev smalyshev@gmail.com
  108451
February 11, 2020 06:25 internals@lists.php.net ("Tom Van Looy via internals")
On Tue, 11 Feb 2020, 06:59 Stanislav Malyshev, <smalyshev@gmail.com> wrote:

> Hi! > > > I suggest to deprecated the functions md5_file() and sha1_file(). This > will > > Not sure what's the point of it. SHA1 and MD5 didn't change. The > recommendations for their usage has changed, but we generally don't use > deprecation warnings to improve users' code and recommend them how to > structure their code better.
Yes that was my point with "modern php". The recommendation changed. It seems like most people in this discussion like to keep the functions. I didn't expect that. Thanks for the feedback and the arguments all! Tom
  108454
February 11, 2020 09:34 php.lists@allenjb.me.uk (AllenJB)
As others have mentioned, this will do nothing but make people annoyed 
and switch to the hash_file() version of exactly the same thing or put 
up another hurdle to updgrading PHP.

The password hashing API now provides an obvious go-to for password hashing.

For other hashing usages there are, I think, basically two scenarios 
developers find themselves in:

1) I'm using an API or some other external service and that requires the 
use of md5 / sha1 - I don't have a choice

2) What do I use instead? Internet searches return "sha1 / md5 is fine 
for this purpose" or recommend algorithms that aren't natively supported 
in PHP.

The (hash library) documentation does nothing towards helping developers 
decide what algorithms (or even which hash library functions) they 
should use for what purposes (and there are a lot of acronyms that many 
developers are likely to have never encountered that are never explained 
- HMAC, PBKDF2, HKDF).

Yes, of course developers can use third party sources to supplement the 
information in the manual, but who has time to go seartching for that 
(esp. when most of the first page on Google probably tells you md5/sha1 
is fine anyway)?

If you want to change the way developers think about hashing when 
writing PHP, I would start with the documentation rather than 
deprecating functions which are essentially aliases and are highly 
likely used all over the place in cases where they do exactly what 
people want.

AllenJB

On 10/02/2020 21:49, Tom Van Looy via internals wrote:
> Hi > > While in some environments the use of MD5 and SHA1 are still acceptable for > some use cases like file integrity verification etc. the use of these > algorithms should be discouraged and not be your choice when developing new > applications. > > I suggest to deprecated the functions md5_file() and sha1_file(). This will > make people think about upgrading to a better alternative. If you still > need this functionality you can always switch to the hash_file() function. > > Carrying around these two dedicated functions seems a bit too much for a > modern PHP. What do you think? > > My feeling was that this is a no brainer. Should I open an RFC for this? > > Kind regards, > > Tom Van Looy >
  108460
February 11, 2020 11:18 phpmailinglists@gmail.com (Peter Bowyer)
On Tue, 11 Feb 2020 at 09:34, AllenJB lists@allenjb.me.uk> wrote:

> If you want to change the way developers think about hashing when > writing PHP, I would start with the documentation rather than > deprecating functions which are essentially aliases and are highly > likely used all over the place in cases where they do exactly what > people want. >
I agree. It isn't wrong to use MD5 or SHA1 in the right situation (or even CRC32). The documentation can tell people when they can use these algorithms, and when they must not think about using them. Mark them in the documentation as "RECOMMENDED DO NOT USE" and guide people away. Peter