Hey, On Sun, Feb 1, 2015 at 5:49 PM, Daniel Lowrey <rdlow...@php.net> wrote: > > - openssl_decrypt() now returns mixed ... if $options['get_tag'] == true > then return [$decryptedString, $tag], otherwise return $decrypted string as > before to preserve BC. > - the encrypt function could use $options['set_tag'] to define that (or > any other secondary information needed for the operation). >
I think that you confused it a bit :). The encryption results in cipher text and a tag. The decryption then validates the tag so you pass the tag as a parameter. Except that it's almost the same what I thought. I'm just not sure that mixed return value is a good idea. It seems a bit better having tag as a reference to me. But it's just a small detail that could be added to the RFC as a choice :) Cheers Jakub
