Bug report

phpstan/phpstan-src#4043 has implemented refinement of the openssl_cipher_iv_length and openssl_cipher_key_length functions for known algorithms, using openssl_get_cipher_methods to know the list of known algorithms.

However, PHP suffers from a bug where openssl_get_cipher_methods uses a different source of algorithms than the actual resolution of algorithms in functions using them, which makes it report extra algorithms that are not actually supported (probably because openssl 3.0 disables some weaker algorithms by default): php/php-src#19994
This issue has been fixed in PHP 8.5, but it won't be fixed in older versions (the fix relies on a big refactoring of the implementation).

I see 2 possibles way to handle that issue in phpstan:

1. restrict the return type refinement to PHP 8.5+ instead of applying it to PHP 8.0+
2. for PHP 8.0 to 8.4, perform extra filtering of the list by attempting to get the iv size or the key length for each algorithm and removing algorithms that fail (of course silencing the warning that such failure would also trigger)

Code snippet that reproduces the problem

https://phpstan.org/r/edc513b4-9db1-4b73-ba9e-198957f73388

Expected output

openssl_cipher_iv_length('aes-128-cbc-cts') should be reported as unsupported on PHP 8.0 to 8.4 in case it is indeed not supported.

Did PHPStan help you today? Did it make you happy in any way?

No response