FAQ
Hi,

I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in its
first draft.


I attempted to be fair with respect to the discussion that has already
taken place here.

How does this get listed on the https://wiki.php.net/rfc page?

Tom

Search Discussions

  • Ferenc Kovacs at Jan 9, 2012 at 1:22 am

    On Mon, Jan 9, 2012 at 1:42 AM, Tom Worster wrote:

    Hi,

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in its
    first draft.


    I attempted to be fair with respect to the discussion that has already
    taken place here.

    How does this get listed on the https://wiki.php.net/rfc page?

    Tom
    I added it there under the In Draft category, if you have a better name or
    short description, just tell me, and I will update it there.

    --
    Ferenc Kovács
    @Tyr43l - http://tyrael.hu
  • Tom Worster at Jan 9, 2012 at 1:56 am
    I have also set up a github repo with 4 files in it. It is a first hack of
    a function that does part of what I described in the RFC. It's based on
    the interface of openssl_random_pseudo_bytes() and the guts of
    mcrypt_create_iv(). It is provisionally named cs_random_bytes().

    For now it builds and works at least this much:

    $ sapi/cli/php -r 'echo bin2hex(cs_random_bytes(8)) . PHP_EOL;'
    4cd0965922470560


    The hard work will be implementing the $is_strong_result flag in a
    platform independent way. You need to read the status of the entropy pool.
    The current code does that for Linux (maybe?). On FreeBSD you use
    sysctl(3) to read kern.random.sys.seeded. On OS X you ask securityd.
    Windows is actually easier.

    And what about other OSs? What is PHP normally tested on and would that be
    a suitable guide for cs_random_bytes()?

    In any case, I am no C programmer. I'm just a web dev. I don't even know
    how to ask if sysctl(3) is present.


    Tom

    On 1/8/12 7:42 PM, "Tom Worster" wrote:

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in its
    first draft.
  • Tom Worster at Jan 9, 2012 at 1:59 am
    I forgot the URL: https://github.com/tom--/php-cs_random_bytesemo

    :X

    tom
    On 1/8/12 8:56 PM, "Tom Worster" wrote:

    I have also set up a github repo with 4 files in it. It is a first hack
    of
    a function that does part of what I described in the RFC. It's based on
    the interface of openssl_random_pseudo_bytes() and the guts of
    mcrypt_create_iv(). It is provisionally named cs_random_bytes().

    For now it builds and works at least this much:

    $ sapi/cli/php -r 'echo bin2hex(cs_random_bytes(8)) . PHP_EOL;'
    4cd0965922470560


    The hard work will be implementing the $is_strong_result flag in a
    platform independent way. You need to read the status of the entropy
    pool.
    The current code does that for Linux (maybe?). On FreeBSD you use
    sysctl(3) to read kern.random.sys.seeded. On OS X you ask securityd.
    Windows is actually easier.

    And what about other OSs? What is PHP normally tested on and would that
    be
    a suitable guide for cs_random_bytes()?

    In any case, I am no C programmer. I'm just a web dev. I don't even know
    how to ask if sysctl(3) is present.


    Tom

    On 1/8/12 7:42 PM, "Tom Worster" wrote:

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in
    its
    first draft.
  • Pierre Joye at Jan 9, 2012 at 1:00 pm
    pls add it to the RFC, the right one as this one is a 404.
    On Mon, Jan 9, 2012 at 2:58 AM, Tom Worster wrote:
    I forgot the URL: https://github.com/tom--/php-cs_random_bytesemo

    :X

    tom
    On 1/8/12 8:56 PM, "Tom Worster" wrote:

    I have also set up a github repo with 4 files in it. It is a first hack
    of
    a function that does part of what I described in the RFC. It's based on
    the interface of openssl_random_pseudo_bytes() and the guts of
    mcrypt_create_iv(). It is provisionally named cs_random_bytes().

    For now it builds and works at least this much:

    $ sapi/cli/php -r 'echo bin2hex(cs_random_bytes(8)) . PHP_EOL;'
    4cd0965922470560


    The hard work will be implementing the $is_strong_result flag in a
    platform independent way. You need to read the status of the entropy
    pool.
    The current code does that for Linux (maybe?). On FreeBSD you use
    sysctl(3) to read kern.random.sys.seeded. On OS X you ask securityd.
    Windows is actually easier.

    And what about other OSs? What is PHP normally tested on and would that
    be
    a suitable guide for cs_random_bytes()?

    In any case, I am no C programmer. I'm just a web dev. I don't even know
    how to ask if sysctl(3) is present.


    Tom

    On 1/8/12 7:42 PM, "Tom Worster" wrote:

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in
    its
    first draft.


    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php


    --
    Pierre

    @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
  • Tom Worster at Jan 9, 2012 at 1:01 pm
    I added it at the top, I hope that's ok.

    the URL is https://github.com/tom--/php-cs_random_bytes

    Thanks for pointing that out
    Tom
    On 1/9/12 7:54 AM, "Pierre Joye" wrote:

    pls add it to the RFC, the right one as this one is a 404.
    On Mon, Jan 9, 2012 at 2:58 AM, Tom Worster wrote:
    I forgot the URL: https://github.com/tom--/php-cs_random_bytesemo

    :X

    tom
    On 1/8/12 8:56 PM, "Tom Worster" wrote:

    I have also set up a github repo with 4 files in it. It is a first hack
    of
    a function that does part of what I described in the RFC. It's based on
    the interface of openssl_random_pseudo_bytes() and the guts of
    mcrypt_create_iv(). It is provisionally named cs_random_bytes().

    For now it builds and works at least this much:

    $ sapi/cli/php -r 'echo bin2hex(cs_random_bytes(8)) . PHP_EOL;'
    4cd0965922470560


    The hard work will be implementing the $is_strong_result flag in a
    platform independent way. You need to read the status of the entropy
    pool.
    The current code does that for Linux (maybe?). On FreeBSD you use
    sysctl(3) to read kern.random.sys.seeded. On OS X you ask securityd.
    Windows is actually easier.

    And what about other OSs? What is PHP normally tested on and would that
    be
    a suitable guide for cs_random_bytes()?

    In any case, I am no C programmer. I'm just a web dev. I don't even know
    how to ask if sysctl(3) is present.


    Tom

    On 1/8/12 7:42 PM, "Tom Worster" wrote:

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in
    its
    first draft.


    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php


    --
    Pierre

    @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
  • Pierre Joye at Jan 9, 2012 at 2:33 pm
    hi,

    Some comments, same as I did before:

    cs means crypto safe. In your implementation, it is by no mean crypto
    safe as it relies on urandom for the cases where /dev/random did not
    return enough data (some OS are non blocking here), while linux is.

    It should detect which entropy sources are available. Be /dev/random
    or other like entropy daemon or similar systems providing a device.
    Doing so will make this function works fine on almost all systems.

    Cheers,
    On Mon, Jan 9, 2012 at 2:00 PM, Tom Worster wrote:
    I added it at the top, I hope that's ok.

    the URL is https://github.com/tom--/php-cs_random_bytes

    Thanks for pointing that out
    Tom
    On 1/9/12 7:54 AM, "Pierre Joye" wrote:

    pls add it to the RFC, the right one as this one is a 404.
    On Mon, Jan 9, 2012 at 2:58 AM, Tom Worster wrote:
    I forgot the URL: https://github.com/tom--/php-cs_random_bytesemo

    :X

    tom
    On 1/8/12 8:56 PM, "Tom Worster" wrote:

    I have also set up a github repo with 4 files in it. It is a first hack
    of
    a function that does part of what I described in the RFC. It's based on
    the interface of openssl_random_pseudo_bytes() and the guts of
    mcrypt_create_iv(). It is provisionally named cs_random_bytes().

    For now it builds and works at least this much:

    $ sapi/cli/php -r 'echo bin2hex(cs_random_bytes(8)) . PHP_EOL;'
    4cd0965922470560


    The hard work will be implementing the $is_strong_result flag in a
    platform independent way. You need to read the status of the entropy
    pool.
    The current code does that for Linux (maybe?). On FreeBSD you use
    sysctl(3) to read kern.random.sys.seeded. On OS X you ask securityd.
    Windows is actually easier.

    And what about other OSs? What is PHP normally tested on and would that
    be
    a suitable guide for cs_random_bytes()?

    In any case, I am no C programmer. I'm just a web dev. I don't even know
    how to ask if sysctl(3) is present.


    Tom

    On 1/8/12 7:42 PM, "Tom Worster" wrote:

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is in
    its
    first draft.


    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php


    --
    Pierre

    @pierrejoye | http://blog.thepimp.net | http://www.libgd.org


    --
    Pierre

    @pierrejoye | http://blog.thepimp.net | http://www.libgd.org
  • Tom Worster at Jan 9, 2012 at 2:50 pm
    Pierre,

    1. The proposal in the RFC is explicit: "The function should neither block
    nor return a failure status in the case that the systems entropy pool is
    depleted. However, it should allow the caller to discover if this is the
    case. etc..."

    2. The current code implements that by setting the $is_strong_result flag
    if it has to resort to urandom on Linux.

    So, afaikt, what has been done _so_far_ is in alignment with your
    preferences. Correct?

    As I said in the email discussing implementation, setting
    $is_strong_result requires different code for each OS and this has not
    been implemented yet.

    Tom

    On 1/9/12 9:33 AM, "Pierre Joye" wrote:

    hi,

    Some comments, same as I did before:

    cs means crypto safe. In your implementation, it is by no mean crypto
    safe as it relies on urandom for the cases where /dev/random did not
    return enough data (some OS are non blocking here), while linux is.

    It should detect which entropy sources are available. Be /dev/random
    or other like entropy daemon or similar systems providing a device.
    Doing so will make this function works fine on almost all systems.

    Cheers,
    On Mon, Jan 9, 2012 at 2:00 PM, Tom Worster wrote:
    I added it at the top, I hope that's ok.

    the URL is https://github.com/tom--/php-cs_random_bytes

    Thanks for pointing that out
    Tom
    On 1/9/12 7:54 AM, "Pierre Joye" wrote:

    pls add it to the RFC, the right one as this one is a 404.
    On Mon, Jan 9, 2012 at 2:58 AM, Tom Worster wrote:
    I forgot the URL: https://github.com/tom--/php-cs_random_bytesemo

    :X

    tom
    On 1/8/12 8:56 PM, "Tom Worster" wrote:

    I have also set up a github repo with 4 files in it. It is a first
    hack
    of
    a function that does part of what I described in the RFC. It's based
    on
    the interface of openssl_random_pseudo_bytes() and the guts of
    mcrypt_create_iv(). It is provisionally named cs_random_bytes().

    For now it builds and works at least this much:

    $ sapi/cli/php -r 'echo bin2hex(cs_random_bytes(8)) . PHP_EOL;'
    4cd0965922470560


    The hard work will be implementing the $is_strong_result flag in a
    platform independent way. You need to read the status of the entropy
    pool.
    The current code does that for Linux (maybe?). On FreeBSD you use
    sysctl(3) to read kern.random.sys.seeded. On OS X you ask securityd.
    Windows is actually easier.

    And what about other OSs? What is PHP normally tested on and would
    that
    be
    a suitable guide for cs_random_bytes()?

    In any case, I am no C programmer. I'm just a web dev. I don't even
    know
    how to ask if sysctl(3) is present.


    Tom

    On 1/8/12 7:42 PM, "Tom Worster" wrote:

    I added the new RFC https://wiki.php.net/rfc/csrandombytes which is
    in
    its
    first draft.


    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php


    --
    Pierre

    @pierrejoye | http://blog.thepimp.net | http://www.libgd.org


    --
    Pierre

    @pierrejoye | http://blog.thepimp.net | http://www.libgd.org

    --
    PHP Internals - PHP Runtime Development Mailing List
    To unsubscribe, visit: http://www.php.net/unsub.php
  • Thomas Hruska at Jan 9, 2012 at 3:39 pm

    On 1/9/2012 7:50 AM, Tom Worster wrote:
    Pierre,

    1. The proposal in the RFC is explicit: "The function should neither block
    nor return a failure status in the case that the systems entropy pool is
    depleted. However, it should allow the caller to discover if this is the
    case. etc..."

    2. The current code implements that by setting the $is_strong_result flag
    if it has to resort to urandom on Linux.

    So, afaikt, what has been done _so_far_ is in alignment with your
    preferences. Correct?

    As I said in the email discussing implementation, setting
    $is_strong_result requires different code for each OS and this has not
    been implemented yet.

    Tom
    I'm glad someone is doing something about making more sources of
    randomness in PHP.

    Instead of a 'bool', use an 'int' for $is_strong_result but more
    accurately call it $result_strength. Assign a minimum recommended
    threshold in the documentation against which application developers can
    act. That is, let the application developer decide what the minimum
    strength is that they are willing to accept. Otherwise, from an
    application developer's perspective, it will appear to be some arbitrary
    internal decision and won't really be a significant improvement over
    other PHP functions - it'll just be one more confusing option to pick from.


    As an aside, I recently developed a sufficient-for-most-needs CSPRNG in
    pure PHP:

    http://barebonescms.com/documentation/csprng/

    --
    Thomas Hruska
    CubicleSoft President

    Barebones CMS is a high-performance, open source content management
    system for web developers operating in a team environment.

    An open source CubicleSoft initiative.
    Your choice of a MIT or LGPL license.

    http://barebonescms.com/
  • Tom Worster at Jan 9, 2012 at 7:54 pm

    On 1/9/12 10:39 AM, "Thomas Hruska" wrote:
    I'm glad someone is doing something about making more sources of
    randomness in PHP.
    I am pleased to hear it.

    Instead of a 'bool', use an 'int' for $is_strong_result but more
    accurately call it $result_strength. Assign a minimum recommended
    threshold in the documentation against which application developers can
    act. That is, let the application developer decide what the minimum
    strength is that they are willing to accept. Otherwise, from an
    application developer's perspective, it will appear to be some arbitrary
    internal decision and won't really be a significant improvement over
    other PHP functions - it'll just be one more confusing option to pick
    from.
    The RFC has its lengthy name because this effort aims to add an API to the
    system CSPRNG and nothing else.

    The various system CSPRNGs, to the best of my knowledge, are not able to
    provide a randomness metric. They indicate if they are adequately seeded
    or not. Hence $is_strong_result is a boolean. If we limit to the scope as
    currently defined then I do not see how to introduce a "degree of true
    randomness" result.

    As an aside, I recently developed a sufficient-for-most-needs CSPRNG in
    pure PHP:

    http://barebonescms.com/documentation/csprng/

    --
    Thomas Hruska
    CubicleSoft President

    Barebones CMS is a high-performance, open source content management
    system for web developers operating in a team environment.

    An open source CubicleSoft initiative.
    Your choice of a MIT or LGPL license.

    http://barebonescms.com/

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupphp-internals @
categoriesphp
postedJan 9, '12 at 12:43a
activeJan 9, '12 at 7:54p
posts10
users4
websitephp.net

People

Translate

site design / logo © 2022 Grokbase