Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:103435
Return-Path: <sammyk@sammykmedia.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 83258 invoked from network); 10 Nov 2018 08:07:05 -0000
Received: from unknown (HELO mail-lj1-f181.google.com) (209.85.208.181)
  by pb1.pair.com with SMTP; 10 Nov 2018 08:07:05 -0000
Received: by mail-lj1-f181.google.com with SMTP id k19-v6so3278681lji.11
        for <internals@lists.php.net>; Fri, 09 Nov 2018 20:26:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=sammyk-me.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=sXy+rPFnR3JkEBsdQDSKoSv7beaqJEUnDTDQyrV7XI4=;
        b=cZ8BepEJ89Z4F/KXYqTLpObcCUdSfdyqP4xkFoar0ohL3MHxICFKgcSXWN1EPa5/a2
         ziFVJ3VsnHzyxgAq7k1NDfDlcWxSsMlKvzKTXT72+R6Ls/8pDCFcVT8cqGu51V/K1uwL
         twomEorwS9YqvWjid6PsKVsjEIQCtV0pAHyZ9xM4R0NmfqnTnvQc7cTvhVP/gyTQgXd3
         myCsx+vX/Zj4WhAY3X6bGjmQeB6iuilJO05cfP2mJNgn6k5wq/TrHG+KWLbJLhohQXAI
         ip4GDtUSCCp3Xv7S+laOqCub/unmISHUYeLowKVkthlgctVbWfbTKbcsXIxEi/D76xdi
         7erQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=sXy+rPFnR3JkEBsdQDSKoSv7beaqJEUnDTDQyrV7XI4=;
        b=m/Zzhe9UUUPqRQM6YYQc9L6b/E0LEtc3Hb6WfOn5pW4YFilk+oo34K4aJy886ua4yF
         4gtHjGUeH4ayDiM3ULEm0D9EAPJhA8cgrtxwAuXrr02iN63tgAaxiV67nuVN4gMTZtf8
         Ih/BRpYj/L1KHp4fo2oILt01WRSrhu9BraUoagDteu3bJZkKGG4CSTuP711MuuhphpAa
         RAo3NkVGd/q4lVhtCBbuYLE1vFF+/PJVSbrQFBNlY/RqD4exgelZb8/s11+Q5NzvJTMr
         vZQ/rxHkiVchg/gdLlieyVZIFhEIzud7dEYMQ1rdG6swuIbet32UBBNYII+mbYaVeA5I
         JmAQ==
X-Gm-Message-State: AGRZ1gIdMk2x08YgHjY+10FtLU7xU7CWGVHERN5vlArxEqi7BXTdow8w
	/rRLIKbN5XNATKIrsIy0qZ4u0QSGKV32h2X/hOS+VJU81N8=
X-Google-Smtp-Source: AJdET5dJK1TOlwTvr5PWkG1LsIyFkS90qXSwd4XoIHwEjVeeAaBnmFyxZX0+z+H6yQ2fE0sGBxBWSzGmT8uLCADhL/A=
X-Received: by 2002:a2e:4299:: with SMTP id h25-v6mr6776879ljf.5.1541823981678;
 Fri, 09 Nov 2018 20:26:21 -0800 (PST)
MIME-Version: 1.0
References: <CALYT1YpSw7NyGugVgmuppx9c46nBzXDz8Ovpfadyz944ZqV-4Q@mail.gmail.com>
 <CAO7eTqO2P=w5VPeZg1NEEQqS0CFRERn711tsR+i6SxUJOOEKaQ@mail.gmail.com>
In-Reply-To: <CAO7eTqO2P=w5VPeZg1NEEQqS0CFRERn711tsR+i6SxUJOOEKaQ@mail.gmail.com>
Date: Fri, 9 Nov 2018 23:26:09 -0500
Message-ID: <CALYT1YpnSbfsW0q9bZSjrqgcXzuOq=vtm=j8err7RDFqPJxUzQ@mail.gmail.com>
To: php.net@majkl578.cz
Cc: PHP Internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Subject: Re: [PHP-DEV] [RFC] [VOTE] Improve openssl_random_pseudo_bytes()
From: me@sammyk.me (Sammy Kaye Powers)

Hey Michael!

I really appreciate you fighting against BC's in minor versions. We
certainly need to always be hyper aware of the impact BC's have on the
community.

First, I'll address your concerns you raised on GitHub here:
https://github.com/php/php-src/pull/3649#issuecomment-435684017

> Well, throwing an exception instead of returning false is a huge BC break in a minor version.

Indeed and it is. And it's an important and very much needed one since
we're dealing with cryptographic contexts. As infosec people say, "Bad
cryptography is not backwards compatible with good cryptography." If
we don't make the CSPRNG fail closed, we're allowing a potential
attack vector in every single PHP script that doesn't have a fail
check.

> This type of stuff is what makes people (and hosting providers) to not upgrade to newer minor versions.

I think it's important to point out, we're talking about two very
distinct BC's here. 1) Failing closed which is a security-related BC
(a must break IMO). 2) A confusing API clean-up. I'm not sure there's
a 100% right answer to fixing the second BC; whether we keep the
second param or deprecate it, both options have tradeoffs. Perhaps
this second deprecation BC should wait until 8.0, but that's why I
made it a separate vote (and at this point the deprecation BC looks
like it will fail anyway). It's really tough to get this stuff right -
everything is a tradeoff. :)

> "should rarely occur" Can you provide some metrics for this statement?

I don't have stats on how often `RAND_bytes()` returns `0`. But even
if it failed often, that's even more reason to have
`openssl_random_pseudo_bytes()` fail closed and shut down that
potential attack vector.

> the "Backward Incompatible Changes" section fails to mention that this
> function will start throwing an exception in next MINOR PHP version (7.4)

Failing closed is an inherent BC break and the RFC explicitly targets
PHP 7.4. The entire RFC after all is a big "Backward Incompatible
Change". :) So I'm not really following how that is unclear.

But again - thanks for fighting against BC's! I totally agree with you
that we gotta keep those BC's to a minimum; even in major versions. <3

Thanks,
Sammy Kaye Powers
sammyk.me