Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:114565
Return-Path: <guilliam.xavier@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 19822 invoked from network); 24 May 2021 14:35:18 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 24 May 2021 14:35:18 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 36F991804F8
	for <internals@lists.php.net>; Mon, 24 May 2021 07:46:20 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS
	autolearn=no autolearn_force=no version=3.4.2
X-Spam-Virus: No
X-Envelope-From: <guilliam.xavier@gmail.com>
Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com [209.85.167.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Mon, 24 May 2021 07:46:19 -0700 (PDT)
Received: by mail-lf1-f52.google.com with SMTP id j6so38345690lfr.11
        for <internals@lists.php.net>; Mon, 24 May 2021 07:46:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=IOomo/dhgZlxiLhOiYp8EDW+qLzOBHMrjFTWnwDgsu8=;
        b=ZTyFo/aEPudHWOucRCDJ86pNgi3znyaum9rDu+3OsxXIgUl6ihjXbHunOPgy6od04F
         JaggH3OUfr2VHILPXDd2Qh5OS1cGJd/Cvyif7Q+hVLt2Jf/KZr51jSP2LdXg5aGlUx0H
         d9NuHAkEFAPaLAe/CQy9FUoD4PN/O8jTBCg1NUZrxKonuDGyJS9tDftfsCL0Y7S9TvVu
         t32GVWrn8dyy/ssR9tzqynGbiwlUuysUSS+MBuraZxscO3EnPNvjK1QmkB42r9zXmznA
         tvGgYdFYL9/pe/BmfnxPzyLu5ep09nzV/d3C8W+d1lMS4Oqm/wtcCAMy4Xx963flsk0B
         nkvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=IOomo/dhgZlxiLhOiYp8EDW+qLzOBHMrjFTWnwDgsu8=;
        b=N2M8gs+t7ZEyxLMDg119Rd/e9U9+lsiGYdnKQw/AxMjSU/+pydpCWfwXI10aJwm9C4
         G+8/MX11cTEj1KbcJJIB13eCDTT5SQ8FjHO87tdmb6Qbmk6xVb9MXaRpjG6W8TXz1tOh
         b8GBija3BNAryMCoByGK45ceHe0OyVo2UjoGxpSUAerP8WLvo3cwo0E/uRbA2JfSsPLn
         QW3ddMSlRATU3XxwWrMW6XDPAufVLG8KCqSUu8HzrojQse2zftJGLGhIzaD7Namkyt58
         N0XuSJxhsE6ML3bl6XqMhXrXTuFz+RR8eJvp5iwppagbiBPcAXpObkzcIEhHD+K+wi8P
         7njw==
X-Gm-Message-State: AOAM532c9eg+xkyiZq/87ZC//l7RNAqcUGCYq3cZiHgGHYHmA5xgr1O9
	40gTrqjFCIV1wJ+d55z917psPrNUVewy1nf6TA==
X-Google-Smtp-Source: ABdhPJxq2uNokaT4DsQDyU1K0P4onKZpx+PArWPKmoE7Vg7YAn9t4nCTgdumLJS5feWpqbkbx415MwP49XoxDR45K2s=
X-Received: by 2002:ac2:4198:: with SMTP id z24mr10980306lfh.335.1621867578302;
 Mon, 24 May 2021 07:46:18 -0700 (PDT)
MIME-Version: 1.0
References: <CABTDVhDRH8+0WG0nJ5QRYVT9-8m1u2VMe-gvY5cWra-OKQ4t+g@mail.gmail.com>
In-Reply-To: <CABTDVhDRH8+0WG0nJ5QRYVT9-8m1u2VMe-gvY5cWra-OKQ4t+g@mail.gmail.com>
Date: Mon, 24 May 2021 16:46:09 +0200
Message-ID: <CAC5V6gi2e2UFWvC0x9t4VcR7H985q3mc3R0ryTwiYRvAbJAeCA@mail.gmail.com>
To: Go Kudo <zeriyoshi@gmail.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000e0a7ca05c31478bb"
Subject: Re: [RFC] [Draft] Add Randomizer class (before: Add RNG extension)
From: guilliam.xavier@gmail.com (Guilliam Xavier)

--000000000000e0a7ca05c31478bb
Content-Type: text/plain; charset="UTF-8"

On Sat, May 22, 2021 at 10:57 PM Go Kudo <zeriyoshi@gmail.com> wrote:

> Hi, Internals and all participated in the previous discussion.
>
> RFCs have been cleaned up and the proposal has been substantially changed.
>
> https://wiki.php.net/rfc/rng_extension
>
> First of all, I apologize for not checking out the implementation of
> password_hash(), which is a precedent to learn from.
>
> I think I've answered all the questions I've been getting on Open Issues.
> If I have left anything out, please let me know.
>
> Regards,
> Go Kudo
>

Hi,

This really looks like a different proposal indeed (simpler and clearer),
thanks! A few (new) remarks/questions:

- Naming: "Randomizer", but some have suggested just "Random", or "RNG" (or
"PRNG").

- [I was about to say "If typical usage is expected to provide a seed (for
reproducibility) more often than choosing a non-default algorithm, maybe
the [optional] constructor parameters should be in the according order
($seed, $algo)?", but actually I'm not sure of "expected typical usage",
and the current order ($algo, $seed) seems more "logical" (e.g. I think
RANDOMIZER_SECURE will ignore $seed?), and we can use named arguments like
`new Randomizer(seed: 1234)` if needed, so...]

- Does `?int $seed = null` default to `time()` internally? or to something
else? [not sure if important...]

- Does `?int $min = PHP_INT_MIN` default to `PHP_INT_MIN` even if we pass
`null`? But, given that we can use named arguments, do $min/$max really
need to be nullable?

- About `shuffle(array|string $target): array|string`: I think just "value"
would be better than "target", and I'm not sure about the union type
(notably for static analysis)... Ideally it should be distinct `(array
$value): array` and `(string $value): string`, but that probably requires
two distinct names?

- For internal implementation, isn't there a signed/unsigned "mismatch"
between PHP `function next(): int` and C `uint64_t (*next)(void)` return
types?

Regards,

-- 
Guilliam Xavier

--000000000000e0a7ca05c31478bb--