Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:117027
Return-Path: <timwolla@bastelstu.be>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 70529 invoked from network); 14 Feb 2022 10:23:02 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 14 Feb 2022 10:23:02 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 53A6318053A
	for <internals@lists.php.net>; Mon, 14 Feb 2022 03:40:29 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS24940 176.9.0.0/16
X-Spam-Virus: No
X-Envelope-From: <timwolla@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Mon, 14 Feb 2022 03:40:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1644838826;
	bh=S5P6PXIBCR6W2IR1QVQh2PF2fxWEDOfvAVfNTkCx0oY=;
	h=Date:Subject:To:References:From:In-Reply-To:From;
	b=QyryOQLHw4y8FefACS7J8bfmFqMzzBOXHXU4ld2Pao4RIDq0Fz5khCVp9lt09oeBo
	 zYMAuvdt4GtNeAIfH2Vw+CUNMSUDRAQEUrFxCc2vGl5AQxX/iwqQZycfER0a6hZHh3
	 srjIHEkSnKRJSg0Z3XbixwQGBb0W9TXm+qfsIbTZfBBFHo5N8gQx3UubyLt2LXLjWj
	 eOEKXRVfyxHWvTrHt6pACs3AA4iOvtftjfo9SvDMg+TNbOg9zP3paS9NLdkVTK/Nvk
	 VWpmS44NtD1qIZ64wkGFIbRP8OgKKxJtvCCN7EQYeT0YSKeD/JG6oktoJEKqXF47Wm
	 EbKKsh9gVg5tA==
Message-ID: <41a1b458-4941-f34e-f1b4-e25b3298b80a@bastelstu.be>
Date: Mon, 14 Feb 2022 12:40:22 +0100
MIME-Version: 1.0
Content-Language: en-US
To: Go Kudo <g-kudo@colopl.co.jp>, internals@lists.php.net
References: <CAMs36HcsGqNanQaro_VTkK_VKHNg-jqtshXpW-aCxdqpxHjMdw@mail.gmail.com>
In-Reply-To: <CAMs36HcsGqNanQaro_VTkK_VKHNg-jqtshXpW-aCxdqpxHjMdw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] [RFC] [Under Discussion] Random Extension 4.0
From: timwolla@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=)

Hi

On 2/14/22 12:11, Go Kudo wrote:
> The refreshed RFC and implementation are available at the following URL:
> 
> https://wiki.php.net/rfc/rng_extension
> https://github.com/php/php-src/pull/8094
> 
> If there are no specific comments, I would like to start voting as soon as
> the two-week pre-announcement phase is over.

1) XorShift128+ has a 128 Bit internal state, but takes an integer seed 
within the constructor. Thus only 64 Bits of seed can be provided.

Maybe the seed parameter should be a 16-byte string instead? 
Initializing the generator with a completely random seed would then be:

new XorShift128Plus(\random_bytes(16));

instead of the much more complicated:

new XorShift128Plus(\random_int(\PHP_INT_MIN, \PHP_INT_MAX));

Perhaps the following API would be even clearer:

XorShift128Plus::fromSeed(\random_bytes(16));
XorShift128Plus::fromGenerator(new Secure()); // Takes 16 bytes from the 
given generator.

2) I would adjust the 'Randomizer' to use the 'Secure' generator as a 
safe default. If absolute performance or a reproducible sequence is 
required then one can use a custom generator, but the default will be 
the secure CSPRNG, making it harder to misuse.

3) The RFC is inconsistent in the example code. Is it 'stringShuffle' or 
'shuffleString'?

4) The RFC should document the 'NumberGenerator' interface. Specifically 
I'm interested in the return type of the 'generate' method. Does it 
return bytes or integers? Is it legal to implement the interface in 
userland code?

Best regards
Tim Düsterhus