Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:117955
Return-Path: <tim@bastelstu.be>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 37351 invoked from network); 15 Jun 2022 15:35:27 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 15 Jun 2022 15:35:27 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 7F5D1180506
	for <internals@lists.php.net>; Wed, 15 Jun 2022 10:23:14 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS24940 176.9.0.0/16
X-Spam-Virus: No
X-Envelope-From: <tim@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Wed, 15 Jun 2022 10:23:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1655313792;
	bh=KgUEtrXOfakNHJqLi2Yp6WxOUdShCCKnwpdTUjJ5GYU=;
	h=Date:Subject:To:References:From:In-Reply-To:From;
	b=VCiUumiv5x22624IWdvstiJpmJOtw2bDNPSpa5PwHwbldSo/fYo3eLMUdoMUak2cO
	 xI+c7Ogn8ZLtYLd/zCuqgsg6FB+/9UxMrZXfIqA7JYli6P7PkPn5aA/+dQ2xmtJtmf
	 1XP9vBx1+3ITYoAoxy7gvjmE6gbgqv4XvWCIO6J9Wq5Ftw1fXnTkx1bAM+sAGqgQpp
	 wzC5s6cmMzpvAEkwFCMEHxIOg+97NN5jrOKctr1Pg2RuU5r+1XYHvCWy1Fr/EpDYkH
	 1ndTREc9JORo2YxaBoP7pPEuw3UQuLm85wKpG5kj5+TK+jh3sZTpAZhUSGe80m7/fe
	 dug4ZfS0GJqSw==
Message-ID: <e96c8676-d5fb-f3c9-d0ca-a93f8ec0f1c1@bastelstu.be>
Date: Wed, 15 Jun 2022 19:23:12 +0200
MIME-Version: 1.0
Content-Language: en-US
To: Go Kudo <g-kudo@colopl.co.jp>, internals@lists.php.net
References: <CAMs36Het5f=ojSw8H4kooZxub-COvhKmiJfYUUM7ioBSpVKFVA@mail.gmail.com>
In-Reply-To: <CAMs36Het5f=ojSw8H4kooZxub-COvhKmiJfYUUM7ioBSpVKFVA@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] [RFC] [VOTE] Random Extension 5.x
From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=)

Hi

On 6/14/22 02:01, Go Kudo wrote:
> Voting began on 2022-06-14 00:00:00 (UTC) and will end on 2022-06-28
> 00:00:00 (UTC).
> 
> https://wiki.php.net/rfc/rng_extension
> 
> The implementation is not yet complete and has some issues.
> See TODO in Pull Request for details.
> 
> https://github.com/php/php-src/pull/8094
> 

Unfortunately the vote has already started and I'm not sure if that's a 
change that might change the outcome of the vote, but while looking 
through the implementation once more I noticed that the engine 
implementations are not 'final' (and extending those engines is actually 
tested with the existing tests).

However I believe they should be final:

a) I generally believe that it's a best practice to make everything 
'final' by default.

b) It's easily possible to use composition with engines, as the 
interface only has a single method.

c) Especially for 'Random\Engine\Secure' I believe that allowing 
subclassing is actively harmful, as basically any adjustment of the 
engine's behavior violates the contract that the engine returns 
cryptographically secure randomness. But also for other engines changing 
the behavior also changes the implied behavior given by the engine's name.

What do you think?

Best regards
Tim Düsterhus