Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:40234
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 17886 invoked from network); 3 Sep 2008 08:33:42 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 3 Sep 2008 08:33:42 -0000
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass; domainkeys=bad
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.198.239 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.198.239 rv-out-0506.google.com  
Received: from [209.85.198.239] ([209.85.198.239:29220] helo=rv-out-0506.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 0D/FD-33714-5EB4EB84 for <internals@lists.php.net>; Wed, 03 Sep 2008 04:33:42 -0400
Received: by rv-out-0506.google.com with SMTP id g37so2537410rvb.23
        for <internals@lists.php.net>; Wed, 03 Sep 2008 01:33:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:to
         :subject:cc:in-reply-to:mime-version:content-type
         :content-transfer-encoding:content-disposition:references;
        bh=fkne8rduHr++oHQ6qMcQQk4vWbBNGm37XXtNkZ+7Wb4=;
        b=JDJ+MKa81g0AP4YtE7XJdcDxBfIqVqV7X3lw/DdSiGRzOBcAlaVT9qZDeo4lXqRQLm
         MwnN1GlU2UsWIn1PJ/soECC0sZyzoyoX6NPbu3hhdct15dE+L15q/DpZrrDWSty9sncZ
         +3f5nhmmQHzd4EQ+bSP3+DdrVzzWumm2Ld/+A=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:to:subject:cc:in-reply-to:mime-version
         :content-type:content-transfer-encoding:content-disposition
         :references;
        b=D9jDz0xun2XghdoBSWvirkklwo+3qIOV+rzmp/rHsLvEc769MxsXZ4Hbfe1JsXjdBK
         yN+xSdjZonFQhCWiaWZHEmN5JBeK/KkFQY2lxcHNm3TnPQP1/g5d5du6PpY9WP+WCPUI
         pqE8mcvtteC5sKwJiUYI2gEzMLR5OOzvyoC70=
Received: by 10.141.136.19 with SMTP id o19mr4721483rvn.281.1220430819544;
        Wed, 03 Sep 2008 01:33:39 -0700 (PDT)
Received: by 10.140.178.14 with HTTP; Wed, 3 Sep 2008 01:33:39 -0700 (PDT)
Message-ID: <fe05d1540809030133u6eb4d8bct57fa793d5dd6911d@mail.gmail.com>
Date: Wed, 3 Sep 2008 10:33:39 +0200
To: "Scott MacVicar" <scott@macvicar.net>
Cc: "PHP Developers Mailing List" <internals@lists.php.net>
In-Reply-To: <B4142BDF-7319-4AB4-8274-376FAEE822CC@macvicar.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <B4142BDF-7319-4AB4-8274-376FAEE822CC@macvicar.net>
Subject: Re: [PHP-DEV] OpenSSL random pseudo bytes
From: pierre.php@gmail.com ("Pierre Joye")

hi Scott,

On Wed, Sep 3, 2008 at 3:08 AM, Scott MacVicar <scott@macvicar.net> wrote:
> Hi All,
>
> Attached and uploaded [1] is a patch to add the OpenSSL random pseudo byte
> function, at the moment it will return FALSE if the bytes aren't considered
> cryptographically strong, I am however considering making this parameter
> controlled.
>
> Any objections to me applying this to 5.3?

As the idea is good and usefull, I have to object to expose this function.

There is already a todo entry for our random functions (mt and normal
rand) as well as a bug report. Two main issues have to be fixed there,
the entropy and the actual randomness. The same underlying API is used
and we can then add a function to return a random buffer directly
(which is basically what is done internally too).

Cheers,
--
Pierre

http://blog.thepimp.net | http://www.libgd.org