Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:56988
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 9209 invoked from network); 21 Dec 2011 19:25:27 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 21 Dec 2011 19:25:27 -0000
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.213.170 as permitted sender)
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.213.170 mail-yx0-f170.google.com  
Received: from [209.85.213.170] ([209.85.213.170:42688] helo=mail-yx0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 15/B2-28003-6A232FE4 for <internals@lists.php.net>; Wed, 21 Dec 2011 14:25:26 -0500
Received: by yenl6 with SMTP id l6so5197585yen.29
        for <internals@lists.php.net>; Wed, 21 Dec 2011 11:25:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        bh=7IyfvwyqxBUNv6I2H/S1q2YfdrnlvuBFlX9Hq7hVC/8=;
        b=F3cO5WM1pQPOGAxXcjamZzd+v6z79COKyQcyB7YcDyh8OESC/OqZ+RO/y7OjFVIn3u
         sxWDe5lfEvU15lzhYEN2FqMPs0aZphzi1NokFstDKmz92BRKmtiKz3lHAYFgSPkrRecv
         pQxTdfL3dNMNCB8m+lsEPMdU2GN5r/KXp30rc=
MIME-Version: 1.0
Received: by 10.236.73.230 with SMTP id v66mr11519965yhd.61.1324495522897;
 Wed, 21 Dec 2011 11:25:22 -0800 (PST)
Received: by 10.146.204.6 with HTTP; Wed, 21 Dec 2011 11:25:22 -0800 (PST)
In-Reply-To: <CB176617.204DC%fsb@thefsb.org>
References: <CB176617.204DC%fsb@thefsb.org>
Date: Wed, 21 Dec 2011 20:25:22 +0100
Message-ID: <CAEZPtU5cASMud0_j4PHJ_44XA1OjfN2LSSs7rpAPaP59cij85w@mail.gmail.com>
To: Tom Worster <fsb@thefsb.org>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] CS random values
From: pierre.php@gmail.com (Pierre Joye)

hi,

Some short comments:

On Wed, Dec 21, 2011 at 4:31 PM, Tom Worster <fsb@thefsb.org> wrote:

> PHP does not in general allow access to the underlying system=B9s
> entropy source. I think it would be a good idea if it did.

It does on unix using the almost generally available random and
urandom. On Windows you can use the openssl_random_pseudo_bytes
function which does not rely on the OpenSSL API but the Windows native
Crypto APIs.



> 1. /dev/random and /dev/urandom are unavailable on Windows and
> cannot be fopen()=B9ed in safe mode on *nix/nux

Well, bad admins forgot to allow access to these files. Maybe we
should add that to the documentations.

> 2. openssl_random_pseudo_bytes() requires openssl extension
> installed and enabled. Most of the popular AMP packages for
> Windows fail on this count. Many shared web hosts don=B9t have it
> either.

See my previous comment about windows.

For shared hosts not providing openssl, I would suggest (strongly) to
look for better hosting solutions.

> 3. mcrypt_create_iv() depends on mcrypt extension and so suffers
> similar problems as openssl

How so? The entropy source on windows is the same than the one in
openssl and uses the windows crypto API.

> 4. Another method is to set runtime config param
> session.entropy_length followed by @session_start();
> session_regenerate_id(); after which session_id() will return a
> CS random string, but this is also foiled by safe mode.

Btw, entropy src on windows benefits from the same implementation than
mcrypt and openssl.

> 5. On Windows you could try COM('CAPICOM.Utilities.1')->GetRandom
> but that API is obsolescent and not in many default Windows
> installs.

That's what the random bytes function uses. Or to be more exact,
CAPICOM uses the same same underlying API.


> 6. Last chance is new DOTNET('mscorlib',
> 'System.Security.Cryptography.RNGCryptoServiceProvider') etc
> requires a working and compatible .NET framework.

Same comment as in pt. 5


> At this point the best bet is probably to hash some bytes from
> mt_rand() with microtime() and return that but trigger a warning
> about security. This is a very poor substitute.

They are by no way crypto safe. Openssl's random function on unix can
fail to be crypto safe as well. On windows, it is always crypto safe.


Cheers,
--=20
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org