Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72367 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 51696 invoked from network); 7 Feb 2014 07:11:04 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 7 Feb 2014 07:11:04 -0000 Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.49 as permitted sender) X-PHP-List-Original-Sender: pierre.php@gmail.com X-Host-Fingerprint: 209.85.216.49 mail-qa0-f49.google.com Received: from [209.85.216.49] ([209.85.216.49:64441] helo=mail-qa0-f49.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 90/92-34013-70784F25 for ; Fri, 07 Feb 2014 02:11:04 -0500 Received: by mail-qa0-f49.google.com with SMTP id w8so4546621qac.22 for ; Thu, 06 Feb 2014 23:11:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=IGER/5hOZ5wYuoIOtYU9L7a0LNchqtwL3e6mso3soR0=; b=hQO3IfAQMSg/yiyVIfkXszM3B3EzGSBPMopEyPVAQm19jaXDved6523c/o2/XH6OhD dmLr9NdZgK3BNs5YC/PHJO6sKj90TBdCfECCsbIOe9o5mB7EU4iyEbC4ADzSq7BFbaNd eFZmjaXvmI7ZOjN6WriZX9h0hfuU7GISXsDic/WlYVxMwXgywJmsrB6bY3oI6asNayt3 84XvIS+Rg4EXcVZKOew8Qb/Qz6WuERO5ihMgPA3egmp5QKeA3BklCZlbirKoQhruy5CK onhbneTkm25O5B32vv6a5NCm0e/DhroK3V6LCFmapgN568QUJHnTuLyC4lmQMdMz3U9e Sunw== MIME-Version: 1.0 X-Received: by 10.140.22.145 with SMTP id 17mr18199578qgn.0.1391757061414; Thu, 06 Feb 2014 23:11:01 -0800 (PST) Received: by 10.140.18.145 with HTTP; Thu, 6 Feb 2014 23:11:01 -0800 (PST) In-Reply-To: <52F485C1.4010208@cubiclesoft.com> References: <52F485C1.4010208@cubiclesoft.com> Date: Fri, 7 Feb 2014 08:11:01 +0100 Message-ID: To: Thomas Hruska Cc: PHP Development Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] Make mcrypt_create_iv() an alias and move the code into /ext/standard From: pierre.php@gmail.com (Pierre Joye) On Fri, Feb 7, 2014 at 8:05 AM, Thomas Hruska wrote: > mcrypt_create_iv() is the cleanest access to a universal system-level > primitive that supports both /dev/urandom and php_win32_get_random_bytes() > under the hood. Unfortunately, it resides in /ext/mcrypt and the mcrypt > extension isn't always enabled/available (nor should it be). At any rate, > it is quite odd that the function php_win32_get_random_bytes() is compiled > into the core of PHP by default under Windows but there's currently no way > to get at it except through an extension. There's good code in > mcrypt_create_iv() that is significantly useful outside of the rest of that > extension and it isn't actually dependent upon libmcrypt for proper > operation. > > Moving the guts of this non-dependent function into the core would allow > mcrypt_create_iv() to just become an alias. The new userland function could > be located in /ext/standard/rand.c and have an uncreative name like > rand_bytes(). We do not force to enable extension with external dependencies, even less in ext/standard. However, if any function should be enabled by default, if the deps are available obviously, it should be the one from openssl, it is by far more available and better. Also we need something to differentiate crypto safe vs strong entropy sources to avoid the usual issues with crypto safe used in cases with no requirements for crypto safe entropy. Cheers, -- Pierre @pierrejoye | http://www.libgd.org