Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72375 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 71779 invoked from network); 7 Feb 2014 11:31:12 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 7 Feb 2014 11:31:12 -0000 Authentication-Results: pb1.pair.com header.from=tjerk.meesters@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=tjerk.meesters@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.128.182 as permitted sender) X-PHP-List-Original-Sender: tjerk.meesters@gmail.com X-Host-Fingerprint: 209.85.128.182 mail-ve0-f182.google.com Received: from [209.85.128.182] ([209.85.128.182:62992] helo=mail-ve0-f182.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id D3/E5-34013-FF3C4F25 for ; Fri, 07 Feb 2014 06:31:11 -0500 Received: by mail-ve0-f182.google.com with SMTP id jy13so2611088veb.41 for ; Fri, 07 Feb 2014 03:31:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=PY91G4PWYoNAJKEymzmYSkuU+dF4zsUYQkKq117MqHQ=; b=ukZB0CF8AfqQ/Z+dzV0BfS0wQWcj+ldWR9bs0DTjnJOuQtvJtGz9Oo/aBYElWGk5dW RkW9nX4JBI+PyZrUOz81dMZj6mpDNT3DBZs8S41D3wdZBFVDxVTO7Y4V5odhNdMIBVDa kSBbg7Flqa59c1xYqIQQzYMpkFeSRfAnqgBVbEKsKD6XqLZd9/j9q2G4+ZD5YOY/ZMB4 tvDotbZ6c8LlX73tSAO1BsAZeqaRJDtOS4zGF3Epad3yKIM074hVrIeCPPP6vsO//UZN i35bqyzkR5tDgZNHSowP7wYahY4wb8zJd5rgReOBt4UQfvxhGkG1e7pNQRLqG53srkdE KOfw== MIME-Version: 1.0 X-Received: by 10.58.188.78 with SMTP id fy14mr10137183vec.23.1391772668783; Fri, 07 Feb 2014 03:31:08 -0800 (PST) Received: by 10.58.133.229 with HTTP; Fri, 7 Feb 2014 03:31:08 -0800 (PST) In-Reply-To: References: <52F485C1.4010208@cubiclesoft.com> Date: Fri, 7 Feb 2014 19:31:08 +0800 Message-ID: To: Yasuo Ohgaki Cc: Thomas Hruska , PHP Development Content-Type: multipart/alternative; boundary=089e013a12f087f2f404f1cf531d Subject: Re: [PHP-DEV] Make mcrypt_create_iv() an alias and move the code into /ext/standard From: tjerk.meesters@gmail.com (Tjerk Meesters) --089e013a12f087f2f404f1cf531d Content-Type: text/plain; charset=ISO-8859-1 On Fri, Feb 7, 2014 at 6:30 PM, Yasuo Ohgaki wrote: > Hi Thomas, > > On Fri, Feb 7, 2014 at 4:05 PM, Thomas Hruska >wrote: > > > Moving the guts of this non-dependent function into the core would allow > > mcrypt_create_iv() to just become an alias. The new userland function > > could be located in /ext/standard/rand.c and have an uncreative name like > > rand_bytes(). > > > There is new great PECL package. > http://pecl.php.net/package/crypto > I would like to see it as default for crypt related feature. > > Anyway, we need default rundom_bytes() function in ext/standard. This is > mandatory for secure apps, but we have no default function. This should be > resolved. > > Anyway, mcrypt_create_iv() is not optimum, yet. Here is possible > improvement. > > https://github.com/yohgaki/php-src/compare/PHP-5.6-mcrypt_create_iv > > It still requires random source and it does not support windows well, > though. > I'm about to adding new function which solves all of them like session > module. > Speaking of which, it would be nice if session id generation depended on this shiny new API as well ... basically we solve two problems: 1. An easy way to get a bunch of random bytes 2. Centralize random number generation internally, i.e. session ids and password salts are generated with it. I'm not sure whether this should extend to providing an easy way to generate crypto safe random numbers, but that would obviously be nice if feasible. > Regards, > > -- > Yasuo Ohgaki > yohgaki@ohgaki.net > -- -- Tjerk --089e013a12f087f2f404f1cf531d--