Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:72388 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 26635 invoked from network); 7 Feb 2014 21:28:59 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 7 Feb 2014 21:28:59 -0000 Authentication-Results: pb1.pair.com smtp.mail=yohgaki@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=yohgaki@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.217.175 as permitted sender) X-PHP-List-Original-Sender: yohgaki@gmail.com X-Host-Fingerprint: 209.85.217.175 mail-lb0-f175.google.com Received: from [209.85.217.175] ([209.85.217.175:59830] helo=mail-lb0-f175.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 91/54-03933-81055F25 for ; Fri, 07 Feb 2014 16:28:57 -0500 Received: by mail-lb0-f175.google.com with SMTP id p9so3078048lbv.20 for ; Fri, 07 Feb 2014 13:28:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=TNq1XLNdvmQDS2KT1aOk9eMogu9zDR03xTx9WxPhvqE=; b=Lb5Hnoa28H9R0DWD6CZEoBsF+PihW+1/uHBlirhBRrzNooBAscG/VKaggxR5mlULjA 5W/sN42vq5YiylZugFIm/vGAjBrKlHjK2OPRSc7TYN8RnCIg7C3LkSfrX//WFGy5X+Dm hXb1hb6AFaz8WkxgxJ2ECEqHUN8OvL01oW4P0pYla3VxS/ipLnn50RLQPTOhFWJDhI8m uABaFSakRd845Mpy9X6a84KHecLnvLAcXYkgRbBPMv2k1ReYvJ2XsrQGy6fRmC+UyJad W2cP70puTeg38ZGWgUhNipMBs89L9hCybgRICHJH5oCtRHig8OlRX1rNMyM7skMBb9t/ UMVA== X-Received: by 10.152.121.65 with SMTP id li1mr15218lab.76.1391808533500; Fri, 07 Feb 2014 13:28:53 -0800 (PST) MIME-Version: 1.0 Sender: yohgaki@gmail.com Received: by 10.112.199.37 with HTTP; Fri, 7 Feb 2014 13:28:13 -0800 (PST) In-Reply-To: <52F485C1.4010208@cubiclesoft.com> References: <52F485C1.4010208@cubiclesoft.com> Date: Sat, 8 Feb 2014 06:28:13 +0900 X-Google-Sender-Auth: 59GxcbuTEOPfB-U2-TKPtN7Fagw Message-ID: To: Thomas Hruska Cc: PHP Development Content-Type: multipart/alternative; boundary=089e0112c5c83c17eb04f1d7ad91 Subject: Re: [PHP-DEV] Make mcrypt_create_iv() an alias and move the code into /ext/standard From: yohgaki@ohgaki.net (Yasuo Ohgaki) --089e0112c5c83c17eb04f1d7ad91 Content-Type: text/plain; charset=UTF-8 Hi Thomas, On Fri, Feb 7, 2014 at 4:05 PM, Thomas Hruska wrote: > mcrypt_create_iv() is the cleanest access to a universal system-level > primitive that supports both /dev/urandom and php_win32_get_random_bytes() > under the hood. Unfortunately, it resides in /ext/mcrypt and the mcrypt > extension isn't always enabled/available (nor should it be). At any rate, > it is quite odd that the function php_win32_get_random_bytes() is compiled > into the core of PHP by default under Windows but there's currently no way > to get at it except through an extension. There's good code in > mcrypt_create_iv() that is significantly useful outside of the rest of that > extension and it isn't actually dependent upon libmcrypt for proper > operation. > > Moving the guts of this non-dependent function into the core would allow > mcrypt_create_iv() to just become an alias. The new userland function > could be located in /ext/standard/rand.c and have an uncreative name like > rand_bytes(). > rand_bytes() (or random_bytes()) is common names for the task. We may adopt it. Anyway, I've wrote portable one for the task. https://github.com/yohgaki/php-src/compare/PHP-5.6-rfc-random_bytes Function name could be rand_bytes() or anything. Name is important, but implementation is more important here. It's still work in progress, as it does not use OpenSSL. I would like to use OpenSSL's RAND_bytes() for this. This mean when OpenSSL is available, PHP is linked with OpenSSL. With OpenSSL's RAND_bytes() and RAND_peduso_bytes(), we may be able to use better RNG/PRNG for the platform. Any comments? Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net --089e0112c5c83c17eb04f1d7ad91--