Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72603
Return-Path: <pierre.php@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 32853 invoked from network); 14 Feb 2014 15:41:08 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 14 Feb 2014 15:41:08 -0000
Authentication-Results: pb1.pair.com header.from=pierre.php@gmail.com; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=pierre.php@gmail.com; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.216.180 as permitted sender)
X-PHP-List-Original-Sender: pierre.php@gmail.com
X-Host-Fingerprint: 209.85.216.180 mail-qc0-f180.google.com  
Received: from [209.85.216.180] ([209.85.216.180:64942] helo=mail-qc0-f180.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 85/54-09381-3193EF25 for <internals@lists.php.net>; Fri, 14 Feb 2014 10:41:08 -0500
Received: by mail-qc0-f180.google.com with SMTP id i17so20620065qcy.11
        for <internals@lists.php.net>; Fri, 14 Feb 2014 07:41:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=0CqYmQ7gInZOjjusX5aeNL8v67/2J5SSitFhM4kY9AA=;
        b=ULFkASjWavgIczF0u2Mjh9qB0RpXf4QtzdiQ4VEPjgD9nATSwEZH1Bw/dBNnT9+Trc
         IrtAFhmWKYYHOoMsKjIcAMk3pR4XSHIMns+rbP9KI5fcTCNiAcdmgatmAE7l7kwOovzn
         cFOWNCYrCAfqLXid5oQxIJV/NVrMZbpa9B4ivWM6KIml5ztq6JGjp4EEoXuGIV0umFY5
         VL/aPjNIY+BiSeIF4VceKmXLRr+NYa4fvVMBAQ+puCkG1IfXUIP0H0XJSrK6a38dn272
         fjsMtJ2E6ixllvEyo7X++i9ZHxH1xTcln7xnBiyrvapeiGoCwUZlZyqsR90/f6q8vTUa
         dlkQ==
MIME-Version: 1.0
X-Received: by 10.229.188.69 with SMTP id cz5mr14187935qcb.7.1392392465047;
 Fri, 14 Feb 2014 07:41:05 -0800 (PST)
Received: by 10.140.18.145 with HTTP; Fri, 14 Feb 2014 07:41:04 -0800 (PST)
Received: by 10.140.18.145 with HTTP; Fri, 14 Feb 2014 07:41:04 -0800 (PST)
In-Reply-To: <CAEKnhAErZ_K3=vPvGEcDBMtT4f_rnawgAu4D=CCeedgp9OqaHw@mail.gmail.com>
References: <CAPhkiZz91t5i+MxP8-P5zLtr9+1h3NyJfy2FO0PjhVZbG4LqBA@mail.gmail.com>
	<CAEZPtU72hXjKJ4VMhNa1pYi09vNgC6KkOmgk5Ld3+XWt_092EQ@mail.gmail.com>
	<CAPhkiZynD5JF15PrWN1Bxv=UEdkPm+RrGOnpp3oAQiSjbBY3+Q@mail.gmail.com>
	<CAEZPtU7UnOg_Q1A-4+v7kfaW0-3cUFpO6Le91GDRki4y3xSnxg@mail.gmail.com>
	<CAEKnhAGZ0VY5H0nKvzCoK2Rx-ORkkbFE1WFEZr=VkzTWvXXGfQ@mail.gmail.com>
	<CAPhkiZxTFU-bxyX4QeAO7cnTdEua+M2BSn2dTQ48kxga+VOALw@mail.gmail.com>
	<CAEKnhAErZ_K3=vPvGEcDBMtT4f_rnawgAu4D=CCeedgp9OqaHw@mail.gmail.com>
Date: Fri, 14 Feb 2014 16:41:04 +0100
Message-ID: <CAEZPtU69JCsDNtHkHuVed8BMPNJfFADDNNZnEeaaZCxJ_NTpsw@mail.gmail.com>
To: Jakub Zelenka <bukka@php.net>
Cc: PHP internals <internals@lists.php.net>, Andrey Andreev <narf@devilix.net>
Content-Type: multipart/alternative; boundary=001a113471b6446bdb04f25fa280
Subject: Re: [PHP-DEV] unify entropy source for all php related functions
From: pierre.php@gmail.com (Pierre Joye)

--001a113471b6446bdb04f25fa280
Content-Type: text/plain; charset=UTF-8

On Feb 14, 2014 10:30 PM, "Jakub Zelenka" <bukka@php.net> wrote:

> The point is that OpenSSL considers /dev/urandom strong enough for
seeding CSPRNG.

The point here is about whether /Dev/urandom is cs or not. It is not. It
may be (on recent updated systems) enough to be used as seed but not to
actually generate cs random data.

Also it is important to keep mind that openssl does more than simply read
from urandom or random to generate data. That's outside the scope of what
is proposed here.

Cheers,
Pierre

--001a113471b6446bdb04f25fa280--