Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:83869
Return-Path: <sammyk@sammykmedia.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 36305 invoked from network); 26 Feb 2015 05:59:28 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Feb 2015 05:59:28 -0000
Authentication-Results: pb1.pair.com smtp.mail=sammyk@sammykmedia.com; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=sammyk@sammykmedia.com; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain sammykmedia.com from 74.125.82.180 cause and error)
X-PHP-List-Original-Sender: sammyk@sammykmedia.com
X-Host-Fingerprint: 74.125.82.180 mail-we0-f180.google.com  
Received: from [74.125.82.180] ([74.125.82.180:38316] helo=mail-we0-f180.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id D4/B1-23986-F36BEE45 for <internals@lists.php.net>; Thu, 26 Feb 2015 00:59:28 -0500
Received: by wesw55 with SMTP id w55so7891840wes.5
        for <internals@lists.php.net>; Wed, 25 Feb 2015 21:59:24 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:date
         :message-id:subject:from:to:cc:content-type;
        bh=IYrYXHm38VnWGzusOncEFrbSRtA5JCU3w4SSFH6/hts=;
        b=I6++2VrxP7vtzb11c5S+OncZepx2EhMBTSoUMir4H/ow75J6YIzhOeFoL0GCjsAs31
         4kqUuCqApdvOBSIv3cgNhpqAen/uYIQ5Hf+EGHFT2wPi1q2VTAivgJQkwyg6Fe/9nWqQ
         yV8/nOtkVs11SnTBDagJaUhG04rg76aYCNbzQ+GPsfj1hgwda9Sq8KGJfOhKwP5/B+vY
         lX1UdspqtXomV7egAsLcakSN5G/OuxQD9SqYNMegvhiyo2/cXY6qDj9rq//6lO5oypuM
         q57CrOW0PzkKsghLVk7/PpC5jdPKfSpcc6U01gM9FEVYkSaXwMPBash3BATbHvdfo+0O
         oMCA==
X-Gm-Message-State: ALoCoQnvEbWY31FZif2masi0Fi05yeP5z1dn7rT2DUd8UfZzpuTW6nuODthW68vFSRFz60zJ6Fjo
MIME-Version: 1.0
X-Received: by 10.194.93.134 with SMTP id cu6mr12703180wjb.79.1424930364808;
 Wed, 25 Feb 2015 21:59:24 -0800 (PST)
Sender: sammyk@sammykmedia.com
Received: by 10.194.59.20 with HTTP; Wed, 25 Feb 2015 21:59:24 -0800 (PST)
X-Originating-IP: [205.178.124.97]
In-Reply-To: <CAEZPtU7V_DKvrSAJZZA=OaktXpuPsGCuAzggobvSS63VUxbDTA@mail.gmail.com>
References: <D1138D6D.5DCE0%fsb@thefsb.org>
	<CAPwsocFtOnB_9uEJUXF-JLhrx0umeW7pKM_mYKRG2eBOM6oYwQ@mail.gmail.com>
	<CAEZPtU4Z9pSKydr-gH43nvDwtGfLTQv_RArqVk2SQg2qLoYZ2A@mail.gmail.com>
	<CAEZPtU7V_DKvrSAJZZA=OaktXpuPsGCuAzggobvSS63VUxbDTA@mail.gmail.com>
Date: Wed, 25 Feb 2015 23:59:24 -0600
X-Google-Sender-Auth: FAKTSE-Fxb_I5t7GREnBvmynyo8
Message-ID: <CALYT1Yp_szH_M=4ufwVXAng9iuva8rahqazjjZX+Br717k0urg@mail.gmail.com>
To: Pierre Joye <pierre.php@gmail.com>
Cc: Leigh <leight@gmail.com>, Tom Worster <fsb@thefsb.org>, 
	php-internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=047d7bb7092c399774050ff774f3
Subject: Re: [PHP-DEV] [RFC] [DISCUSSION] Reliable user-land CSPRNG
From: me@sammyk.me (Sammy Kaye Powers)

--047d7bb7092c399774050ff774f3
Content-Type: text/plain; charset=UTF-8

I don't know why everyone says the internals list is so scary - you guys
are great! :)

> I think the function name(s) should indicate that these functions are for
getting crypto-secure randomness. I proposed cs_random_bytes()

I'm cool with that idea but I also think it should be spelled out like `
random_crypto_*()` as Pierre suggests. I like `secure_random_bytes()` but
that's because it's what Ruby names their CSPRNG. :)
http://ruby-doc.org/stdlib-2.1.2/libdoc/securerandom/rdoc/SecureRandom.html
But really a moot point.

> CS random strings are often required but I haven't ever seen requirements
for arbitrary alphabets, charsets and encodings. In Yii we provided a
method that returns a string using the 64-character set [a-zA-Z0-9_-] which
is nice because they are all transparent in URLs. There are many uses for
such strings and it seems to meet the needs of most users, as they haven't
requested more flexibility.

I actually started down this RFC path out of frustration on this very point
of needing secure random alphanumeric stings. The originally RFC & patch
contained a `random_hex()` function that would convert bytes from the
CSPRNG into hex. The use case that I have seen most needed in user-land is
in fact for random alphanumeric strings so that they can generate CSRF
tokens. Every CRUD app could be affected by this. So I'm still +1 for
having a built-in function to get back arbitrary alphanumeric strings. But
this can be done with `bin2hex(random_bytes(16))` or `base64_encode(
random_bytes(16))` so I won't fight it too much. :)

> I welcome the proposal for an easy-to-use PHP function for obtaining crypto-secure
randomness.

> I love this addition and it is cruelly needed :)

Yay! Lots of love for a CSPRNG! :)


Thanks,
Sammy Kaye Powers
sammyk.me

230 S Clark St #194
Chicago, IL 60604

--047d7bb7092c399774050ff774f3--