Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:88876
Return-Path: <fsb@thefsb.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 56280 invoked from network); 19 Oct 2015 15:22:15 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 19 Oct 2015 15:22:15 -0000
Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 173.203.187.75 as permitted sender)
X-PHP-List-Original-Sender: fsb@thefsb.org
X-Host-Fingerprint: 173.203.187.75 smtp75.iad3a.emailsrvr.com Linux 2.6
Received: from [173.203.187.75] ([173.203.187.75:59917] helo=smtp75.iad3a.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id BD/20-54881-6AA05265 for <internals@lists.php.net>; Mon, 19 Oct 2015 11:22:14 -0400
Received: from smtp10.relay.iad3a.emailsrvr.com (localhost.localdomain [127.0.0.1])
	by smtp10.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 9722D280381;
	Mon, 19 Oct 2015 11:22:11 -0400 (EDT)
Received: by smtp10.relay.iad3a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id 7209F280454;
	Mon, 19 Oct 2015 11:22:11 -0400 (EDT)
X-Sender-Id: fsb@thefsb.org
Received: from yossy.local (c-73-4-147-142.hsd1.ma.comcast.net [73.4.147.142])
	(using TLSv1.2 with cipher DHE-RSA-AES128-SHA)
	by 0.0.0.0:587 (trex/5.4.2);
	Mon, 19 Oct 2015 15:22:11 GMT
To: =?UTF-8?Q?=c3=81ngel_Gonz=c3=a1lez?= <keisial@gmail.com>,
 Anthony Ferrara <ircmaxell@gmail.com>
References: <CAAyV7nGLiGC_E1YYc21chGSKdUJm1KpZV9V3_rZn5eHOmyEarA@mail.gmail.com>
 <56242DC5.7010306@gmail.com>
Cc: "internals@lists.php.net" <internals@lists.php.net>
Message-ID: <56250A9C.3050304@thefsb.org>
Date: Mon, 19 Oct 2015 11:22:04 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0)
 Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <56242DC5.7010306@gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] Password_hash salt generation refactor
From: fsb@thefsb.org (Tom Worster)

On 10/18/15 7:39 PM, Ángel González wrote:
> Korvin wrote:
>> +1 for 7.0.x security patch release, best effort sounds scary.
> This is a salt. It doesn't need to be cryptographically secure. Using
> php_rand()
> there should pose no problem.
> I would actually include that into the patch (move old lines 154-156
> into the
> FAILURE if).

A password salt needs to be unique. It does not need to be drawn from a 
CSPRNG but that is one of the few ways we can be reasonably confident of 
uniqueness (since, as usual, we assume the platform RNG is properly seeded).

I can seed php_rand() from my script but, other than using the platform 
RNG, I have no idea how. Or I can let PHP seed it but its algorithm, a 
function of time and PID, shows PHP doesn't know how either.

As PHP's version numbers increase, so should it's rigor in using best 
practices. I've no problem with apps breaking in the 5 -> 7 upgrade if 
they have no access to platform RNG. So doing Anthony's proposed change 
as early as possible in 7.0.x is best.

Tom