Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:88898 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 63183 invoked from network); 20 Oct 2015 21:36:31 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Oct 2015 21:36:31 -0000 Authentication-Results: pb1.pair.com smtp.mail=anatol.php@belski.net; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=anatol.php@belski.net; sender-id=unknown Received-SPF: error (pb1.pair.com: domain belski.net from 85.214.73.107 cause and error) X-PHP-List-Original-Sender: anatol.php@belski.net X-Host-Fingerprint: 85.214.73.107 klapt.com Received: from [85.214.73.107] ([85.214.73.107:46019] helo=h1123647.serverkompetenz.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 19/82-45576-DD3B6265 for ; Tue, 20 Oct 2015 17:36:30 -0400 Received: by h1123647.serverkompetenz.net (Postfix, from userid 1006) id B931B6D2036; Tue, 20 Oct 2015 23:36:26 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on h1123647.serverkompetenz.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.5 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=unavailable version=3.3.2 Received: from atomone (p579F36D0.dip0.t-ipconnect.de [87.159.54.208]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by h1123647.serverkompetenz.net (Postfix) with ESMTPSA id AF14D6D2002; Tue, 20 Oct 2015 23:36:24 +0200 (CEST) To: "'Anthony Ferrara'" , Cc: "'Kalle Sommer Nielsen'" References: In-Reply-To: Date: Tue, 20 Oct 2015 23:35:57 +0200 Message-ID: <0d0b01d10b7f$5ecf4890$1c6dd9b0$@belski.net> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQEgCZFMBFeyW6EvkG6KO0k8OAL6Tp/W5ksw Content-Language: en-us Subject: RE: [PHP-DEV] Password_hash salt generation refactor From: anatol.php@belski.net ("Anatol Belski") Hi Anthony, > -----Original Message----- > From: Anthony Ferrara [mailto:ircmaxell@gmail.com] > Sent: Monday, October 19, 2015 1:00 AM > To: internals@lists.php.net > Subject: [PHP-DEV] Password_hash salt generation refactor >=20 > All, >=20 > With PHP 7 comes random_bytes and random_int. This duplicates some of > the logic internally that password_hash uses to generate its salt. >=20 > I would like to refactor this to unify generation. I've opened a PR = against > master: https://github.com/php/php-src/pull/1585 >=20 > I don't feel comfortable pulling against 7 this far into RC status. > Perhaps wait until after it goes gold? Or should this target 7.1? It's = not a big > deal in either direction. Though it does add a side-effect, where if = it can't > gather enough entropy it will throw an exception and return failure = (where > prior it would simply make a "best effort". >=20 > Thoughts? >=20 As much as it could be an improvement of the password_hash(), one would = better avoid any behavior change at this stage. I was thinking about it = and came to an idea that maybe could work for 7.0 - one should just make = php_random_bytes() that side effect free. Could php_random_bytes() be extended with a flag that would tell = exceptions to pass? Or maybe exceptions could be moved out from the = php_random_bytes() and thrown directly in the new functions that was = undergoing the RFC but not password_hash() ? I'd be actually for the = second variant.=20 That ways FAILURE would be returned, but a decision about what to do = about it would be made outside. IMHO it were also useful as the API is = intended to be exported. So for the cases where php_random_bytes() came = to use as a library function outside immediate PHP userspace (for = example in SAPI), it should not throw exceptions from itself. Do this suggestions sound eligible? Regards Anatol