Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:98116 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 51684 invoked from network); 2 Feb 2017 09:18:19 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 2 Feb 2017 09:18:19 -0000 Authentication-Results: pb1.pair.com smtp.mail=me@kelunik.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=me@kelunik.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain kelunik.com from 81.169.146.162 cause and error) X-PHP-List-Original-Sender: me@kelunik.com X-Host-Fingerprint: 81.169.146.162 mo4-p00-ob.smtp.rzone.de Received: from [81.169.146.162] ([81.169.146.162:26794] helo=mo4-p00-ob.smtp.rzone.de) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A2/F8-51557-959F2985 for ; Thu, 02 Feb 2017 04:18:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1486027094; l=7861; s=domk; d=kelunik.com; h=Content-Type:Cc:To:Subject:Date:From:References:In-Reply-To: MIME-Version; bh=YTs+TdCNxSP/EcAG1kBAI/6waAFR5yZBQQLpB+kcJvk=; b=bu8poocuQOrZGoELucQvMbKJiVVKZXUQjhcnDwvg6Wu8tPGKJjnQp18t40sc0Os+sV ehTII7eVBfVK1CV54cP7L7ABrEgu5nblqaid3j93xEMxKhZMbVAPybLzxUt5eK7SHaqF L6XCYbZWLAeP8S461NqTe5k2EYZgpvZ6fyYuc= X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLDup6E67mzuoNJBqD/si4= X-RZG-CLASS-ID: mo00 Received: from mail-qt0-f172.google.com ([209.85.216.172]) by smtp.strato.de (RZmta 39.12 AUTH) with ESMTPSA id 907ec5t129IEUYG (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp384r1 with 384 ECDH bits, eq. 7680 bits RSA)) (Client did not present a certificate) for ; Thu, 2 Feb 2017 10:18:14 +0100 (CET) Received: by mail-qt0-f172.google.com with SMTP id x49so18673838qtc.2 for ; Thu, 02 Feb 2017 01:18:14 -0800 (PST) X-Gm-Message-State: AIkVDXLMPsDXGd+5PkXuQZO1k9QyMyc3JrkXSJW7KmxUrwX/9NsfKQTcIxwX5LhADEnPsRraq0KYb9T2kXKFMg== X-Received: by 10.237.37.50 with SMTP id v47mr6639278qtc.126.1486027094096; Thu, 02 Feb 2017 01:18:14 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.144.132 with HTTP; Thu, 2 Feb 2017 01:18:13 -0800 (PST) In-Reply-To: References: <0D26A03B-6BEB-4730-8E4B-0F7D6835E683@thefsb.org> <8991137d8dd8ba915bcacd4fbc1fe88f@gmail.com> Date: Thu, 2 Feb 2017 10:18:13 +0100 X-Gmail-Original-Message-ID: Message-ID: To: Yasuo Ohgaki Cc: =?UTF-8?Q?Lauri_Kentt=C3=A4?= , Tom Worster , "internals@lists.php.net" , Leigh , Nikita Popov Content-Type: multipart/alternative; boundary=001a114030a4122286054788a5e7 Subject: Re: [PHP-DEV] Re: Improving mt_rand() seed From: me@kelunik.com (Niklas Keller) --001a114030a4122286054788a5e7 Content-Type: text/plain; charset=UTF-8 > > Posting RFC draft before discussion > > https://wiki.php.net/rfc/improve_predictable_prng_random > > This RFC includes results of recent PRNG related discussions. > I would like to keep it simple, but basic object feature will be > implemented. > > Methods could raise exceptions for invalid operations rather than ignoring. > > Comments? > > -- > Yasuo Ohgaki > yohgaki@ohgaki.net > The proposed interface has way too many methods. Nor should CSPRNG extend the other PRNG interface. And also not the other way round, because then you can pass a non-CSPRNG to an only CSPRNG-accepting function. interface RandomInterface { public function getInt(int $min = NULL, int $max = NULL); // Int random public function getBytes(int $length); // Raw bytes public function getString(int $length, int $bits = 6); // String [0-9a-zA-Z,-]+ public function seed($seed = NULL); // No use with CS RNG, return TRUE always. public function getState(); // Return string representation PRNG state. No use with CS RNG, return NULL. public function setState(string $state); // Set PRNG state. No use with CS RNG, return TRUE always. public function getCount(); // No use with CS RNG, return 0 always. public function getReseedCycle(); // No use with CS RNG, return 0 always. public function setReseedCycle(int $count); // No use with CS RNG, return TRUE always. } You can already see from the comments that there are too many methods, e.g. "No use with CS RNG, return 0 always." I think the interfaces should look like that: interface PRNG { public function getInt(int $min = null, int $max = null): int; public function getBytes(int $length): string; } interface SeedablePRNG extends PRNG { public function seed(?? $seed): void; } interface CSPRNG { public function getInt(int $min = null, int $max = null): int; public function getBytes(int $length): string; } `getString()` should probably be a function accepting a PRNG / CSPRNG and a string containing possible chars. Maybe also an array, so you can use non-single-byte encodings like UTF-8. While getState and setState might be useful to save a state and continue somewhere in the future with the same state, it's not something for an interface. If you do something like that, you need the same RNG again, so those can be exposed only in specific implementations, they shouldn't be in the interface. `getCount` and `getReseedCycle`: What's the use case? I think those should be handled internally, nothing that should be user configurable. There are also a lot of functions, I don't think we should introduce them. We can just add static methods with a default instance to each RNG. Regards, Niklas --001a114030a4122286054788a5e7--