rfc:easy_userland_csprng
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
rfc:easy_userland_csprng [2015/02/24 20:42] – Changed -PHP_INT_MAX to ~PHP_INT_MAX sammyk | rfc:easy_userland_csprng [2017/09/22 13:28] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== PHP RFC: Easy User-land CSPRNG ====== | ====== PHP RFC: Easy User-land CSPRNG ====== | ||
- | * Version: 0.2 | + | * Version: 0.5 |
* Date: 2015-02-20 | * Date: 2015-02-20 | ||
* Author: Sammy Kaye Powers < | * Author: Sammy Kaye Powers < | ||
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
Line 11: | Line 11: | ||
==== The Problem ==== | ==== The Problem ==== | ||
- | By default PHP does not provide an easy mechanism for accessing cryptographically strong random numbers in user-land. Users have a few options like '' | + | By default PHP does not provide an easy mechanism for accessing cryptographically strong random numbers in user-land. Users have a few options like '' |
- | * '' | + | * The '' |
* '' | * '' | ||
- | * Falling back to ''/ | + | * Falling back to ''/ |
- | + | ||
- | See the [[https:// | + | |
In addition users may attempt to generate their own streams of random bytes relying on '' | In addition users may attempt to generate their own streams of random bytes relying on '' | ||
===== Proposal ===== | ===== Proposal ===== | ||
- | There should be a user-land API to easily return an arbitrary length of cryptographically secure pseudo-random bytes directly and work on any supported | + | There should be a user-land API to easily return an arbitrary length of cryptographically secure pseudo-random bytes directly and work on any supported |
- | The initial proposal is to add **two** user-land functions that return the bytes as binary and integer. | + | The initial proposal is to add **two** user-land functions that return the bytes as binary and integer. Arbitrary length strings of random bytes are important for salts, keys and initialisation vectors. Integers based on CS random are important for applications where unbiased results are critical (i.e. shuffling a Poker deck). |
Signatures: | Signatures: | ||
< | < | ||
random_bytes(int length); | random_bytes(int length); | ||
- | random_int([int min = ~PHP_INT_MAX [, int max = PHP_INT_MAX]]); | + | random_int(int min, int max); |
</ | </ | ||
Line 41: | Line 39: | ||
The sources of random used are as follows: | The sources of random used are as follows: | ||
* On windows '' | * On windows '' | ||
- | * '' | + | * '' |
* ''/ | * ''/ | ||
* ''/ | * ''/ | ||
+ | * An error is thrown in the event that a sufficient source of randomness is unavailable. | ||
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
- | There would be no BC breaks. | + | Any user-land code that defines a '' |
===== Proposed PHP Version(s) ===== | ===== Proposed PHP Version(s) ===== | ||
Line 78: | Line 77: | ||
* Deprecate '' | * Deprecate '' | ||
* Improve '' | * Improve '' | ||
- | * Detect LibreSSL portable for arc4random() on Linux | + | * Detect LibreSSL-portable for arc4random() on Linux |
- | * Improve fd-less random for chroot environments with our own arc4random and the linux '' | + | |
- | * Add complimentary easy-use and secure by default cryptography functions | + | |
===== Patches and Tests ===== | ===== Patches and Tests ===== | ||
- | The current | + | The current patch can be found here: https:// |
+ | |||
+ | ===== Proposed Voting Choices ===== | ||
+ | |||
+ | The voting choices are yes (in favor for accepting this RFC for PHP 7) or no (against it). | ||
+ | |||
+ | ===== Vote ===== | ||
+ | |||
+ | Vote starts on March 14th, and will end two weeks later, on March 28th. | ||
+ | |||
+ | This RFC requires a 2/3 majority. | ||
- | ===== References ===== | + | <doodle title=" |
- | None so far. | + | * Yes |
+ | * No | ||
+ | </ | ||
- | ===== Rejected Features ===== | ||
- | None so far. | ||
===== Changelog ===== | ===== Changelog ===== | ||
+ | * 0.5: Updated the function header for random_int() to reflect all args as required. - SammyK | ||
+ | * 0.4: Added BC info. Updated patch link to point to PR. - SammyK | ||
+ | * 0.3: Changed '' | ||
* 0.2: Condensed the problem domain into something more focused. Added function sigs. - Leigh. | * 0.2: Condensed the problem domain into something more focused. Added function sigs. - Leigh. | ||
* 0.1: Mmmm drafty | * 0.1: Mmmm drafty | ||
- | * 0.0: Initial draft - need Leigh' | + | * 0.0: Initial draft - need Leigh' |
===== Acknowledgements ===== | ===== Acknowledgements ===== | ||
Big thanks to Anthony Ferrara, Daniel Lowrey, E. Smith and [[http:// | Big thanks to Anthony Ferrara, Daniel Lowrey, E. Smith and [[http:// | ||
rfc/easy_userland_csprng.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1