rfc:easy_userland_csprng
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
rfc:easy_userland_csprng [2015/02/20 22:09] – created sammyk | rfc:easy_userland_csprng [2017/09/22 13:28] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== PHP RFC: Easy User-land CSPRNG ====== | ====== PHP RFC: Easy User-land CSPRNG ====== | ||
- | * Version: 0.0 | + | * Version: 0.5 |
* Date: 2015-02-20 | * Date: 2015-02-20 | ||
- | * Author: Sammy Kaye Powers, me@sammyk.me | + | * Author: Sammy Kaye Powers |
- | * Status: | + | * Status: |
* First Published at: http:// | * First Published at: http:// | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | This RFC proposes adding | + | This RFC proposes adding |
==== The Problem ==== | ==== The Problem ==== | ||
- | PHP is particularly bad at providing CSPRNG' | + | By default |
- | The '' | + | * The '' |
+ | * '' | ||
+ | * Falling back to ''/ | ||
- | The '' | + | In addition users may attempt |
- | + | ||
- | Currently the most reliable way to grab pseudo-random bytes across systems is by using either of the libs mentioned above or falling back to a stream of bytes from '' | + | |
- | + | ||
- | See the [[https:// | + | |
===== Proposal ===== | ===== Proposal ===== | ||
- | There should be a user-land API to easily return an arbitrary length of cryptographically secure pseudo-random bytes directly | + | There should be a user-land API to easily return an arbitrary length of cryptographically secure pseudo-random bytes directly and work on any supported |
- | The initial proposal is to add **two** user-land functions that return the bytes as binary and integer. | + | The initial proposal is to add **two** user-land functions that return the bytes as binary and integer. Arbitrary length strings of random bytes are important for salts, keys and initialisation vectors. Integers based on CS random are important for applications where unbiased results are critical (i.e. shuffling a Poker deck). |
+ | Signatures: | ||
+ | < | ||
+ | random_bytes(int length); | ||
+ | random_int(int min, int max); | ||
+ | </ | ||
+ | |||
+ | Examples: | ||
<code php> | <code php> | ||
- | $randBinary | + | $randomStr |
- | $randomInt = random_int($maxInt | + | $randomInt = random_int($min = 0, $max = 127); |
</ | </ | ||
+ | |||
+ | The sources of random used are as follows: | ||
+ | * On windows '' | ||
+ | * '' | ||
+ | * ''/ | ||
+ | * ''/ | ||
+ | * An error is thrown in the event that a sufficient source of randomness is unavailable. | ||
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
- | There would be no BC breaks. | + | Any user-land code that defines a '' |
===== Proposed PHP Version(s) ===== | ===== Proposed PHP Version(s) ===== | ||
Line 43: | Line 55: | ||
==== To Existing Extensions ==== | ==== To Existing Extensions ==== | ||
- | No existing extensions | + | No existing extensions |
==== To Opcache ==== | ==== To Opcache ==== | ||
- | __TODO Leigh - this one is all yours :)__ | + | Opcache |
- | Please explain how you have verified your RFC's compatibility with opcache. | + | |
==== New Constants ==== | ==== New Constants ==== | ||
Line 56: | Line 67: | ||
===== Open Issues ===== | ===== Open Issues ===== | ||
- | * Verify Windows support (@auroraeosrose? | + | * Nothing yet |
- | * Implement support for '' | + | |
===== Unaffected PHP Functionality ===== | ===== Unaffected PHP Functionality ===== | ||
- | This change | + | This change |
===== Future Scope ===== | ===== Future Scope ===== | ||
Line 67: | Line 77: | ||
* Deprecate '' | * Deprecate '' | ||
* Improve '' | * Improve '' | ||
+ | * Detect LibreSSL-portable for arc4random() on Linux | ||
===== Patches and Tests ===== | ===== Patches and Tests ===== | ||
- | The current | + | The current patch can be found here: https:// |
+ | |||
+ | ===== Proposed Voting Choices ===== | ||
+ | |||
+ | The voting choices are yes (in favor for accepting this RFC for PHP 7) or no (against it). | ||
+ | |||
+ | ===== Vote ===== | ||
+ | |||
+ | Vote starts on March 14th, and will end two weeks later, on March 28th. | ||
+ | |||
+ | This RFC requires a 2/3 majority. | ||
- | ===== References ===== | + | <doodle title=" |
- | None so far. | + | * Yes |
+ | * No | ||
+ | </ | ||
- | ===== Rejected Features ===== | ||
- | None so far. | ||
===== Changelog ===== | ===== Changelog ===== | ||
- | * 0.0: Initial draft - need Leigh' | + | * 0.5: Updated the function header for random_int() to reflect all args as required. - SammyK |
+ | * 0.4: Added BC info. Updated patch link to point to PR. - SammyK | ||
+ | * 0.3: Changed '' | ||
+ | * 0.2: Condensed the problem domain into something more focused. Added function sigs. - Leigh. | ||
+ | * 0.1: Mmmm drafty | ||
+ | * 0.0: Initial draft - need Leigh' | ||
===== Acknowledgements ===== | ===== Acknowledgements ===== | ||
- | Big thanks to Anthony Ferrara, Daniel Lowrey, Leigh, E. Smith and [[http:// | + | Big thanks to Anthony Ferrara, Daniel Lowrey, E. Smith and [[http:// |
rfc/easy_userland_csprng.1424470175.txt.gz · Last modified: 2017/09/22 13:28 (external edit)