rfc:rng_fixes

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
rfc:rng_fixes [2016/06/30 10:44] leighrfc:rng_fixes [2017/09/22 13:28] (current) – external edit 127.0.0.1
Line 3: Line 3:
   * Date: 2016-05-03   * Date: 2016-05-03
   * Author: Leigh T <leigh@php.net>   * Author: Leigh T <leigh@php.net>
-  * Status: Under Discussion+  * Status: Implemented (PHP 7.1)
   * First Published at: https://wiki.php.net/rfc/rng_fixes   * First Published at: https://wiki.php.net/rfc/rng_fixes
  
Line 34: Line 34:
 As <php>mt_rand()</php> can be seeded for repeatable sequences the current implementation makes it incompatible with other systems that do use correct implementations. However fixing it also means that the sequence generated for a given seed in PHP will also now be different. As <php>mt_rand()</php> can be seeded for repeatable sequences the current implementation makes it incompatible with other systems that do use correct implementations. However fixing it also means that the sequence generated for a given seed in PHP will also now be different.
  
-The legacy implementation will be preserved and be selectable with a new `mt_rand_mode(int $mode)` function, along with new constants representing the two modes.+The legacy implementation will be preserved and be selectable with a new `mt_srand(int $seed [, int $mode])` parameter, along with new constants representing the two modes. The default will be the fixed algorithm. 
 + 
 +<doodle title="Fix mt_rand() implementation" auth="leigh" voteType="single" closed="true"> 
 +   * Yes 
 +   * No 
 +</doodle>
  
 == Alias rand() to mt_rand() == == Alias rand() to mt_rand() ==
Line 41: Line 46:
 Aliasing it to <php>mt_rand()</php> improves the quality of the output and means the same output can be expected for a given seed regardless of platform. Aliasing it to <php>mt_rand()</php> improves the quality of the output and means the same output can be expected for a given seed regardless of platform.
  
-== Replace RAND_RANGE() ==+<doodle title="Alias rand() to mt_rand()" auth="leigh" voteType="single" closed="true"> 
 +   * Yes 
 +   * No 
 +</doodle> 
 + 
 +== Fix RAND_RANGE() ==
 The macro used to scale the output of an RNG between two bounds is insufficient for large ranges. ([[https://bugs.php.net/bug.php?id=45184|See bug #45184]]) The macro used to scale the output of an RNG between two bounds is insufficient for large ranges. ([[https://bugs.php.net/bug.php?id=45184|See bug #45184]])
  
 The proposed fix is to concatenate multiple outputs for ranges exceeding 32 bits, and use rejection sampling (the same as used in <php>random_bytes()</php>) to produce unbiased outputs. The proposed fix is to concatenate multiple outputs for ranges exceeding 32 bits, and use rejection sampling (the same as used in <php>random_bytes()</php>) to produce unbiased outputs.
 +
 +<doodle title="Fix RAND_RANGE()" auth="leigh" voteType="single" closed="true">
 +   * Yes
 +   * No
 +</doodle>
  
 == Replace insecure uses of php_rand() with php_random_bytes() == == Replace insecure uses of php_rand() with php_random_bytes() ==
Line 51: Line 66:
   * <php>crypt()</php> salt generation   * <php>crypt()</php> salt generation
   * SOAP HTTP auth nonce generation   * SOAP HTTP auth nonce generation
-  * <php>mcrypt_create_iv()</php> fallback with invalid source. (Subject to mcrypt deprecation RFC being implemented) 
  
 These instances should all be fixed to use the secure random number generator (even mcrypt which is deprecated) These instances should all be fixed to use the secure random number generator (even mcrypt which is deprecated)
 +
 +<doodle title="Replace insecure uses of php_rand() with php_random_bytes()" auth="leigh" voteType="single" closed="true">
 +   * Yes
 +   * No
 +</doodle>
  
 == Make array_rand() more efficient == == Make array_rand() more efficient ==
 It has been noted that ([[http://php.net/manual/en/function.array-rand.php#117114|array_rand() produces weird and very uneven random distribution]]). As the above proposals change the output of <php>array_rand()</php> anyway, we can fix this at the same time. It has been noted that ([[http://php.net/manual/en/function.array-rand.php#117114|array_rand() produces weird and very uneven random distribution]]). As the above proposals change the output of <php>array_rand()</php> anyway, we can fix this at the same time.
 +
 +<doodle title="Make array_rand() more efficient" auth="leigh" voteType="single" closed="true">
 +   * Yes
 +   * No
 +</doodle>
  
 ===== Backward Incompatible Changes ===== ===== Backward Incompatible Changes =====
Line 67: Line 91:
   * <php>str_shuffle()</php>   * <php>str_shuffle()</php>
   * <php>crypt()</php>   * <php>crypt()</php>
-  * <php>mcrypt_create_iv()</php> 
  
 ===== Proposed PHP Version(s) ===== ===== Proposed PHP Version(s) =====
Line 93: Line 116:
  
 ===== Patches and Tests ===== ===== Patches and Tests =====
-WIP - I will release a patch after a week or so of discussion has taken place when there is a better idea of which proposals are wanted.+https://github.com/php/php-src/pull/1986
  
 ===== Implementation ===== ===== Implementation =====
 +
 +https://github.com/php/php-src/commit/ab834f4
  
 ===== References ===== ===== References =====
rfc/rng_fixes.1467283478.txt.gz · Last modified: 2017/09/22 13:28 (external edit)