Tom, On Tue, Oct 13, 2015 at 10:17 AM, Tom Worster <f...@thefsb.org> wrote: > On 10/12/15 10:53 PM, Larry Garfield wrote: >> >> On 10/12/2015 07:29 PM, Tom Worster wrote: >>> >>> Could we regard random_bytes() as a security patch rather than a new >>> feature and therefore port it to PHP 5? >>> >>> Error handling would have to change but that should be feasible. Iirc, >>> earlier commits of random_bytes() had PHP 5-like behavior on error. >>> >>> My motivation: it's easier to defend abandoning OpenSSL's RNG (e.g. in >>> paragonie/random_compat) if we could say to Windows users stuck with >>> nothing else: "Upgrade to the latest point release of PHP 5.x. It has a >>> proper fix." >>> >>> Tom >> >> >> Since there's no 5.7 release planned, you're talking about adding it in >> a 5.6.x? > > > Yes, maybe even 5.5? > > >> What's wrong with the random_compat library as a solution for >> 5.6 users? > > Good question. Vexing answer. I try to be brief. > > There are real situations that push random_compat into a corner with only > unpleasant options, namely recommending the user install the unsavory mcrypt > ext, which provides mcrypt_create_iv(), or resort to OpenSSL's RNG, which is > just scary. > > There are recent discussion of this in a few places, I think you can find > them all starting here https://github.com/paragonie/random_compat/issues/5 > > So I thought another option would be to say "patch your PHP". One > possibility to do that is what I proposed above. > > [I hesitate to mention it but, another is to make mcrypt_create_iv() > independent of libmcrypt and present in standard builds of PHP. Maybe the > latter is better because existing scripts that test > function_exists('mcrypt_create_iv') become more secure.] >
Overall, I don't think this should be ported back to 5.x First off, it's pretty late in both 5.5 and 5.6 lifetimes (5.6 is already up to .14). Introducing a feature this late would basically make it useless to the vast majority of users of those versions (since many don't upgrade, or use distro-pinned versions). I don't like it, but that's the truth. random_compat serves this need quite nicely, but as always there are non-trivial tradeoffs at play. As far as making mcrypt_create_iv more standard, why? That's what random_bytes() was meant to do (and does). Just encourage people to move forward with it and upgrade to 7... Anthony -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
