On 19 Oct 2018, at 16:46, Sammy Kaye Powers wrote:
I'd like to start a discussion on the "Improve
openssl_random_pseudo_bytes()" RFC:
https://wiki.php.net/rfc/improve-openssl-random-pseudo-bytes
TL;DR:
CSPRNG implementations should always fail closed so this change would
make `openssl_random_pseudo_bytes()` fail closed.
The second `$crypto_strong` parameter doesn't do anything despite the
docs stating otherwise. This unnecessarily confusing parameter would
be deprecated.
At first glance I believed you were proposing that
`openssl_random_pseudo_bytes()` should fail with an exception and that
this would be an improvement. I would agree with that. With a little
more concentration I see you're proposing something less ambitious that
I'm less enthusiastic about.
The function has been obsolete since 7.0 and A Bad Choiceâ„¢ in all
versions of PHP except when OS==Windows AND 5.4.0 <= PHP < 7.0.
The only reason to keep this function is BC but removing the second
param breaks BC for ALL conscientious and safe uses, i.e. seeking
unpredictable (i.e. crypto strong) randoms from 5.4.0 <= PHP < 7.0 on
Windows. There's no valid reason to ask for predictable randoms from
OpenSSL and, afaik, its not unpredictable (i.e. it's unsafe) on other
OSs.
I'd love to see an RFC along the lines of: "Improve PHP's OpenSSL API by
depreciating and eventually removing openssl_random_pseudo_bytes()". Idk
the right schedule for removing it but how could deprecating it in 7.4
do more harm than good?
Tom
