Re: Make mcrypt_create_iv() an alias and move the code into /ext/standard
Hi Thomas,
On Fri, Feb 7, 2014 at 4:05 PM, Thomas Hruska <[email protected]>wrote:
> mcrypt_create_iv() is the cleanest access to a universal system-level
> primitive that supports both /dev/urandom and php_win32_get_random_bytes()
> under the hood. Unfortunately, it resides in /ext/mcrypt and the mcrypt
> extension isn't always enabled/available (nor should it be). At any rate,
> it is quite odd that the function php_win32_get_random_bytes() is compiled
> into the core of PHP by default under Windows but there's currently no way
> to get at it except through an extension. There's good code in
> mcrypt_create_iv() that is significantly useful outside of the rest of that
> extension and it isn't actually dependent upon libmcrypt for proper
> operation.
>
> Moving the guts of this non-dependent function into the core would allow
> mcrypt_create_iv() to just become an alias. The new userland function
> could be located in /ext/standard/rand.c and have an uncreative name like
> rand_bytes().
>
rand_bytes() (or random_bytes()) is common names for the task. We may adopt
it.
Anyway, I've wrote portable one for the task.
https://github.com/yohgaki/php-src/compare/PHP-5.6-rfc-random_bytes
Function name could be rand_bytes() or anything. Name is important, but
implementation is
more important here. It's still work in progress, as it does not use
OpenSSL.
I would like to use OpenSSL's RAND_bytes() for this. This mean when OpenSSL
is available,
PHP is linked with OpenSSL. With OpenSSL's RAND_bytes() and
RAND_peduso_bytes(), we
may be able to use better RNG/PRNG for the platform.
Any comments?
Regards,
--
Yasuo Ohgaki
[email protected]
Thread (8 messages)