On Fri, Feb 14, 2014 at 4:19 PM, Jakub Zelenka <[email protected]> wrote:
> On Fri, Feb 14, 2014 at 1:53 PM, Pierre Joye <[email protected]> wrote:
>>
>> On Feb 14, 2014 8:02 PM, "Andrey Andreev" <[email protected]> wrote:
>>
>> > So how does openssl_random_pseudo_bytes() work without blocking then?
>>
>> Because it tells you if the result is crypto safe or not:
>>
>> string *openssl_random_pseudo_bytes* (int $length [, bool &$crypto_strong]
>> )
>>
>>
>> If you want only crypto safe result another function has to be used (on
>> opennssl).
And my test.php that was pasted shows that it dumps TRUE for
$crypto_strong, while mcrypt_create_iv() blocks.
> That's not the way how it works in md_rand. The ssleay_rand_pseudo_bytes
> (Rand_psedobytes called in openssl_random_pseudo_bytes) is just a wrapper
> for ssleay_rand_bytes with pseudo flag set to 1. ssleay_rand_bytes first
> calls Rand_poll that adds the entropy. The thing is that the entropy is
> taken from /dev/urandom on Unix. It means you will always have enough
> entropy on Linux and the functions returns 1 ($crypto_strong is set to
> true). You won't get false on Linux though. The reason of the flag in
> OpenSSL is if you run it in on some platform that can't provide enough
> entropy which is not the case on Linux. Please see the sources for more
> details.
Sorry, I'm not really sure what this means, but 2 few bits that I spot are:
- on UNIX(-like), it uses /dev/urandom
- $crypto_strong will always be true on Linux (UNIX-whatever)
And Pierre Joye says that /dev/urandom is not crypto-safe, so this
kind of gets us in a conflict ... which one is it?
The way I understand it, only /dev/whatever (meaning that it should be
hardware input) could be considered crypto-safe and so if OpenSSL
always returns without blocking, yet sets $crypto_strong to TRUE, then
the same should be possible for PHP itself to do.
That is, unless $crypto_strong is set to TRUE without the output
actually being crypto-safe, in which case we have a bug.
P.S.: Sorry folks, I didn't want to turn this into a "how OpenSSL works" thread.
Cheers,
Andrey.