On Fri, Feb 14, 2014 at 2:54 PM, Andrey Andreev <[email protected]> wrote:
> On Fri, Feb 14, 2014 at 4:19 PM, Jakub Zelenka <[email protected]> wrote:
> > On Fri, Feb 14, 2014 at 1:53 PM, Pierre Joye <[email protected]>
> wrote:
> >>
> >> On Feb 14, 2014 8:02 PM, "Andrey Andreev" <[email protected]> wrote:
> >>
> >> > So how does openssl_random_pseudo_bytes() work without blocking then?
> >>
> >> Because it tells you if the result is crypto safe or not:
> >>
> >> string *openssl_random_pseudo_bytes* (int $length [, bool
> &$crypto_strong]
> >> )
> >>
> >>
> >> If you want only crypto safe result another function has to be used (on
> >> opennssl).
>
> And my test.php that was pasted shows that it dumps TRUE for
> $crypto_strong, while mcrypt_create_iv() blocks.
>
> > That's not the way how it works in md_rand. The ssleay_rand_pseudo_bytes
> > (Rand_psedobytes called in openssl_random_pseudo_bytes) is just a wrapper
> > for ssleay_rand_bytes with pseudo flag set to 1. ssleay_rand_bytes first
> > calls Rand_poll that adds the entropy. The thing is that the entropy is
> > taken from /dev/urandom on Unix. It means you will always have enough
> > entropy on Linux and the functions returns 1 ($crypto_strong is set to
> > true). You won't get false on Linux though. The reason of the flag in
> > OpenSSL is if you run it in on some platform that can't provide enough
> > entropy which is not the case on Linux. Please see the sources for more
> > details.
>
> Sorry, I'm not really sure what this means, but 2 few bits that I spot are:
>
> - on UNIX(-like), it uses /dev/urandom
>
It uses /dev/urandom for seeding PRNG. It means that it reads only 32 bytes
(256 bits) from it. If you call openssl_random_pseudo_bytes you will get
bytes generated by PRNG
> - $crypto_strong will always be true on Linux (UNIX-whatever)
>
Yes. The reason is that /dev/urandom is non-blocking and you will always
get enough entropy from it. You don't have to check the flag on Linux
because it will be always true!
The point is that OpenSSL considers /dev/urandom strong enough for seeding
CSPRNG.
Jakub