hi,
Some short comments:
On Wed, Dec 21, 2011 at 4:31 PM, Tom Worster <f...@thefsb.org> wrote:
> PHP does not in general allow access to the underlying system¹s
> entropy source. I think it would be a good idea if it did.
It does on unix using the almost generally available random and
urandom. On Windows you can use the openssl_random_pseudo_bytes
function which does not rely on the OpenSSL API but the Windows native
Crypto APIs.
> 1. /dev/random and /dev/urandom are unavailable on Windows and
> cannot be fopen()¹ed in safe mode on *nix/nux
Well, bad admins forgot to allow access to these files. Maybe we
should add that to the documentations.
> 2. openssl_random_pseudo_bytes() requires openssl extension
> installed and enabled. Most of the popular AMP packages for
> Windows fail on this count. Many shared web hosts don¹t have it
> either.
See my previous comment about windows.
For shared hosts not providing openssl, I would suggest (strongly) to
look for better hosting solutions.
> 3. mcrypt_create_iv() depends on mcrypt extension and so suffers
> similar problems as openssl
How so? The entropy source on windows is the same than the one in
openssl and uses the windows crypto API.
> 4. Another method is to set runtime config param
> session.entropy_length followed by @session_start();
> session_regenerate_id(); after which session_id() will return a
> CS random string, but this is also foiled by safe mode.
Btw, entropy src on windows benefits from the same implementation than
mcrypt and openssl.
> 5. On Windows you could try COM('CAPICOM.Utilities.1')->GetRandom
> but that API is obsolescent and not in many default Windows
> installs.
That's what the random bytes function uses. Or to be more exact,
CAPICOM uses the same same underlying API.
> 6. Last chance is new DOTNET('mscorlib',
> 'System.Security.Cryptography.RNGCryptoServiceProvider') etc
> requires a working and compatible .NET framework.
Same comment as in pt. 5
> At this point the best bet is probably to hash some bytes from
> mt_rand() with microtime() and return that but trigger a warning
> about security. This is a very poor substitute.
They are by no way crypto safe. Openssl's random function on unix can
fail to be crypto safe as well. On windows, it is always crypto safe.
Cheers,
--
Pierre
@pierrejoye | http://blog.thepimp.net | http://www.libgd.org
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
