php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #71365 random_bytes(): missing Error causes; may return PRNG
Submitted: 2016-01-14 05:37 UTC Modified: 2023-01-25 19:55 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:0 of 1 (0.0%)
From: salsi at icosaedro dot it Assigned: timwolla (profile)
Status: Closed Package: Unknown/Other Function
PHP Version: 7.0.2 OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: salsi at icosaedro dot it
New email:
PHP Version: OS:

 

 [2016-01-14 05:37 UTC] salsi at icosaedro dot it
Description:
------------
---
From manual page: http://www.php.net/function.random-bytes
---

Examining the C source code, appears that the Error exception might be thrown also on failed reading from the source of randomness, or no enough entropy is available (whenever an estimation of the available entropy is available).

It might worth to mention also that if not enough entropy data is available, some implementations (notably when reading from /dev/urandom as a last resort) may return values from a PRNG rather than from a CSPRNG, so partially defeating the purpose of this function for CS applications.

The same holds for the companion random_int() function, which relies on the same base function as random_bytes().

Programmers should be advised that abusing of the entropy source may then compromise security, and those entropy sources should be used sparingly.


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-01-17 16:01 UTC] public+php dot net at bastelstu dot be
http://www.2uo.de/myths-about-urandom/
 [2017-01-28 13:14 UTC] cmb@php.net
-Package: Documentation problem +Package: Unknown/Other Function
 [2023-01-25 19:54 UTC] timwolla@php.net
Current versions of PHP preferably use the getrandom(2) syscall if available and thus are not affected by low entropy situations shortly after boot, because the syscall blocks until sufficient entropy has been obtained. Even with older versions or operating systems that use /dev/urandom, it is generally not possible to “exhaust” the CSPRNG, as also explained by the “Myths about urandom” link.

Likewise the CSPRNG is effectively infallible on modern PHP versions and operating systems. I believe the information that the functions relying on the CSPRNG might throw if no source can be found is sufficient, the distinction between a missing source and a failing source does not provide a real value-add for the reader, because it is not actionable.

Please open an issue in the php/doc-en repository if you feel further clarification in the documentation is required: https://github.com/php/doc-en/issues
 [2023-01-25 19:55 UTC] timwolla@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: timwolla
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Dec 22 06:01:30 2024 UTC