Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Openssl is not as good as you think #54

Open
rugk opened this issue Oct 8, 2016 · 1 comment
Open

Openssl is not as good as you think #54

rugk opened this issue Oct 8, 2016 · 1 comment

Comments

@rugk
Copy link

rugk commented Oct 8, 2016
edited
Loading

Also the non-pseudo mode is not as secure as you might think (so IMHO a "high" level is too much):

[... The] OpenSSL docs deprecate RAND_pseudo_bytes, but I wondered what is the actual difference between pseudo and non-pseudo.

  • RAND_pseudo_bytes gets the default rand method which is going to be RAND_SSLeay unless you have an exotic setup
  • Pseudo or not the same function is called with a final parameter to indicate "pseudo"
  • pseudo is only referenced once within this function, to suppress an error message. The function returns 1 or 0.
  • PHP only checks for a negative return value. This can only happen if there is no pseudo-random implementation, or the pseudo-random method is exotic
  • Other bundled engines also behave this way - Basically, the only way to get a negative return and for PHP to cry about weak crypto is if the pseudorandom function isn't implemented, and you get NO bytes at all from OpenSSL.

paragonie/random_compat#6 (comment)
/cc @lt
@paragonie-scott
Copy link

In https://github.com/paragonie/RandomLib this is downgraded from High to Medium for this and related reasons.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paragonie-scott @rugk