Fix #6103 #6104
Fix #6103 #6104
Conversation
| .. note:: | ||
|
|
||
| PHP versions 7.0.0 and up provide the ``random_bytes()`` function natively, | ||
| on lower versions of PHP a polyfill is provided. |
There was a problem hiding this comment.
Is polyfill word common enough to use it?
There was a problem hiding this comment.
I would argue in the world of programming it is, but I'll happily replace with an alternative if desired. fail-safe? fallback?
There was a problem hiding this comment.
Should I also mention that the polyfill is provided by the random_compat package, or leave it open?
|
What do you think if we didn't talk about the |
|
@xabbuh Whichever you think is better here. I've placed against the 2.8 branch since that is when Using it on older Symfony versions would require installing this as a dependency, which at that point isn't really documenting the Security component any more, but happy to amend this if that is what is desired. |
zsturgess
force-pushed
the
secure-random-usage
branch
from
e71b992
to
ce8b068
Compare
|
Yeah, let's wait what the others think (maybe just adding a tip in older versions is enough). |
zsturgess
force-pushed
the
secure-random-usage
branch
from
ce8b068
to
fe7b609
Compare
|
@xabbuh Another question: How would you feel about renaming this page? The title is Generating a Secure random Number, but the article is really about Generating a Secure random String Pardon my ignorance of the technology driving the docs here, but would I need to do anything more than change the title on this page? |
|
|
||
| .. note:: | ||
|
|
||
| If you're using the Symfony Framework, you can get a secure random number | ||
| generator via the ``security.secure_random`` service. | ||
|
|
||
| .. note:: | ||
|
|
||
| PHP versions 7.0.0 and up provide the ``random_bytes()`` function natively, |
There was a problem hiding this comment.
Would write:
PHP 7 and up .... natively, for older versions we provide a polyfill.
polyfill should be a link to more information IMO
There was a problem hiding this comment.
Changed the wording here, not exactly as per your suggestion, but to add more details. I've just linked to the github pages for now, when #6052 is complete, these links can be updated.
zsturgess
force-pushed
the
secure-random-usage
branch
2 times, most recently
from
e4258e2
to
e5336da
Compare
|
@xabbuh Giving this a bump as, other than my title question above, I think this is just waiting on the docs team to decide about your idea for pre-2.8 versions. |
|
I like the new doc a lot and I also like @xabbuh's proposal to "backport" these changes to older versions. Thanks @zsturgess. |
|
@javiereguiluz Would you like me to change the base of this pull req to the 2.3 branch, or are you planning something a little different for those versions in a separate pull req? |
|
@zsturgess Imo we can just make the changes here as general as possible, merge the changes into the |
|
OK, I will add a "versionadded" hint to instruct users to add paragonie/random_compat as a dependancy on older versions. Is there anything else you'd like? What do you think of my title proposal, above? |
zsturgess
force-pushed
the
secure-random-usage
branch
from
e5336da
to
99dae89
Compare
|
@zsturgess It makes sense to update the title with your suggestion. |
zsturgess
force-pushed
the
secure-random-usage
branch
2 times, most recently
from
034f740
to
4adda40
Compare
|
Given that Coming from Symfony 2.8, upgrading to 3.0, I would have loved to see @zsturgess's changes. Would have saved me a few minutes of looking through the Security component changelog and figuring out that Symfony had a PHP 7 polyfill. |
|
Thanks @conradkleinespel ! I think this PR is pretty much ready, @xabbuh mentioned changing the base when merging this PR, so I haven't altered it, but can change it to 2.3 if desired. |
| ================================== | ||
|
|
||
| The Symfony Security component comes with a collection of nice utilities | ||
| related to security. These utilities are used by Symfony, but you should | ||
| also use them if you want to solve the problem they address. | ||
|
|
||
| Generating a Secure random Number | ||
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
| Generating a Secure random |
There was a problem hiding this comment.
"a secure random" sounds incomplete to me. I suggest something like a Secure Random String.
There was a problem hiding this comment.
People might search for "random number symfony" on search engines though. So it does make sense to me to keep "number" in there. Or else "a secure random string or number".
But either way, it would be good to have this merged as people move from 2.8 to 3.0. And maybe make a new PR with this change once we know what we want. Having PR merged is better than leaving the doc in the outdated state, even if this text is not perfect for everyone, IMO.
There was a problem hiding this comment.
I've added documentation for random_int that should therefore address both of your concerns.
zsturgess
force-pushed
the
secure-random-usage
branch
3 times, most recently
from
e9ada96
to
fbb8251
Compare
|
👍 |
|
This should go in the 2.3 branch too, as we know include the polyfill in 2.3 too since the latest 2.3 release. |
| ``\0`` character. This can cause trouble in several common scenarios, such | ||
| as storing this value in a database or including it as part of the URL. The | ||
| solution is to hash the value returned by ``random_bytes()`` (to do that, you | ||
| can use a simple ``md5()`` PHP function). |
There was a problem hiding this comment.
md5 is actually a bad idea, as it would make the string less secure (due to md5 colisions). Using base64_encode (as done in Symfony for CSRF tokens) is a much better idea.
There was a problem hiding this comment.
It's OK to use base64_encode, but I don't think "md5 collisions" is a good argument against MD5. According to this, the probability of a collision is around 2.7×10^-20.
There was a problem hiding this comment.
I would personally use base64_encode if I were to do this, so I'm tempted to update this anyway. I didn't touch this originally to keep the diff small, but I think we're a little beyond that now :)
zsturgess
force-pushed
the
secure-random-usage
branch
from
fbb8251
to
05fb331
Compare
|
@zsturgess We can easily switch the branch when merging. |
zsturgess
force-pushed
the
secure-random-usage
branch
from
05fb331
to
3808582
Compare
This PR was submitted for the 2.8 branch but it was merged into the 2.3 branch instead (closes #6104). Discussion ---------- Fix #6103 | Q | A | ------------- | --- | Doc fix? | yes | New docs? | no | Applies to | >= 2.8 | Fixed tickets | #6103 Re-written this page from talking about the deprecated SecureRandom class to talking about the random_bytes replacement. Commits ------- 984c49e Fix #6103
|
Thank you for this PR & help @zsturgess! It's a lot better now. I've merged your PR into the 2.3 branch with 932530f and did some minor formatting fixes in d6958d6. Thanks again! |
This PR was merged into the 2.3 branch. Discussion ---------- Use hash_equals instead of StringUtils::equals | Q | A | --- | --- | doc fix? | yes | new docs? | yes | applies to | 2.3+ | Fixed tickets | - We've merged #6104 in the 2.3 branch, so I think we should use the `hash_equals` function the 2.3 docs as well. Now, this article isn't related to the Security component at all and it might be a good start for the Polyfill component. Commits ------- 9f7f1dd Use hash_equals instead of StringUtils::equals
Re-written this page from talking about the deprecated SecureRandom class to talking about the random_bytes replacement.