My Journey To PHP Internals - Pacific Northwest PHP 2016

Transcript

1. S E P T E M B E R 1

   6 T H , 2 0 1 6 JOURNEY MY CENTER TO THE OF S A M M Y K A Y E P O W E R S @SammyK #PNWPHP joind.in/talk/6b9c9

2. SCARY! INTERNALS IS @SammyK #PNWPHP joind.in/talk/6b9c9 http://saint-max.deviantart.com

3. I don’t know C! Internals is scary! I don’t know

   what I’m doing!

4. BUBBLE MY 1998-2013 @SammyK #PNWPHP joind.in/talk/6b9c9

5. LARACON 2014 NEW YORK PHP|TEK CHICAGO @SammyK #PNWPHP joind.in/talk/6b9c9

6. PHP|TEK HACK-A-THON CONTRIBUTE TO PHP @SammyK #PNWPHP joind.in/talk/6b9c9

7. I don’t know what I’m doing! @SammyK #PNWPHP joind.in/talk/6b9c9

8. ELIZABETH SMITH DERICK RETHANS

9. @SammyK #PNWPHP joind.in/talk/6b9c9

10. ANTHONY FERRARA @SammyK #PNWPHP joind.in/talk/6b9c9

11. CONTRIBUTION MY FIRST

12. this is a table… @SammyK #PNWPHP joind.in/talk/6b9c9

13. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

14. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

15. TABS SPACES VS

16. OPEN SOURCE @SammyK #PNWPHP joind.in/talk/6b9c9

17. PHP SDK FACEBOOK

18. FOSCO MAROTTO @SammyK #PNWPHP joind.in/talk/6b9c9

19. HQ FACEBOOK @SammyK #PNWPHP joind.in/talk/6b9c9

20. None

21. CHANGED IT ALL THE PR THAT @SammyK #PNWPHP joind.in/talk/6b9c9

22. None
23. None

24. SCOTT ARCISZEWSKI @SammyK #PNWPHP joind.in/talk/6b9c9 (AR - SIZ - ZU

    - SKI)

25. @SammyK #PNWPHP joind.in/talk/6b9c9

26. @SammyK #PNWPHP joind.in/talk/6b9c9

27. SCOTT’S PR INFOSEC FALLOUT == @SammyK #PNWPHP joind.in/talk/6b9c9

28. I HAD A CHOICE @SammyK #PNWPHP joind.in/talk/6b9c9 OR

29. CSPRNG WUT? @SammyK #PNWPHP joind.in/talk/6b9c9

30. CSPRNG WUT? @SammyK #PNWPHP joind.in/talk/6b9c9

31. CSPRNG @SammyK #PNWPHP joind.in/talk/6b9c9 mt_rand($min, $max); rand($min, $max);

32. CSPRNG echo mt_rand(0, 42); 11

33. CSPRNG echo mt_rand(0, 42); 7

34. CSPRNG echo mt_rand(0, 42); 39

35. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

36. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

37. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

38. rand(); mt_rand(); AUTO SEEDING USING TIMESTAMP + A FEW OTHER

    VARIABLES @SammyK #PNWPHP joind.in/talk/6b9c9 CSPRNG

39. CSPRNG’S USE BETTER SEEDS @SammyK #PNWPHP joind.in/talk/6b9c9

40. CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random @SammyK #PNWPHP joind.in/talk/6b9c9

41. None

42. Why is CSPRNG so hard in PHP?

43. SUNSHINE PHP 2015 @SammyK #PNWPHP joind.in/talk/6b9c9

44. Why is CSPRNG so hard in PHP?

45. Because no one’s made it easy.

46. CSPRNG MAKE EASY

47. I have NO idea what I’m doing!

48. Start with user-land implementation

49. github.com/SammyK/php-src-csprng

50. THREE ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS random_int($min, $max) random_bytes($bytes)

    random_hex($bytes)

51. Vetted by infosec nerds. including…

52. SCOTT @SammyK #PNWPHP joind.in/talk/6b9c9

53. THREE ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max)

54. THREE ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max) two

55. ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS bin2hex(random_bytes($bytes)) === THREE two

    random_hex($bytes)

56. IMPLEMENTATION THE ACTUAL @SammyK #PNWPHP joind.in/talk/6b9c9

57. None

58. google!

59. COPY I DON’T ALWAYS PASTE & BUT WHEN I DO…

60. github.com/php/php-src/pull/191/files

61. /ext/standard/basic_functions.c

62. /ext/standard/base64.c

63. COPY PASTE @SammyK #PNWPHP joind.in/talk/6b9c9

64. COMPILE TEST @SammyK #PNWPHP joind.in/talk/6b9c9

65. random bytes int min max ?? ?? ? ??!! @SammyK

    #PNWPHP joind.in/talk/6b9c9

66. I have NO idea what I’m doing! random bytes int

    min max

67. ROOM 11 @SammyK #PNWPHP joind.in/talk/6b9c9

68. segfault @SammyK #PNWPHP joind.in/talk/6b9c9

69. LEIGH LAST NAME? @SammyK #PNWPHP joind.in/talk/6b9c9

70. @SammyK #PNWPHP joind.in/talk/6b9c9

71. THE @SammyK #PNWPHP joind.in/talk/6b9c9 P R O C E S

    S (REQUEST FOR COMMENTS)

72. @SammyK #PNWPHP joind.in/talk/6b9c9 [email protected]

73. @SammyK #PNWPHP joind.in/talk/6b9c9 GET YOU SOME WIKI KARMA

74. @SammyK #PNWPHP joind.in/talk/6b9c9 GET YOU SOME WIKI KARMA wiki.php.net

75. @SammyK #PNWPHP joind.in/talk/6b9c9 GET YOU SOME WIKI KARMA [email protected]

76. @SammyK #PNWPHP joind.in/talk/6b9c9 YOUR RFC CREATE wiki.php.net/rfc/howto

77. @SammyK #PNWPHP joind.in/talk/6b9c9 YOUR RFC ANNOUNCE [email protected]

78. @SammyK #PNWPHP joind.in/talk/6b9c9 FOR 2 WEEKS WAIT

79. @SammyK #PNWPHP joind.in/talk/6b9c9 UNDER DISCUSSION

80. @SammyK #PNWPHP joind.in/talk/6b9c9 ANNOUNCE THE VOTING PHASE [email protected]

81. @SammyK #PNWPHP joind.in/talk/6b9c9 USUALLY 2 WEEKS

82. @SammyK #PNWPHP joind.in/talk/6b9c9

83. @SammyK #PNWPHP joind.in/talk/6b9c9 sammyk.me/how-to-contribute-to-php-documentation

84. THE @SammyK #PNWPHP joind.in/talk/6b9c9 P R O C E S

    S wiki.php.net/rfc/howto

85. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST @SammyK #PNWPHP joind.in/talk/6b9c9

86. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ @SammyK #PNWPHP

    joind.in/talk/6b9c9

87. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ @SammyK

    #PNWPHP joind.in/talk/6b9c9

88. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    @SammyK #PNWPHP joind.in/talk/6b9c9

89. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    PHP internals is scawy!

90. Everyone is smarter than me - I’ll be a laughingstock!

    Everyone is mean - look at scalar type- hints drama!

91. Let’s do this sh… stuff!

92. None
93. None

94. LATER …TWO WEEKS

95. None
96. None

97. @SammyK #PNWPHP joind.in/talk/6b9c9

98. @SammyK #PNWPHP joind.in/talk/6b9c9

99. JOURNEY MY CENTER TO THE OF @SammyK #PNWPHP joind.in/talk/6b9c9 IT’S

    LIKE EATING

100. LEARNED WHAT I I don’t know what I’m doing! HOW

     FEATURES ARE ADDED TO PHP THE CULTURE OF PHP INTERNALS BETTER AT C & C++ DEEPER UNDERSTANDING OF CSPRNG’S BINARY AND HEXADECIMAL NUMBER SYSTEMS HOW TO CONTRIBUTE TO THE PHP DOCS AND TONS MORE!

101. I STILL have no idea what I’m doing!

102. SCARY! INTERNALS IS @SammyK #PNWPHP joind.in/talk/6b9c9 http://saint-max.deviantart.com

103. SCARY! INTERNALS IS @SammyK #PNWPHP joind.in/talk/6b9c9 http://saint-max.deviantart.com not ^

104. COMMUNITY LOVING @SammyK #PNWPHP joind.in/talk/6b9c9

105. @SammyK #PNWPHP joind.in/talk/6b9c9 I N T E R N A

     L S N E E D S YOU SOURCE BUGS WEBSITE TESTS

106. TABS INTERNALS USES @SammyK #PNWPHP joind.in/talk/6b9c9

107. THANKS! SAMMY KAYE POWERS @SammyK SammyK.me Host of @PHPRoundtable @ChiPHPUG

     West Coast Swing Hire me! :) /talk/6b9c9