My Journey To PHP Internals - Pacific Northwest PHP 2016

My Journey To PHP Internals - Pacific Northwest PHP 2016

8c090cc1ccd623a146ddd9159b1bf7e2?s=128

Sammy Kaye Powers

September 16, 2016
Tweet

Transcript

  1. S E P T E M B E R 1

    6 T H , 2 0 1 6 JOURNEY MY CENTER TO THE OF S A M M Y K A Y E P O W E R S @SammyK #PNWPHP joind.in/talk/6b9c9
  2. SCARY! INTERNALS IS @SammyK #PNWPHP joind.in/talk/6b9c9 http://saint-max.deviantart.com

  3. I don’t know C! Internals is scary! I don’t know

    what I’m doing!
  4. BUBBLE MY 1998-2013 @SammyK #PNWPHP joind.in/talk/6b9c9

  5. LARACON 2014 NEW YORK PHP|TEK CHICAGO @SammyK #PNWPHP joind.in/talk/6b9c9

  6. PHP|TEK HACK-A-THON CONTRIBUTE TO PHP @SammyK #PNWPHP joind.in/talk/6b9c9

  7. I don’t know what I’m doing! @SammyK #PNWPHP joind.in/talk/6b9c9

  8. ELIZABETH SMITH DERICK RETHANS

  9. @SammyK #PNWPHP joind.in/talk/6b9c9

  10. ANTHONY FERRARA @SammyK #PNWPHP joind.in/talk/6b9c9

  11. CONTRIBUTION MY FIRST

  12. this is a table… @SammyK #PNWPHP joind.in/talk/6b9c9

  13. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird
  14. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird
  15. TABS SPACES VS

  16. OPEN SOURCE @SammyK #PNWPHP joind.in/talk/6b9c9

  17. PHP SDK FACEBOOK

  18. FOSCO MAROTTO @SammyK #PNWPHP joind.in/talk/6b9c9

  19. HQ FACEBOOK @SammyK #PNWPHP joind.in/talk/6b9c9

  20. None
  21. CHANGED IT ALL THE PR THAT @SammyK #PNWPHP joind.in/talk/6b9c9

  22. None
  23. None
  24. SCOTT ARCISZEWSKI @SammyK #PNWPHP joind.in/talk/6b9c9 (AR - SIZ - ZU

    - SKI)
  25. @SammyK #PNWPHP joind.in/talk/6b9c9

  26. @SammyK #PNWPHP joind.in/talk/6b9c9

  27. SCOTT’S PR INFOSEC FALLOUT == @SammyK #PNWPHP joind.in/talk/6b9c9

  28. I HAD A CHOICE @SammyK #PNWPHP joind.in/talk/6b9c9 OR

  29. CSPRNG WUT? @SammyK #PNWPHP joind.in/talk/6b9c9

  30. CSPRNG WUT? @SammyK #PNWPHP joind.in/talk/6b9c9

  31. CSPRNG @SammyK #PNWPHP joind.in/talk/6b9c9 mt_rand($min, $max); rand($min, $max);

  32. CSPRNG echo mt_rand(0, 42); 11

  33. CSPRNG echo mt_rand(0, 42); 7

  34. CSPRNG echo mt_rand(0, 42); 39

  35. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  36. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  37. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  38. rand(); mt_rand(); AUTO SEEDING USING TIMESTAMP + A FEW OTHER

    VARIABLES @SammyK #PNWPHP joind.in/talk/6b9c9 CSPRNG
  39. CSPRNG’S USE BETTER SEEDS @SammyK #PNWPHP joind.in/talk/6b9c9

  40. CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random @SammyK #PNWPHP joind.in/talk/6b9c9

  41. None
  42. Why is CSPRNG so hard in PHP?

  43. SUNSHINE PHP 2015 @SammyK #PNWPHP joind.in/talk/6b9c9

  44. Why is CSPRNG so hard in PHP?

  45. Because no one’s made it easy.

  46. CSPRNG MAKE EASY

  47. I have NO idea what I’m doing!

  48. Start with user-land implementation

  49. github.com/SammyK/php-src-csprng

  50. THREE ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS random_int($min, $max) random_bytes($bytes)

    random_hex($bytes)
  51. Vetted by infosec nerds. including…

  52. SCOTT @SammyK #PNWPHP joind.in/talk/6b9c9

  53. THREE ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max)
  54. THREE ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max) two
  55. ADD @SammyK #PNWPHP joind.in/talk/6b9c9 NEW FUNCTIONS bin2hex(random_bytes($bytes)) === THREE two

    random_hex($bytes)
  56. IMPLEMENTATION THE ACTUAL @SammyK #PNWPHP joind.in/talk/6b9c9

  57. None
  58. google!

  59. COPY I DON’T ALWAYS PASTE & BUT WHEN I DO…

  60. github.com/php/php-src/pull/191/files

  61. /ext/standard/basic_functions.c

  62. /ext/standard/base64.c

  63. COPY PASTE @SammyK #PNWPHP joind.in/talk/6b9c9

  64. COMPILE TEST @SammyK #PNWPHP joind.in/talk/6b9c9

  65. random bytes int min max ?? ?? ? ??!! @SammyK

    #PNWPHP joind.in/talk/6b9c9
  66. I have NO idea what I’m doing! random bytes int

    min max
  67. ROOM 11 @SammyK #PNWPHP joind.in/talk/6b9c9

  68. segfault @SammyK #PNWPHP joind.in/talk/6b9c9

  69. LEIGH LAST NAME? @SammyK #PNWPHP joind.in/talk/6b9c9

  70. @SammyK #PNWPHP joind.in/talk/6b9c9

  71. THE @SammyK #PNWPHP joind.in/talk/6b9c9 P R O C E S

    S (REQUEST FOR COMMENTS)
  72. @SammyK #PNWPHP joind.in/talk/6b9c9 INTERNALS@LISTS.PHP.NET

  73. @SammyK #PNWPHP joind.in/talk/6b9c9 GET YOU SOME WIKI KARMA

  74. @SammyK #PNWPHP joind.in/talk/6b9c9 GET YOU SOME WIKI KARMA wiki.php.net

  75. @SammyK #PNWPHP joind.in/talk/6b9c9 GET YOU SOME WIKI KARMA INTERNALS@LISTS.PHP.NET

  76. @SammyK #PNWPHP joind.in/talk/6b9c9 YOUR RFC CREATE wiki.php.net/rfc/howto

  77. @SammyK #PNWPHP joind.in/talk/6b9c9 YOUR RFC ANNOUNCE INTERNALS@LISTS.PHP.NET

  78. @SammyK #PNWPHP joind.in/talk/6b9c9 FOR 2 WEEKS WAIT

  79. @SammyK #PNWPHP joind.in/talk/6b9c9 UNDER DISCUSSION

  80. @SammyK #PNWPHP joind.in/talk/6b9c9 ANNOUNCE THE VOTING PHASE INTERNALS@LISTS.PHP.NET

  81. @SammyK #PNWPHP joind.in/talk/6b9c9 USUALLY 2 WEEKS

  82. @SammyK #PNWPHP joind.in/talk/6b9c9

  83. @SammyK #PNWPHP joind.in/talk/6b9c9 sammyk.me/how-to-contribute-to-php-documentation

  84. THE @SammyK #PNWPHP joind.in/talk/6b9c9 P R O C E S

    S wiki.php.net/rfc/howto
  85. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST @SammyK #PNWPHP joind.in/talk/6b9c9

  86. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ @SammyK #PNWPHP

    joind.in/talk/6b9c9
  87. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ @SammyK

    #PNWPHP joind.in/talk/6b9c9
  88. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    @SammyK #PNWPHP joind.in/talk/6b9c9
  89. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    PHP internals is scawy!
  90. Everyone is smarter than me - I’ll be a laughingstock!

    Everyone is mean - look at scalar type- hints drama!
  91. Let’s do this sh… stuff!

  92. None
  93. None
  94. LATER …TWO WEEKS

  95. None
  96. None
  97. @SammyK #PNWPHP joind.in/talk/6b9c9

  98. @SammyK #PNWPHP joind.in/talk/6b9c9

  99. JOURNEY MY CENTER TO THE OF @SammyK #PNWPHP joind.in/talk/6b9c9 IT’S

    LIKE EATING
  100. LEARNED WHAT I I don’t know what I’m doing! HOW

    FEATURES ARE ADDED TO PHP THE CULTURE OF PHP INTERNALS BETTER AT C & C++ DEEPER UNDERSTANDING OF CSPRNG’S BINARY AND HEXADECIMAL NUMBER SYSTEMS HOW TO CONTRIBUTE TO THE PHP DOCS AND TONS MORE!
  101. I STILL have no idea what I’m doing!

  102. SCARY! INTERNALS IS @SammyK #PNWPHP joind.in/talk/6b9c9 http://saint-max.deviantart.com

  103. SCARY! INTERNALS IS @SammyK #PNWPHP joind.in/talk/6b9c9 http://saint-max.deviantart.com not ^

  104. COMMUNITY LOVING @SammyK #PNWPHP joind.in/talk/6b9c9

  105. @SammyK #PNWPHP joind.in/talk/6b9c9 I N T E R N A

    L S N E E D S YOU SOURCE BUGS WEBSITE TESTS
  106. TABS INTERNALS USES @SammyK #PNWPHP joind.in/talk/6b9c9

  107. THANKS! SAMMY KAYE POWERS @SammyK SammyK.me Host of @PHPRoundtable @ChiPHPUG

    West Coast Swing Hire me! :) /talk/6b9c9