Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

openssl_random_pseudo_bytes() is slow (PHP)

Tags:

php

openssl

I'm using opennssl_random_pseudo_bytes() in PHP and it is performing ultra slowly. My application often timeouts (throws that execution time limit error). Is there a particular reason for OpenSSL random to be this slow? I'm using Windows 7 x86 currently on my developer machine.

like image 341
Tower Avatar asked Dec 21 '09 13:12

Tower


3 Answers

On Windows, openssl_random_pseudo_bytes() calls OpenSSL's RAND_screen() to generate entropy. It's pretty slow, and PHP is hardly the first unix->windows port that has run up against this. It looks like the common advice is to use RAND_seed() instead.

It's also interesting to note that the OpenSSL documentation states:

The RAND_screen() function is available for the convenience of Windows programmers. It adds the current contents of the screen to the PRNG. For applications that can catch Windows events, seeding the PRNG by calling RAND_event() is a significantly better source of randomness. **It should be noted that both methods cannot be used on servers that run without user interaction**.

So this may actually be a certified bug - I've already raised the issue with the core devs. Until a better method for generating entropy for OpenSSL on Win32 becomes available, it appears that the short answer is "Yes, it's slow on Windows. Sorry about that."

Some additional links that discuss the problem:

Open Bug at rt.openssl.org
curl developers discuss alternative methods of collecting entropy on Win32
Google Groups archive of OpenSSL Users List discussing the slowness of RAND_poll() on Win32
Another discussion on the slowness of RAND_screen() on mail-archive.com's archive of OpenSSL Users

like image 113
TML Avatar answered Nov 02 '22 07:11

TML


This was apparently a bug in PHP < 5.3.4.

Fixed possible blocking behavior in openssl_random_pseudo_bytes on Windows. (Pierre)

http://php.net/ChangeLog-5.php#5.3.4

like image 32
Tower Avatar answered Nov 02 '22 07:11

Tower


It depends on how you run PHP. On my win7-64bit PHP5.3.27

  1. Apache + PHP-CGI = It takes 600ms
  2. Apache + PHP5 Module = It is instant
like image 2
Semra Avatar answered Nov 02 '22 08:11

Semra