How to create a secure nonce for WSSE

Question

I need to connect to a REST API using a WSSE header for authentication. Since WSSE still uses the weak SHA1 I believe a good nonce is important.

I found very different implementations: * http://www.orocrm.com/documentation/index/current/cookbook/how-to-use-wsse-authentication * https://gist.github.com/borisguery/3792855 * https://dev.emarsys.com/suite/get_started/authentication_php.html * https://stackoverflow.com/questions/18117695/how-to-calculate-wsse-nonce

$nonce = 'd36e316282959a9ed4c89851497a717f';
$nonce = uniqid();
$nonce = base64_encode( hash_hmac('sha512', uniqid(null, true), uniqid(), true) );
$nonce = base64_encode( substr( md5( uniqid( gethostname() . '_', true)), 0, 16));

What do you think would be a good choice?

Answer 1

I read Insufficient Entropy For Random Values and now I think non of the given examples provide enough entropy. gethostname() is not secret and uniqid() and even mt_rand() is a Pseudo-Random Number Generator.

I will use

$nonce = base64_encode(bin2hex(openssl_random_pseudo_bytes(16)));

Answer 2

Yes but don't forget to use a fallback function like that:

<?php


    /**
     * Generate a random key using openssl
     * fallback to mcrypt_create_iv.
     *
     * @access  private
     * @param   int
     * @return  string
     */
    private static function _get_random_key($_length = 32) {

        if (function_exists('openssl_random_pseudo_bytes')) {
            $_rnd = openssl_random_pseudo_bytes($_length, $_strong);

            if ($_strong === true) {
                return $_rnd;
            }
        }

        return mcrypt_create_iv($_length, MCRYPT_DEV_URANDOM);

    }

Answer 3

The third line could be a good choice but you must add a substr() to the hash_hmac() return value considering that the nonce value is 16 byte long.

php -r "echo base64_encode(substr(hash_hmac('sha512', uniqid(null, true), uniqid(), true), 0, 16));"