Subversion Repositories oidplus

Compare Revisions

Regard whitespace Rev 1097 → Rev 1098

/trunk/vendor/danielmarschall/php_utils/misc_functions.inc.php
157,7 → 157,7
}
}
 
function random_bytes_ex($len) {
function random_bytes_ex($len, $raw=true, $force_cryptographically_secure=true) {
if ($len === 0) return '';
assert($len > 0);
 
165,7 → 165,7
try {
$a = random_bytes($len);
} catch (Exception $e) { $a = null; }
if ($a) return $a;
if ($a) return $raw ? $a : bin2hex($a);
}
 
if (function_exists('openssl_random_pseudo_bytes')) {
172,31 → 172,40
try {
$a = openssl_random_pseudo_bytes($len);
} catch (Exception $e) { $a = null; }
if ($a) return $a;
if ($a) return $raw ? $a : bin2hex($a);
}
 
if (function_exists('mcrypt_create_iv')) {
if (defined('MCRYPT_DEV_URANDOM')) {
if (function_exists('mcrypt_create_iv') && defined('MCRYPT_DEV_RANDOM')) {
try {
$a = bin2hex(mcrypt_create_iv($len, MCRYPT_DEV_URANDOM));
$a = bin2hex(mcrypt_create_iv($len, MCRYPT_DEV_RANDOM));
} catch (Exception $e) { $a = null; }
if ($a) return $a;
if ($a) return $raw ? $a : bin2hex($a);
}
 
if (defined('MCRYPT_DEV_RANDOM')) {
if ($force_cryptographically_secure) {
$msg = 'Cannot find a fitting Cryptographically Secure Random Number Generator (CSRNG).';
if (version_compare(PHP_VERSION, '8.2.0') >= 0) {
throw new \Random\RandomException($msg);
} else {
throw new \Exception($msg);
}
}
 
if (function_exists('mcrypt_create_iv') && defined('MCRYPT_DEV_URANDOM')) {
// /dev/urandom uses the same entropy pool than /dev/random, but if there is not enough data
// then the security is lowered.
try {
$a = bin2hex(mcrypt_create_iv($len, MCRYPT_DEV_RANDOM));
$a = bin2hex(mcrypt_create_iv($len, MCRYPT_DEV_URANDOM));
} catch (Exception $e) { $a = null; }
if ($a) return $a;
if ($a) return $raw ? $a : bin2hex($a);
}
 
if (defined('MCRYPT_RAND')) {
if (function_exists('mcrypt_create_iv') && defined('MCRYPT_RAND')) {
try {
$a = bin2hex(mcrypt_create_iv($len, MCRYPT_RAND));
} catch (Exception $e) { $a = null; }
if ($a) return $a;
if ($a) return $raw ? $a : bin2hex($a);
}
}
 
// Fallback to non-secure RNG
$a = '';
204,5 → 213,5
$a .= sha1(uniqid((string)mt_rand(), true));
}
$a = substr($a, 0, $len*2);
return hex2bin($a);
return $raw ? hex2bin($a) : $a;
}
/trunk/vendor/danielmarschall/php_utils/vts_crypt.inc.php
249,7 → 249,7
$algo = isset($options['algo']) ? $options['algo'] : 'sha3-512';
$mode = isset($options['mode']) ? $options['mode'] : 'ps';
$salt_len = isset($options['salt_length']) ? $options['salt_length'] : 50;
$salt = random_bytes_ex($salt_len);
$salt = random_bytes_ex($salt_len, true, true);
return vts_crypt($algo, $password, $salt, $ver, $mode);
} else {
// $algo === PASSWORD_DEFAULT
266,7 → 266,7
if ($salt_len <= 0) return '';
$characters = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
$salt = '';
$bytes = random_bytes_ex($salt_len);
$bytes = random_bytes_ex($salt_len, true, true);
for ($i=0; $i<$salt_len; $i++) {
$salt .= $characters[ord($bytes[$i]) % strlen($characters)];
}