Fallback to /dev/random if openssl_random_pseudo_bytes not available
This commit is contained in:
parent
99cd922b82
commit
d6c4b83f13
20
lib/util.php
20
lib/util.php
|
@ -556,12 +556,13 @@ class OC_Util {
|
|||
}
|
||||
|
||||
/*
|
||||
* @brief Generates random bytes with "openssl_random_pseudo_bytes" with a fallback for systems without openssl
|
||||
* Inspired by gorgo on php.net
|
||||
* @param Int with the length of the random
|
||||
* @return String with the random bytes
|
||||
* @brief Generates a cryptographical secure pseudorandom string
|
||||
* @param Int with the length of the random string
|
||||
* @return String
|
||||
*/
|
||||
public static function generate_random_bytes($length = 30) {
|
||||
|
||||
// Try to use openssl_random_pseudo_bytes
|
||||
if(function_exists('openssl_random_pseudo_bytes')) {
|
||||
$pseudo_byte = bin2hex(openssl_random_pseudo_bytes($length, $strong));
|
||||
if($strong == TRUE) {
|
||||
|
@ -569,9 +570,16 @@ class OC_Util {
|
|||
}
|
||||
}
|
||||
|
||||
// fallback to mt_rand()
|
||||
// Try to use /dev/random
|
||||
$fp = @file_get_contents('/dev/random', false, null, 0, $length);
|
||||
if ($fp !== FALSE) {
|
||||
$string = substr(bin2hex($fp), 0, $length);
|
||||
return $string;
|
||||
}
|
||||
|
||||
// Fallback to mt_rand()
|
||||
$characters = '0123456789';
|
||||
$characters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
||||
$characters .= 'abcdefghijklmnopqrstuvwxyz';
|
||||
$charactersLength = strlen($characters)-1;
|
||||
$pseudo_byte = "";
|
||||
|
||||
|
|
Loading…
Reference in New Issue