Fallback to /dev/random if openssl_random_pseudo_bytes not available
This commit is contained in:
parent
99cd922b82
commit
d6c4b83f13
20
lib/util.php
20
lib/util.php
|
@ -556,12 +556,13 @@ class OC_Util {
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* @brief Generates random bytes with "openssl_random_pseudo_bytes" with a fallback for systems without openssl
|
* @brief Generates a cryptographical secure pseudorandom string
|
||||||
* Inspired by gorgo on php.net
|
* @param Int with the length of the random string
|
||||||
* @param Int with the length of the random
|
* @return String
|
||||||
* @return String with the random bytes
|
|
||||||
*/
|
*/
|
||||||
public static function generate_random_bytes($length = 30) {
|
public static function generate_random_bytes($length = 30) {
|
||||||
|
|
||||||
|
// Try to use openssl_random_pseudo_bytes
|
||||||
if(function_exists('openssl_random_pseudo_bytes')) {
|
if(function_exists('openssl_random_pseudo_bytes')) {
|
||||||
$pseudo_byte = bin2hex(openssl_random_pseudo_bytes($length, $strong));
|
$pseudo_byte = bin2hex(openssl_random_pseudo_bytes($length, $strong));
|
||||||
if($strong == TRUE) {
|
if($strong == TRUE) {
|
||||||
|
@ -569,9 +570,16 @@ class OC_Util {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// fallback to mt_rand()
|
// Try to use /dev/random
|
||||||
|
$fp = @file_get_contents('/dev/random', false, null, 0, $length);
|
||||||
|
if ($fp !== FALSE) {
|
||||||
|
$string = substr(bin2hex($fp), 0, $length);
|
||||||
|
return $string;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fallback to mt_rand()
|
||||||
$characters = '0123456789';
|
$characters = '0123456789';
|
||||||
$characters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
$characters .= 'abcdefghijklmnopqrstuvwxyz';
|
||||||
$charactersLength = strlen($characters)-1;
|
$charactersLength = strlen($characters)-1;
|
||||||
$pseudo_byte = "";
|
$pseudo_byte = "";
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue