diff options
author | plegall <plg@piwigo.org> | 2016-05-02 13:09:12 +0200 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2016-05-02 13:09:12 +0200 |
commit | 7ea9cf90752c460e29e14b5e6064519eaba9eed2 (patch) | |
tree | 4a5223faa57187ac16ff6af1d5bbe1ede6d61aae /include/random_compat/random_bytes_dev_urandom.php | |
parent | cfa7bf2228fbd4a3e3534943a6ea7945b58f0beb (diff) | |
parent | f51ee90c66527fd7ff634f3e8d414cb670da068d (diff) |
Merge branch '2.8'
Diffstat (limited to 'include/random_compat/random_bytes_dev_urandom.php')
-rw-r--r-- | include/random_compat/random_bytes_dev_urandom.php | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/include/random_compat/random_bytes_dev_urandom.php b/include/random_compat/random_bytes_dev_urandom.php new file mode 100644 index 000000000..db93b0757 --- /dev/null +++ b/include/random_compat/random_bytes_dev_urandom.php @@ -0,0 +1,148 @@ +<?php +/** + * Random_* Compatibility Library + * for using the new PHP 7 random_* API in PHP 5 projects + * + * The MIT License (MIT) + * + * Copyright (c) 2015 Paragon Initiative Enterprises + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +if (!defined('RANDOM_COMPAT_READ_BUFFER')) { + define('RANDOM_COMPAT_READ_BUFFER', 8); +} + +/** + * Unless open_basedir is enabled, use /dev/urandom for + * random numbers in accordance with best practices + * + * Why we use /dev/urandom and not /dev/random + * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers + * + * @param int $bytes + * + * @throws Exception + * + * @return string + */ +function random_bytes($bytes) +{ + static $fp = null; + /** + * This block should only be run once + */ + if (empty($fp)) { + /** + * We use /dev/urandom if it is a char device. + * We never fall back to /dev/random + */ + $fp = fopen('/dev/urandom', 'rb'); + if (!empty($fp)) { + $st = fstat($fp); + if (($st['mode'] & 0170000) !== 020000) { + fclose($fp); + $fp = false; + } + } + + if (!empty($fp)) { + /** + * stream_set_read_buffer() does not exist in HHVM + * + * If we don't set the stream's read buffer to 0, PHP will + * internally buffer 8192 bytes, which can waste entropy + * + * stream_set_read_buffer returns 0 on success + */ + if (function_exists('stream_set_read_buffer')) { + stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); + } + if (function_exists('stream_set_chunk_size')) { + stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); + } + } + } + + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); + } + + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); + } + + /** + * This if() block only runs if we managed to open a file handle + * + * It does not belong in an else {} block, because the above + * if (empty($fp)) line is logic that should only be run once per + * page load. + */ + if (!empty($fp)) { + $remaining = $bytes; + $buf = ''; + + /** + * We use fread() in a loop to protect against partial reads + */ + do { + $read = fread($fp, $remaining); + if ($read === false) { + /** + * We cannot safely read from the file. Exit the + * do-while loop and trigger the exception condition + */ + $buf = false; + break; + } + /** + * Decrease the number of bytes returned from remaining + */ + $remaining -= RandomCompat_strlen($read); + $buf .= $read; + } while ($remaining > 0); + + /** + * Is our result valid? + */ + if ($buf !== false) { + if (RandomCompat_strlen($buf) === $bytes) { + /** + * Return our random entropy buffer here: + */ + return $buf; + } + } + } + + /** + * If we reach here, PHP has failed us. + */ + throw new Exception( + 'Error reading from source device' + ); +} |