nizongfeng
/
ZZCMS
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
8.3 MiB
 
 
 
 
 
Tree: e45ea09e50
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e45ea09e50'
${ noResults }
ZZCMS/wp-includes/random_compat/random_bytes_dev_urandom.php

149 lines
4.4 KiB
Raw Blame History 

  1. <?php

  2. /**

  3.  * Random_* Compatibility Library 

  4.  * for using the new PHP 7 random_* API in PHP 5 projects

  5.  * 

  6.  * The MIT License (MIT)

  7.  * 

  8.  * Copyright (c) 2015 Paragon Initiative Enterprises

  9.  * 

  10.  * Permission is hereby granted, free of charge, to any person obtaining a copy

  11.  * of this software and associated documentation files (the "Software"), to deal

  12.  * in the Software without restriction, including without limitation the rights

  13.  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell

  14.  * copies of the Software, and to permit persons to whom the Software is

  15.  * furnished to do so, subject to the following conditions:

  16.  * 

  17.  * The above copyright notice and this permission notice shall be included in

  18.  * all copies or substantial portions of the Software.

  19.  * 

  20.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

  21.  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

  22.  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

  23.  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

  24.  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,

  25.  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

  26.  * SOFTWARE.

  27.  */

  28. 

  29. if (!defined('RANDOM_COMPAT_READ_BUFFER')) {

  30.     define('RANDOM_COMPAT_READ_BUFFER', 8);

  31. }

  32. 

  33. /**

  34.  * Unless open_basedir is enabled, use /dev/urandom for

  35.  * random numbers in accordance with best practices

  36.  * 

  37.  * Why we use /dev/urandom and not /dev/random

  38.  * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers

  39.  * 

  40.  * @param int $bytes

  41.  * 

  42.  * @throws Exception

  43.  * 

  44.  * @return string

  45.  */

  46. function random_bytes($bytes)

  47. {

  48.     static $fp = null;

  49.     /**

  50.      * This block should only be run once

  51.      */

  52.     if (empty($fp)) {

  53.         /**

  54.          * We use /dev/urandom if it is a char device.

  55.          * We never fall back to /dev/random

  56.          */

  57.         $fp = fopen('/dev/urandom', 'rb');

  58.         if (!empty($fp)) {

  59.             $st = fstat($fp);

  60.             if (($st['mode'] & 0170000) !== 020000) {

  61.                 fclose($fp);

  62.                 $fp = false;

  63.             }

  64.         }

  65. 

  66.         if (!empty($fp)) {

  67.             /**

  68.              * stream_set_read_buffer() does not exist in HHVM

  69.              * 

  70.              * If we don't set the stream's read buffer to 0, PHP will

  71.              * internally buffer 8192 bytes, which can waste entropy

  72.              * 

  73.              * stream_set_read_buffer returns 0 on success

  74.              */

  75.             if (function_exists('stream_set_read_buffer')) {

  76.                 stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER);

  77.             }

  78.             if (function_exists('stream_set_chunk_size')) {

  79.                 stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER);

  80.             }

  81.         }

  82.     }

  83. 

  84.     try {

  85.         $bytes = RandomCompat_intval($bytes);

  86.     } catch (TypeError $ex) {

  87.         throw new TypeError(

  88.             'random_bytes(): $bytes must be an integer'

  89.         );

  90.     }

  91. 

  92.     if ($bytes < 1) {

  93.         throw new Error(

  94.             'Length must be greater than 0'

  95.         );

  96.     }

  97. 

  98.     /**

  99.      * This if() block only runs if we managed to open a file handle

  100.      * 

  101.      * It does not belong in an else {} block, because the above 

  102.      * if (empty($fp)) line is logic that should only be run once per

  103.      * page load.

  104.      */

  105.     if (!empty($fp)) {

  106.         $remaining = $bytes;

  107.         $buf = '';

  108. 

  109.         /**

  110.          * We use fread() in a loop to protect against partial reads

  111.          */

  112.         do {

  113.             $read = fread($fp, $remaining); 

  114.             if ($read === false) {

  115.                 /**

  116.                  * We cannot safely read from the file. Exit the

  117.                  * do-while loop and trigger the exception condition

  118.                  */

  119.                 $buf = false;

  120.                 break;

  121.             }

  122.             /**

  123.              * Decrease the number of bytes returned from remaining

  124.              */

  125.             $remaining -= RandomCompat_strlen($read);

  126.             $buf .= $read;

  127.         } while ($remaining > 0);

  128.         

  129.         /**

  130.          * Is our result valid?

  131.          */

  132.         if ($buf !== false) {

  133.             if (RandomCompat_strlen($buf) === $bytes) {

  134.                 /**

  135.                  * Return our random entropy buffer here:

  136.                  */

  137.                 return $buf;

  138.             }

  139.         }

  140.     }

  141. 

  142.     /**

  143.      * If we reach here, PHP has failed us.

  144.      */

  145.     throw new Exception(

  146.         'Error reading from source device'

  147.     );

  148. }