Mercurial > hg > isophonics-drupal-site

annotate vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php @ 0:4c8ae668cc8c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Initial import (non-working)
author Chris Cannam
date Wed, 29 Nov 2017 16:09:58 +0000
parents
children c2387f117808
rev   line source
Chris@0 1 <?php
Chris@0 2 /**
Chris@0 3 * Random_* Compatibility Library
Chris@0 4 * for using the new PHP 7 random_* API in PHP 5 projects
Chris@0 5 *
Chris@0 6 * The MIT License (MIT)
Chris@0 7 *
Chris@0 8 * Copyright (c) 2015 - 2017 Paragon Initiative Enterprises
Chris@0 9 *
Chris@0 10 * Permission is hereby granted, free of charge, to any person obtaining a copy
Chris@0 11 * of this software and associated documentation files (the "Software"), to deal
Chris@0 12 * in the Software without restriction, including without limitation the rights
Chris@0 13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
Chris@0 14 * copies of the Software, and to permit persons to whom the Software is
Chris@0 15 * furnished to do so, subject to the following conditions:
Chris@0 16 *
Chris@0 17 * The above copyright notice and this permission notice shall be included in
Chris@0 18 * all copies or substantial portions of the Software.
Chris@0 19 *
Chris@0 20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
Chris@0 21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
Chris@0 22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
Chris@0 23 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
Chris@0 24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
Chris@0 25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
Chris@0 26 * SOFTWARE.
Chris@0 27 */
Chris@0 28
Chris@0 29 if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
Chris@0 30 define('RANDOM_COMPAT_READ_BUFFER', 8);
Chris@0 31 }
Chris@0 32
Chris@0 33 if (!is_callable('random_bytes')) {
Chris@0 34 /**
Chris@0 35 * Unless open_basedir is enabled, use /dev/urandom for
Chris@0 36 * random numbers in accordance with best practices
Chris@0 37 *
Chris@0 38 * Why we use /dev/urandom and not /dev/random
Chris@0 39 * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers
Chris@0 40 *
Chris@0 41 * @param int $bytes
Chris@0 42 *
Chris@0 43 * @throws Exception
Chris@0 44 *
Chris@0 45 * @return string
Chris@0 46 */
Chris@0 47 function random_bytes($bytes)
Chris@0 48 {
Chris@0 49 static $fp = null;
Chris@0 50 /**
Chris@0 51 * This block should only be run once
Chris@0 52 */
Chris@0 53 if (empty($fp)) {
Chris@0 54 /**
Chris@0 55 * We use /dev/urandom if it is a char device.
Chris@0 56 * We never fall back to /dev/random
Chris@0 57 */
Chris@0 58 $fp = fopen('/dev/urandom', 'rb');
Chris@0 59 if (!empty($fp)) {
Chris@0 60 $st = fstat($fp);
Chris@0 61 if (($st['mode'] & 0170000) !== 020000) {
Chris@0 62 fclose($fp);
Chris@0 63 $fp = false;
Chris@0 64 }
Chris@0 65 }
Chris@0 66
Chris@0 67 if (!empty($fp)) {
Chris@0 68 /**
Chris@0 69 * stream_set_read_buffer() does not exist in HHVM
Chris@0 70 *
Chris@0 71 * If we don't set the stream's read buffer to 0, PHP will
Chris@0 72 * internally buffer 8192 bytes, which can waste entropy
Chris@0 73 *
Chris@0 74 * stream_set_read_buffer returns 0 on success
Chris@0 75 */
Chris@0 76 if (is_callable('stream_set_read_buffer')) {
Chris@0 77 stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER);
Chris@0 78 }
Chris@0 79 if (is_callable('stream_set_chunk_size')) {
Chris@0 80 stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER);
Chris@0 81 }
Chris@0 82 }
Chris@0 83 }
Chris@0 84
Chris@0 85 try {
Chris@0 86 $bytes = RandomCompat_intval($bytes);
Chris@0 87 } catch (TypeError $ex) {
Chris@0 88 throw new TypeError(
Chris@0 89 'random_bytes(): $bytes must be an integer'
Chris@0 90 );
Chris@0 91 }
Chris@0 92
Chris@0 93 if ($bytes < 1) {
Chris@0 94 throw new Error(
Chris@0 95 'Length must be greater than 0'
Chris@0 96 );
Chris@0 97 }
Chris@0 98
Chris@0 99 /**
Chris@0 100 * This if() block only runs if we managed to open a file handle
Chris@0 101 *
Chris@0 102 * It does not belong in an else {} block, because the above
Chris@0 103 * if (empty($fp)) line is logic that should only be run once per
Chris@0 104 * page load.
Chris@0 105 */
Chris@0 106 if (!empty($fp)) {
Chris@0 107 /**
Chris@0 108 * @var int
Chris@0 109 */
Chris@0 110 $remaining = $bytes;
Chris@0 111
Chris@0 112 /**
Chris@0 113 * @var string|bool
Chris@0 114 */
Chris@0 115 $buf = '';
Chris@0 116
Chris@0 117 /**
Chris@0 118 * We use fread() in a loop to protect against partial reads
Chris@0 119 */
Chris@0 120 do {
Chris@0 121 /**
Chris@0 122 * @var string|bool
Chris@0 123 */
Chris@0 124 $read = fread($fp, $remaining);
Chris@0 125 if (!is_string($read)) {
Chris@0 126 if ($read === false) {
Chris@0 127 /**
Chris@0 128 * We cannot safely read from the file. Exit the
Chris@0 129 * do-while loop and trigger the exception condition
Chris@0 130 *
Chris@0 131 * @var string|bool
Chris@0 132 */
Chris@0 133 $buf = false;
Chris@0 134 break;
Chris@0 135 }
Chris@0 136 }
Chris@0 137 /**
Chris@0 138 * Decrease the number of bytes returned from remaining
Chris@0 139 */
Chris@0 140 $remaining -= RandomCompat_strlen($read);
Chris@0 141 /**
Chris@0 142 * @var string|bool
Chris@0 143 */
Chris@0 144 $buf = $buf . $read;
Chris@0 145 } while ($remaining > 0);
Chris@0 146
Chris@0 147 /**
Chris@0 148 * Is our result valid?
Chris@0 149 */
Chris@0 150 if (is_string($buf)) {
Chris@0 151 if (RandomCompat_strlen($buf) === $bytes) {
Chris@0 152 /**
Chris@0 153 * Return our random entropy buffer here:
Chris@0 154 */
Chris@0 155 return $buf;
Chris@0 156 }
Chris@0 157 }
Chris@0 158 }
Chris@0 159
Chris@0 160 /**
Chris@0 161 * If we reach here, PHP has failed us.
Chris@0 162 */
Chris@0 163 throw new Exception(
Chris@0 164 'Error reading from source device'
Chris@0 165 );
Chris@0 166 }
Chris@0 167 }