Chris@0
|
1 <?php
|
Chris@0
|
2 /**
|
Chris@17
|
3 * Random_* Compatibility Library
|
Chris@0
|
4 * for using the new PHP 7 random_* API in PHP 5 projects
|
Chris@17
|
5 *
|
Chris@0
|
6 * The MIT License (MIT)
|
Chris@17
|
7 *
|
Chris@16
|
8 * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
|
Chris@17
|
9 *
|
Chris@0
|
10 * Permission is hereby granted, free of charge, to any person obtaining a copy
|
Chris@0
|
11 * of this software and associated documentation files (the "Software"), to deal
|
Chris@0
|
12 * in the Software without restriction, including without limitation the rights
|
Chris@0
|
13 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
Chris@0
|
14 * copies of the Software, and to permit persons to whom the Software is
|
Chris@0
|
15 * furnished to do so, subject to the following conditions:
|
Chris@17
|
16 *
|
Chris@0
|
17 * The above copyright notice and this permission notice shall be included in
|
Chris@0
|
18 * all copies or substantial portions of the Software.
|
Chris@17
|
19 *
|
Chris@0
|
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
Chris@0
|
21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
Chris@0
|
22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
Chris@0
|
23 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
Chris@0
|
24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
Chris@0
|
25 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
Chris@0
|
26 * SOFTWARE.
|
Chris@0
|
27 */
|
Chris@0
|
28
|
Chris@0
|
29 if (!is_callable('random_bytes')) {
|
Chris@0
|
30 /**
|
Chris@0
|
31 * Windows with PHP < 5.3.0 will not have the function
|
Chris@0
|
32 * openssl_random_pseudo_bytes() available, so let's use
|
Chris@0
|
33 * CAPICOM to work around this deficiency.
|
Chris@0
|
34 *
|
Chris@0
|
35 * @param int $bytes
|
Chris@0
|
36 *
|
Chris@0
|
37 * @throws Exception
|
Chris@0
|
38 *
|
Chris@0
|
39 * @return string
|
Chris@0
|
40 */
|
Chris@0
|
41 function random_bytes($bytes)
|
Chris@0
|
42 {
|
Chris@0
|
43 try {
|
Chris@16
|
44 /** @var int $bytes */
|
Chris@0
|
45 $bytes = RandomCompat_intval($bytes);
|
Chris@0
|
46 } catch (TypeError $ex) {
|
Chris@0
|
47 throw new TypeError(
|
Chris@0
|
48 'random_bytes(): $bytes must be an integer'
|
Chris@0
|
49 );
|
Chris@0
|
50 }
|
Chris@0
|
51
|
Chris@0
|
52 if ($bytes < 1) {
|
Chris@0
|
53 throw new Error(
|
Chris@0
|
54 'Length must be greater than 0'
|
Chris@0
|
55 );
|
Chris@0
|
56 }
|
Chris@0
|
57
|
Chris@16
|
58 /** @var string $buf */
|
Chris@0
|
59 $buf = '';
|
Chris@0
|
60 if (!class_exists('COM')) {
|
Chris@0
|
61 throw new Error(
|
Chris@0
|
62 'COM does not exist'
|
Chris@0
|
63 );
|
Chris@0
|
64 }
|
Chris@16
|
65 /** @var COM $util */
|
Chris@0
|
66 $util = new COM('CAPICOM.Utilities.1');
|
Chris@0
|
67 $execCount = 0;
|
Chris@0
|
68
|
Chris@0
|
69 /**
|
Chris@0
|
70 * Let's not let it loop forever. If we run N times and fail to
|
Chris@0
|
71 * get N bytes of random data, then CAPICOM has failed us.
|
Chris@0
|
72 */
|
Chris@0
|
73 do {
|
Chris@16
|
74 $buf .= base64_decode((string) $util->GetRandom($bytes, 0));
|
Chris@0
|
75 if (RandomCompat_strlen($buf) >= $bytes) {
|
Chris@0
|
76 /**
|
Chris@0
|
77 * Return our random entropy buffer here:
|
Chris@0
|
78 */
|
Chris@16
|
79 return (string) RandomCompat_substr($buf, 0, $bytes);
|
Chris@0
|
80 }
|
Chris@0
|
81 ++$execCount;
|
Chris@0
|
82 } while ($execCount < $bytes);
|
Chris@0
|
83
|
Chris@0
|
84 /**
|
Chris@0
|
85 * If we reach here, PHP has failed us.
|
Chris@0
|
86 */
|
Chris@0
|
87 throw new Exception(
|
Chris@0
|
88 'Could not gather sufficient random data'
|
Chris@0
|
89 );
|
Chris@0
|
90 }
|
Chris@17
|
91 }
|