Lukas Reschke
8 years ago
2 changed files with 21 additions and 6 deletions
+ 16
- 3
lib/private/security/securerandom.php
View File
| @@ -28,7 +28,7 @@ use OCP\Security\ISecureRandom; | |||
| /** | |||
| * Class SecureRandom provides a layer around RandomLib to generate | |||
| * secure random strings. | |||
| * secure random strings. For PHP 7 the native CSPRNG is used. | |||
| * | |||
| * Usage: | |||
| * \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(10); | |||
| @@ -77,16 +77,29 @@ class SecureRandom implements ISecureRandom { | |||
| /** | |||
| * Generate a random string of specified length. | |||
| * @param int $length The length of the generated string | |||
| * @param string $characters An optional list of characters to use if no characterlist is | |||
| * @param string $characters An optional list of characters to use if no character list is | |||
| * specified all valid base64 characters are used. | |||
| * @return string | |||
| * @throws \Exception If the generator is not initialized. | |||
| */ | |||
| public function generate($length, $characters = '') { | |||
| public function generate($length, | |||
| $characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/') { | |||
| if(is_null($this->generator)) { | |||
| throw new \Exception('Generator is not initialized.'); | |||
| } | |||
| if(function_exists('random_int')) { | |||
| $maxCharIndex = strlen($characters) - 1; | |||
| $randomString = ''; | |||
| while($length > 0) { | |||
| $randomNumber = random_int(0, $maxCharIndex); | |||
| $randomString .= $characters[$randomNumber]; | |||
| $length--; | |||
| } | |||
| return $randomString; | |||
| } | |||
| return $this->generator->generateString($length, $characters); | |||
| } | |||
| } | |||
+ 5
- 3
lib/public/security/isecurerandom.php
View File
| @@ -24,7 +24,7 @@ namespace OCP\Security; | |||
| /** | |||
| * Class SecureRandom provides a layer around RandomLib to generate | |||
| * secure random numbers. | |||
| * secure random strings. For PHP 7 the native CSPRNG is used. | |||
| * | |||
| * Usage: | |||
| * $rng = new \OC\Security\SecureRandom(); | |||
| @@ -70,11 +70,13 @@ interface ISecureRandom { | |||
| /** | |||
| * Generate a random string of specified length. | |||
| * @param int $length The length of the generated string | |||
| * @param string $characters An optional list of characters to use if no characterlist is | |||
| * @param string $characters An optional list of characters to use if no character list is | |||
| * specified all valid base64 characters are used. | |||
| * @return string | |||
| * @throws \Exception If the generator is not initialized. | |||
| * @since 8.0.0 | |||
| */ | |||
| public function generate($length, $characters = ''); | |||
| public function generate($length, | |||
| $characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'); | |||
| } | |||
Loading…