summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2015-11-10 10:10:23 +0100
committerThomas Müller <thomas.mueller@tmit.eu>2015-11-10 10:10:23 +0100
commit422d29ae48fe0646b1b5b633b205ea146d9ed69f (patch)
tree116c5b59f799231b7b07f5f6b6ba72e139de8bd7
parent960c8cb5bce4449834cf6373601e7555743cb89f (diff)
parent045ea4eb2b3bfb9eb6b7c27324aec66b4233d34c (diff)
downloadnextcloud-server-422d29ae48fe0646b1b5b633b205ea146d9ed69f.tar.gz
nextcloud-server-422d29ae48fe0646b1b5b633b205ea146d9ed69f.zip
Merge pull request #20373 from owncloud/use-random-int-if-it-exists
Use native CSPRNG if available
-rw-r--r--lib/private/security/securerandom.php19
-rw-r--r--lib/public/security/isecurerandom.php8
2 files changed, 21 insertions, 6 deletions
diff --git a/lib/private/security/securerandom.php b/lib/private/security/securerandom.php
index 409285fd098..87dca68985e 100644
--- a/lib/private/security/securerandom.php
+++ b/lib/private/security/securerandom.php
@@ -28,7 +28,7 @@ use OCP\Security\ISecureRandom;
/**
* Class SecureRandom provides a layer around RandomLib to generate
- * secure random strings.
+ * secure random strings. For PHP 7 the native CSPRNG is used.
*
* Usage:
* \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(10);
@@ -77,16 +77,29 @@ class SecureRandom implements ISecureRandom {
/**
* Generate a random string of specified length.
* @param int $length The length of the generated string
- * @param string $characters An optional list of characters to use if no characterlist is
+ * @param string $characters An optional list of characters to use if no character list is
* specified all valid base64 characters are used.
* @return string
* @throws \Exception If the generator is not initialized.
*/
- public function generate($length, $characters = '') {
+ public function generate($length,
+ $characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/') {
if(is_null($this->generator)) {
throw new \Exception('Generator is not initialized.');
}
+ if(function_exists('random_int')) {
+ $maxCharIndex = strlen($characters) - 1;
+ $randomString = '';
+
+ while($length > 0) {
+ $randomNumber = random_int(0, $maxCharIndex);
+ $randomString .= $characters[$randomNumber];
+ $length--;
+ }
+ return $randomString;
+ }
+
return $this->generator->generateString($length, $characters);
}
}
diff --git a/lib/public/security/isecurerandom.php b/lib/public/security/isecurerandom.php
index cbe2d4e0d56..1b72e4f4377 100644
--- a/lib/public/security/isecurerandom.php
+++ b/lib/public/security/isecurerandom.php
@@ -24,7 +24,7 @@ namespace OCP\Security;
/**
* Class SecureRandom provides a layer around RandomLib to generate
- * secure random numbers.
+ * secure random strings. For PHP 7 the native CSPRNG is used.
*
* Usage:
* $rng = new \OC\Security\SecureRandom();
@@ -70,11 +70,13 @@ interface ISecureRandom {
/**
* Generate a random string of specified length.
* @param int $length The length of the generated string
- * @param string $characters An optional list of characters to use if no characterlist is
+ * @param string $characters An optional list of characters to use if no character list is
* specified all valid base64 characters are used.
* @return string
* @throws \Exception If the generator is not initialized.
* @since 8.0.0
*/
- public function generate($length, $characters = '');
+ public function generate($length,
+ $characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/');
+
}