Add some security utilities

This adds some security utilities to core including:
- A library for basic crypto operations (e.g. to encrypt passwords)
- A better library for cryptographic actions which allows you to specify the charset
- A library for secure string comparisions

Remove .htaccess

Remove .htaccess

Fix typo

Add public API

Use timing constant comparision

Remove CBC constant

Adjust code

Remove confusing $this

2 files changed, 0 insertions, 8 deletions

diff --git a/core/setup/controller.php b/core/setup/controller.php
index e764b232e89..c72f06fc2df 100644
--- a/core/setup/controller.php
+++ b/core/setup/controller.php
@@ -153,7 +153,6 @@ class Controller {
 			'hasMSSQL' => $hasMSSQL,
 			'databases' => $databases,
 			'directory' => $datadir,
-			'secureRNG' => \OC_Util::secureRNGAvailable(),
 			'htaccessWorking' => $htaccessWorking,
 			'vulnerableToNullByte' => $vulnerableToNullByte,
 			'errors' => $errors,
diff --git a/core/templates/installation.php b/core/templates/installation.php
index f934e3a86c2..b74d4caf107 100644
--- a/core/templates/installation.php
+++ b/core/templates/installation.php
@@ -27,13 +27,6 @@
 		<?php p($l->t('Please update your PHP installation to use %s securely.', $theme->getName() )); ?></p>
 	</fieldset>
 	<?php endif; ?>
-	<?php if(!$_['secureRNG']): ?>
-	<fieldset class="warning">
-		<legend><strong><?php p($l->t('Security Warning'));?></strong></legend>
-		<p><?php p($l->t('No secure random number generator is available, please enable the PHP OpenSSL extension.'));?><br/>
-		<?php p($l->t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.'));?></p>
-	</fieldset>
-	<?php endif; ?>
 	<?php if(!$_['htaccessWorking']): ?>
 	<fieldset class="warning">
 		<legend><strong><?php p($l->t('Security Warning'));?></strong></legend>