From 045ea4eb2b3bfb9eb6b7c27324aec66b4233d34c Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Fri, 6 Nov 2015 16:24:26 +0100 Subject: Use native CSPRNG if available MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Unfortunately only PHP 7… --- lib/public/security/isecurerandom.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'lib/public') diff --git a/lib/public/security/isecurerandom.php b/lib/public/security/isecurerandom.php index cbe2d4e0d56..1b72e4f4377 100644 --- a/lib/public/security/isecurerandom.php +++ b/lib/public/security/isecurerandom.php @@ -24,7 +24,7 @@ namespace OCP\Security; /** * Class SecureRandom provides a layer around RandomLib to generate - * secure random numbers. + * secure random strings. For PHP 7 the native CSPRNG is used. * * Usage: * $rng = new \OC\Security\SecureRandom(); @@ -70,11 +70,13 @@ interface ISecureRandom { /** * Generate a random string of specified length. * @param int $length The length of the generated string - * @param string $characters An optional list of characters to use if no characterlist is + * @param string $characters An optional list of characters to use if no character list is * specified all valid base64 characters are used. * @return string * @throws \Exception If the generator is not initialized. * @since 8.0.0 */ - public function generate($length, $characters = ''); + public function generate($length, + $characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'); + } -- cgit v1.2.3