Yoshi2889 /
SMF2.1
@@ -498,7 +498,7 @@ |
||
| 498 | 498 | log_error(sprintf($txt['smiley_set_dir_not_found'], $set_names[array_search($set, $context['smiley_sets'])])); |
| 499 | 499 | |
| 500 | 500 | $context['smiley_sets'] = array_filter($context['smiley_sets'], function($v) use ($set) |
| 501 | - { |
|
| 501 | + { |
|
| 502 | 502 | return $v != $set; |
| 503 | 503 | }); |
| 504 | 504 | } |
@@ -27,65 +27,65 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | - * solution. |
|
| 33 | - * |
|
| 34 | - * libsodium-php project: |
|
| 35 | - * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | - * |
|
| 37 | - * @param int $bytes |
|
| 38 | - * |
|
| 39 | - * @throws Exception |
|
| 40 | - * |
|
| 41 | - * @return string |
|
| 42 | - */ |
|
| 43 | - function random_bytes($bytes) |
|
| 44 | - { |
|
| 45 | - try { |
|
| 46 | - /** @var int $bytes */ |
|
| 47 | - $bytes = RandomCompat_intval($bytes); |
|
| 48 | - } catch (TypeError $ex) { |
|
| 49 | - throw new TypeError( |
|
| 50 | - 'random_bytes(): $bytes must be an integer' |
|
| 51 | - ); |
|
| 52 | - } |
|
| 30 | + /** |
|
| 31 | + * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | + * solution. |
|
| 33 | + * |
|
| 34 | + * libsodium-php project: |
|
| 35 | + * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | + * |
|
| 37 | + * @param int $bytes |
|
| 38 | + * |
|
| 39 | + * @throws Exception |
|
| 40 | + * |
|
| 41 | + * @return string |
|
| 42 | + */ |
|
| 43 | + function random_bytes($bytes) |
|
| 44 | + { |
|
| 45 | + try { |
|
| 46 | + /** @var int $bytes */ |
|
| 47 | + $bytes = RandomCompat_intval($bytes); |
|
| 48 | + } catch (TypeError $ex) { |
|
| 49 | + throw new TypeError( |
|
| 50 | + 'random_bytes(): $bytes must be an integer' |
|
| 51 | + ); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - if ($bytes < 1) { |
|
| 55 | - throw new Error( |
|
| 56 | - 'Length must be greater than 0' |
|
| 57 | - ); |
|
| 58 | - } |
|
| 54 | + if ($bytes < 1) { |
|
| 55 | + throw new Error( |
|
| 56 | + 'Length must be greater than 0' |
|
| 57 | + ); |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 62 | - * generated in one invocation. |
|
| 63 | - */ |
|
| 64 | - /** @var string|bool $buf */ |
|
| 65 | - if ($bytes > 2147483647) { |
|
| 66 | - $buf = ''; |
|
| 67 | - for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 68 | - $n = ($bytes - $i) > 1073741824 |
|
| 69 | - ? 1073741824 |
|
| 70 | - : $bytes - $i; |
|
| 71 | - $buf .= \Sodium\randombytes_buf($n); |
|
| 72 | - } |
|
| 73 | - } else { |
|
| 74 | - /** @var string|bool $buf */ |
|
| 75 | - $buf = \Sodium\randombytes_buf($bytes); |
|
| 76 | - } |
|
| 60 | + /** |
|
| 61 | + * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 62 | + * generated in one invocation. |
|
| 63 | + */ |
|
| 64 | + /** @var string|bool $buf */ |
|
| 65 | + if ($bytes > 2147483647) { |
|
| 66 | + $buf = ''; |
|
| 67 | + for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 68 | + $n = ($bytes - $i) > 1073741824 |
|
| 69 | + ? 1073741824 |
|
| 70 | + : $bytes - $i; |
|
| 71 | + $buf .= \Sodium\randombytes_buf($n); |
|
| 72 | + } |
|
| 73 | + } else { |
|
| 74 | + /** @var string|bool $buf */ |
|
| 75 | + $buf = \Sodium\randombytes_buf($bytes); |
|
| 76 | + } |
|
| 77 | 77 | |
| 78 | - if (is_string($buf)) { |
|
| 79 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 80 | - return $buf; |
|
| 81 | - } |
|
| 82 | - } |
|
| 78 | + if (is_string($buf)) { |
|
| 79 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 80 | + return $buf; |
|
| 81 | + } |
|
| 82 | + } |
|
| 83 | 83 | |
| 84 | - /** |
|
| 85 | - * If we reach here, PHP has failed us. |
|
| 86 | - */ |
|
| 87 | - throw new Exception( |
|
| 88 | - 'Could not gather sufficient random data' |
|
| 89 | - ); |
|
| 90 | - } |
|
| 84 | + /** |
|
| 85 | + * If we reach here, PHP has failed us. |
|
| 86 | + */ |
|
| 87 | + throw new Exception( |
|
| 88 | + 'Could not gather sufficient random data' |
|
| 89 | + ); |
|
| 90 | + } |
|
| 91 | 91 | } |
@@ -26,7 +26,8 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!is_callable('random_bytes')) { |
|
| 29 | +if (!is_callable('random_bytes')) |
|
| 30 | +{ |
|
| 30 | 31 | /** |
| 31 | 32 | * If the libsodium PHP extension is loaded, we'll use it above any other |
| 32 | 33 | * solution. |
@@ -42,16 +43,20 @@ discard block |
||
| 42 | 43 | */ |
| 43 | 44 | function random_bytes($bytes) |
| 44 | 45 | { |
| 45 | - try { |
|
| 46 | + try |
|
| 47 | + { |
|
| 46 | 48 | /** @var int $bytes */ |
| 47 | 49 | $bytes = RandomCompat_intval($bytes); |
| 48 | - } catch (TypeError $ex) { |
|
| 50 | + } |
|
| 51 | + catch (TypeError $ex) |
|
| 52 | + { |
|
| 49 | 53 | throw new TypeError( |
| 50 | 54 | 'random_bytes(): $bytes must be an integer' |
| 51 | 55 | ); |
| 52 | 56 | } |
| 53 | 57 | |
| 54 | - if ($bytes < 1) { |
|
| 58 | + if ($bytes < 1) |
|
| 59 | + { |
|
| 55 | 60 | throw new Error( |
| 56 | 61 | 'Length must be greater than 0' |
| 57 | 62 | ); |
@@ -62,21 +67,27 @@ discard block |
||
| 62 | 67 | * generated in one invocation. |
| 63 | 68 | */ |
| 64 | 69 | /** @var string|bool $buf */ |
| 65 | - if ($bytes > 2147483647) { |
|
| 70 | + if ($bytes > 2147483647) |
|
| 71 | + { |
|
| 66 | 72 | $buf = ''; |
| 67 | - for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 73 | + for ($i = 0; $i < $bytes; $i += 1073741824) |
|
| 74 | + { |
|
| 68 | 75 | $n = ($bytes - $i) > 1073741824 |
| 69 | 76 | ? 1073741824 |
| 70 | 77 | : $bytes - $i; |
| 71 | 78 | $buf .= \Sodium\randombytes_buf($n); |
| 72 | 79 | } |
| 73 | - } else { |
|
| 80 | + } |
|
| 81 | + else |
|
| 82 | + { |
|
| 74 | 83 | /** @var string|bool $buf */ |
| 75 | 84 | $buf = \Sodium\randombytes_buf($bytes); |
| 76 | 85 | } |
| 77 | 86 | |
| 78 | - if (is_string($buf)) { |
|
| 79 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 87 | + if (is_string($buf)) |
|
| 88 | + { |
|
| 89 | + if (RandomCompat_strlen($buf) === $bytes) |
|
| 90 | + { |
|
| 80 | 91 | return $buf; |
| 81 | 92 | } |
| 82 | 93 | } |
@@ -27,146 +27,146 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!defined('RANDOM_COMPAT_READ_BUFFER')) { |
| 30 | - define('RANDOM_COMPAT_READ_BUFFER', 8); |
|
| 30 | + define('RANDOM_COMPAT_READ_BUFFER', 8); |
|
| 31 | 31 | } |
| 32 | 32 | |
| 33 | 33 | if (!is_callable('random_bytes')) { |
| 34 | - /** |
|
| 35 | - * Unless open_basedir is enabled, use /dev/urandom for |
|
| 36 | - * random numbers in accordance with best practices |
|
| 37 | - * |
|
| 38 | - * Why we use /dev/urandom and not /dev/random |
|
| 39 | - * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers |
|
| 40 | - * |
|
| 41 | - * @param int $bytes |
|
| 42 | - * |
|
| 43 | - * @throws Exception |
|
| 44 | - * |
|
| 45 | - * @return string |
|
| 46 | - */ |
|
| 47 | - function random_bytes($bytes) |
|
| 48 | - { |
|
| 49 | - /** @var resource $fp */ |
|
| 50 | - static $fp = null; |
|
| 34 | + /** |
|
| 35 | + * Unless open_basedir is enabled, use /dev/urandom for |
|
| 36 | + * random numbers in accordance with best practices |
|
| 37 | + * |
|
| 38 | + * Why we use /dev/urandom and not /dev/random |
|
| 39 | + * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers |
|
| 40 | + * |
|
| 41 | + * @param int $bytes |
|
| 42 | + * |
|
| 43 | + * @throws Exception |
|
| 44 | + * |
|
| 45 | + * @return string |
|
| 46 | + */ |
|
| 47 | + function random_bytes($bytes) |
|
| 48 | + { |
|
| 49 | + /** @var resource $fp */ |
|
| 50 | + static $fp = null; |
|
| 51 | 51 | |
| 52 | - /** |
|
| 53 | - * This block should only be run once |
|
| 54 | - */ |
|
| 55 | - if (empty($fp)) { |
|
| 56 | - /** |
|
| 57 | - * We use /dev/urandom if it is a char device. |
|
| 58 | - * We never fall back to /dev/random |
|
| 59 | - */ |
|
| 60 | - /** @var resource|bool $fp */ |
|
| 61 | - $fp = fopen('/dev/urandom', 'rb'); |
|
| 62 | - if (is_resource($fp)) { |
|
| 63 | - /** @var array<string, int> $st */ |
|
| 64 | - $st = fstat($fp); |
|
| 65 | - if (($st['mode'] & 0170000) !== 020000) { |
|
| 66 | - fclose($fp); |
|
| 67 | - $fp = false; |
|
| 68 | - } |
|
| 69 | - } |
|
| 52 | + /** |
|
| 53 | + * This block should only be run once |
|
| 54 | + */ |
|
| 55 | + if (empty($fp)) { |
|
| 56 | + /** |
|
| 57 | + * We use /dev/urandom if it is a char device. |
|
| 58 | + * We never fall back to /dev/random |
|
| 59 | + */ |
|
| 60 | + /** @var resource|bool $fp */ |
|
| 61 | + $fp = fopen('/dev/urandom', 'rb'); |
|
| 62 | + if (is_resource($fp)) { |
|
| 63 | + /** @var array<string, int> $st */ |
|
| 64 | + $st = fstat($fp); |
|
| 65 | + if (($st['mode'] & 0170000) !== 020000) { |
|
| 66 | + fclose($fp); |
|
| 67 | + $fp = false; |
|
| 68 | + } |
|
| 69 | + } |
|
| 70 | 70 | |
| 71 | - if (is_resource($fp)) { |
|
| 72 | - /** |
|
| 73 | - * stream_set_read_buffer() does not exist in HHVM |
|
| 74 | - * |
|
| 75 | - * If we don't set the stream's read buffer to 0, PHP will |
|
| 76 | - * internally buffer 8192 bytes, which can waste entropy |
|
| 77 | - * |
|
| 78 | - * stream_set_read_buffer returns 0 on success |
|
| 79 | - */ |
|
| 80 | - if (is_callable('stream_set_read_buffer')) { |
|
| 81 | - stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 82 | - } |
|
| 83 | - if (is_callable('stream_set_chunk_size')) { |
|
| 84 | - stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 85 | - } |
|
| 86 | - } |
|
| 87 | - } |
|
| 71 | + if (is_resource($fp)) { |
|
| 72 | + /** |
|
| 73 | + * stream_set_read_buffer() does not exist in HHVM |
|
| 74 | + * |
|
| 75 | + * If we don't set the stream's read buffer to 0, PHP will |
|
| 76 | + * internally buffer 8192 bytes, which can waste entropy |
|
| 77 | + * |
|
| 78 | + * stream_set_read_buffer returns 0 on success |
|
| 79 | + */ |
|
| 80 | + if (is_callable('stream_set_read_buffer')) { |
|
| 81 | + stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 82 | + } |
|
| 83 | + if (is_callable('stream_set_chunk_size')) { |
|
| 84 | + stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
|
| 85 | + } |
|
| 86 | + } |
|
| 87 | + } |
|
| 88 | 88 | |
| 89 | - try { |
|
| 90 | - /** @var int $bytes */ |
|
| 91 | - $bytes = RandomCompat_intval($bytes); |
|
| 92 | - } catch (TypeError $ex) { |
|
| 93 | - throw new TypeError( |
|
| 94 | - 'random_bytes(): $bytes must be an integer' |
|
| 95 | - ); |
|
| 96 | - } |
|
| 89 | + try { |
|
| 90 | + /** @var int $bytes */ |
|
| 91 | + $bytes = RandomCompat_intval($bytes); |
|
| 92 | + } catch (TypeError $ex) { |
|
| 93 | + throw new TypeError( |
|
| 94 | + 'random_bytes(): $bytes must be an integer' |
|
| 95 | + ); |
|
| 96 | + } |
|
| 97 | 97 | |
| 98 | - if ($bytes < 1) { |
|
| 99 | - throw new Error( |
|
| 100 | - 'Length must be greater than 0' |
|
| 101 | - ); |
|
| 102 | - } |
|
| 98 | + if ($bytes < 1) { |
|
| 99 | + throw new Error( |
|
| 100 | + 'Length must be greater than 0' |
|
| 101 | + ); |
|
| 102 | + } |
|
| 103 | 103 | |
| 104 | - /** |
|
| 105 | - * This if() block only runs if we managed to open a file handle |
|
| 106 | - * |
|
| 107 | - * It does not belong in an else {} block, because the above |
|
| 108 | - * if (empty($fp)) line is logic that should only be run once per |
|
| 109 | - * page load. |
|
| 110 | - */ |
|
| 111 | - if (is_resource($fp)) { |
|
| 112 | - /** |
|
| 113 | - * @var int |
|
| 114 | - */ |
|
| 115 | - $remaining = $bytes; |
|
| 104 | + /** |
|
| 105 | + * This if() block only runs if we managed to open a file handle |
|
| 106 | + * |
|
| 107 | + * It does not belong in an else {} block, because the above |
|
| 108 | + * if (empty($fp)) line is logic that should only be run once per |
|
| 109 | + * page load. |
|
| 110 | + */ |
|
| 111 | + if (is_resource($fp)) { |
|
| 112 | + /** |
|
| 113 | + * @var int |
|
| 114 | + */ |
|
| 115 | + $remaining = $bytes; |
|
| 116 | 116 | |
| 117 | - /** |
|
| 118 | - * @var string|bool |
|
| 119 | - */ |
|
| 120 | - $buf = ''; |
|
| 117 | + /** |
|
| 118 | + * @var string|bool |
|
| 119 | + */ |
|
| 120 | + $buf = ''; |
|
| 121 | 121 | |
| 122 | - /** |
|
| 123 | - * We use fread() in a loop to protect against partial reads |
|
| 124 | - */ |
|
| 125 | - do { |
|
| 126 | - /** |
|
| 127 | - * @var string|bool |
|
| 128 | - */ |
|
| 129 | - $read = fread($fp, $remaining); |
|
| 130 | - if (!is_string($read)) { |
|
| 131 | - if ($read === false) { |
|
| 132 | - /** |
|
| 133 | - * We cannot safely read from the file. Exit the |
|
| 134 | - * do-while loop and trigger the exception condition |
|
| 135 | - * |
|
| 136 | - * @var string|bool |
|
| 137 | - */ |
|
| 138 | - $buf = false; |
|
| 139 | - break; |
|
| 140 | - } |
|
| 141 | - } |
|
| 142 | - /** |
|
| 143 | - * Decrease the number of bytes returned from remaining |
|
| 144 | - */ |
|
| 145 | - $remaining -= RandomCompat_strlen($read); |
|
| 146 | - /** |
|
| 147 | - * @var string|bool |
|
| 148 | - */ |
|
| 149 | - $buf = $buf . $read; |
|
| 150 | - } while ($remaining > 0); |
|
| 122 | + /** |
|
| 123 | + * We use fread() in a loop to protect against partial reads |
|
| 124 | + */ |
|
| 125 | + do { |
|
| 126 | + /** |
|
| 127 | + * @var string|bool |
|
| 128 | + */ |
|
| 129 | + $read = fread($fp, $remaining); |
|
| 130 | + if (!is_string($read)) { |
|
| 131 | + if ($read === false) { |
|
| 132 | + /** |
|
| 133 | + * We cannot safely read from the file. Exit the |
|
| 134 | + * do-while loop and trigger the exception condition |
|
| 135 | + * |
|
| 136 | + * @var string|bool |
|
| 137 | + */ |
|
| 138 | + $buf = false; |
|
| 139 | + break; |
|
| 140 | + } |
|
| 141 | + } |
|
| 142 | + /** |
|
| 143 | + * Decrease the number of bytes returned from remaining |
|
| 144 | + */ |
|
| 145 | + $remaining -= RandomCompat_strlen($read); |
|
| 146 | + /** |
|
| 147 | + * @var string|bool |
|
| 148 | + */ |
|
| 149 | + $buf = $buf . $read; |
|
| 150 | + } while ($remaining > 0); |
|
| 151 | 151 | |
| 152 | - /** |
|
| 153 | - * Is our result valid? |
|
| 154 | - */ |
|
| 155 | - if (is_string($buf)) { |
|
| 156 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 157 | - /** |
|
| 158 | - * Return our random entropy buffer here: |
|
| 159 | - */ |
|
| 160 | - return $buf; |
|
| 161 | - } |
|
| 162 | - } |
|
| 163 | - } |
|
| 152 | + /** |
|
| 153 | + * Is our result valid? |
|
| 154 | + */ |
|
| 155 | + if (is_string($buf)) { |
|
| 156 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 157 | + /** |
|
| 158 | + * Return our random entropy buffer here: |
|
| 159 | + */ |
|
| 160 | + return $buf; |
|
| 161 | + } |
|
| 162 | + } |
|
| 163 | + } |
|
| 164 | 164 | |
| 165 | - /** |
|
| 166 | - * If we reach here, PHP has failed us. |
|
| 167 | - */ |
|
| 168 | - throw new Exception( |
|
| 169 | - 'Error reading from source device' |
|
| 170 | - ); |
|
| 171 | - } |
|
| 165 | + /** |
|
| 166 | + * If we reach here, PHP has failed us. |
|
| 167 | + */ |
|
| 168 | + throw new Exception( |
|
| 169 | + 'Error reading from source device' |
|
| 170 | + ); |
|
| 171 | + } |
|
| 172 | 172 | } |
@@ -26,11 +26,13 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!defined('RANDOM_COMPAT_READ_BUFFER')) { |
|
| 29 | +if (!defined('RANDOM_COMPAT_READ_BUFFER')) |
|
| 30 | +{ |
|
| 30 | 31 | define('RANDOM_COMPAT_READ_BUFFER', 8); |
| 31 | 32 | } |
| 32 | 33 | |
| 33 | -if (!is_callable('random_bytes')) { |
|
| 34 | +if (!is_callable('random_bytes')) |
|
| 35 | +{ |
|
| 34 | 36 | /** |
| 35 | 37 | * Unless open_basedir is enabled, use /dev/urandom for |
| 36 | 38 | * random numbers in accordance with best practices |
@@ -52,23 +54,27 @@ discard block |
||
| 52 | 54 | /** |
| 53 | 55 | * This block should only be run once |
| 54 | 56 | */ |
| 55 | - if (empty($fp)) { |
|
| 57 | + if (empty($fp)) |
|
| 58 | + { |
|
| 56 | 59 | /** |
| 57 | 60 | * We use /dev/urandom if it is a char device. |
| 58 | 61 | * We never fall back to /dev/random |
| 59 | 62 | */ |
| 60 | 63 | /** @var resource|bool $fp */ |
| 61 | 64 | $fp = fopen('/dev/urandom', 'rb'); |
| 62 | - if (is_resource($fp)) { |
|
| 65 | + if (is_resource($fp)) |
|
| 66 | + { |
|
| 63 | 67 | /** @var array<string, int> $st */ |
| 64 | 68 | $st = fstat($fp); |
| 65 | - if (($st['mode'] & 0170000) !== 020000) { |
|
| 69 | + if (($st['mode'] & 0170000) !== 020000) |
|
| 70 | + { |
|
| 66 | 71 | fclose($fp); |
| 67 | 72 | $fp = false; |
| 68 | 73 | } |
| 69 | 74 | } |
| 70 | 75 | |
| 71 | - if (is_resource($fp)) { |
|
| 76 | + if (is_resource($fp)) |
|
| 77 | + { |
|
| 72 | 78 | /** |
| 73 | 79 | * stream_set_read_buffer() does not exist in HHVM |
| 74 | 80 | * |
@@ -77,25 +83,31 @@ discard block |
||
| 77 | 83 | * |
| 78 | 84 | * stream_set_read_buffer returns 0 on success |
| 79 | 85 | */ |
| 80 | - if (is_callable('stream_set_read_buffer')) { |
|
| 86 | + if (is_callable('stream_set_read_buffer')) |
|
| 87 | + { |
|
| 81 | 88 | stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); |
| 82 | 89 | } |
| 83 | - if (is_callable('stream_set_chunk_size')) { |
|
| 90 | + if (is_callable('stream_set_chunk_size')) |
|
| 91 | + { |
|
| 84 | 92 | stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); |
| 85 | 93 | } |
| 86 | 94 | } |
| 87 | 95 | } |
| 88 | 96 | |
| 89 | - try { |
|
| 97 | + try |
|
| 98 | + { |
|
| 90 | 99 | /** @var int $bytes */ |
| 91 | 100 | $bytes = RandomCompat_intval($bytes); |
| 92 | - } catch (TypeError $ex) { |
|
| 101 | + } |
|
| 102 | + catch (TypeError $ex) |
|
| 103 | + { |
|
| 93 | 104 | throw new TypeError( |
| 94 | 105 | 'random_bytes(): $bytes must be an integer' |
| 95 | 106 | ); |
| 96 | 107 | } |
| 97 | 108 | |
| 98 | - if ($bytes < 1) { |
|
| 109 | + if ($bytes < 1) |
|
| 110 | + { |
|
| 99 | 111 | throw new Error( |
| 100 | 112 | 'Length must be greater than 0' |
| 101 | 113 | ); |
@@ -108,7 +120,8 @@ discard block |
||
| 108 | 120 | * if (empty($fp)) line is logic that should only be run once per |
| 109 | 121 | * page load. |
| 110 | 122 | */ |
| 111 | - if (is_resource($fp)) { |
|
| 123 | + if (is_resource($fp)) |
|
| 124 | + { |
|
| 112 | 125 | /** |
| 113 | 126 | * @var int |
| 114 | 127 | */ |
@@ -127,8 +140,10 @@ discard block |
||
| 127 | 140 | * @var string|bool |
| 128 | 141 | */ |
| 129 | 142 | $read = fread($fp, $remaining); |
| 130 | - if (!is_string($read)) { |
|
| 131 | - if ($read === false) { |
|
| 143 | + if (!is_string($read)) |
|
| 144 | + { |
|
| 145 | + if ($read === false) |
|
| 146 | + { |
|
| 132 | 147 | /** |
| 133 | 148 | * We cannot safely read from the file. Exit the |
| 134 | 149 | * do-while loop and trigger the exception condition |
@@ -152,8 +167,10 @@ discard block |
||
| 152 | 167 | /** |
| 153 | 168 | * Is our result valid? |
| 154 | 169 | */ |
| 155 | - if (is_string($buf)) { |
|
| 156 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 170 | + if (is_string($buf)) |
|
| 171 | + { |
|
| 172 | + if (RandomCompat_strlen($buf) === $bytes) |
|
| 173 | + { |
|
| 157 | 174 | /** |
| 158 | 175 | * Return our random entropy buffer here: |
| 159 | 176 | */ |
@@ -27,169 +27,169 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('RandomCompat_strlen')) { |
| 30 | - if ( |
|
| 31 | - defined('MB_OVERLOAD_STRING') |
|
| 32 | - && |
|
| 33 | - ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 34 | - ) { |
|
| 35 | - /** |
|
| 36 | - * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 37 | - * |
|
| 38 | - * This version uses mb_strlen() in '8bit' mode to treat strings as raw |
|
| 39 | - * binary rather than UTF-8, ISO-8859-1, etc |
|
| 40 | - * |
|
| 41 | - * @param string $binary_string |
|
| 42 | - * |
|
| 43 | - * @throws TypeError |
|
| 44 | - * |
|
| 45 | - * @return int |
|
| 46 | - */ |
|
| 47 | - function RandomCompat_strlen($binary_string) |
|
| 48 | - { |
|
| 49 | - if (!is_string($binary_string)) { |
|
| 50 | - throw new TypeError( |
|
| 51 | - 'RandomCompat_strlen() expects a string' |
|
| 52 | - ); |
|
| 53 | - } |
|
| 30 | + if ( |
|
| 31 | + defined('MB_OVERLOAD_STRING') |
|
| 32 | + && |
|
| 33 | + ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 34 | + ) { |
|
| 35 | + /** |
|
| 36 | + * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 37 | + * |
|
| 38 | + * This version uses mb_strlen() in '8bit' mode to treat strings as raw |
|
| 39 | + * binary rather than UTF-8, ISO-8859-1, etc |
|
| 40 | + * |
|
| 41 | + * @param string $binary_string |
|
| 42 | + * |
|
| 43 | + * @throws TypeError |
|
| 44 | + * |
|
| 45 | + * @return int |
|
| 46 | + */ |
|
| 47 | + function RandomCompat_strlen($binary_string) |
|
| 48 | + { |
|
| 49 | + if (!is_string($binary_string)) { |
|
| 50 | + throw new TypeError( |
|
| 51 | + 'RandomCompat_strlen() expects a string' |
|
| 52 | + ); |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - return (int) mb_strlen($binary_string, '8bit'); |
|
| 56 | - } |
|
| 55 | + return (int) mb_strlen($binary_string, '8bit'); |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | - } else { |
|
| 59 | - /** |
|
| 60 | - * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 61 | - * |
|
| 62 | - * This version just used the default strlen() |
|
| 63 | - * |
|
| 64 | - * @param string $binary_string |
|
| 65 | - * |
|
| 66 | - * @throws TypeError |
|
| 67 | - * |
|
| 68 | - * @return int |
|
| 69 | - */ |
|
| 70 | - function RandomCompat_strlen($binary_string) |
|
| 71 | - { |
|
| 72 | - if (!is_string($binary_string)) { |
|
| 73 | - throw new TypeError( |
|
| 74 | - 'RandomCompat_strlen() expects a string' |
|
| 75 | - ); |
|
| 76 | - } |
|
| 77 | - return (int) strlen($binary_string); |
|
| 78 | - } |
|
| 79 | - } |
|
| 58 | + } else { |
|
| 59 | + /** |
|
| 60 | + * strlen() implementation that isn't brittle to mbstring.func_overload |
|
| 61 | + * |
|
| 62 | + * This version just used the default strlen() |
|
| 63 | + * |
|
| 64 | + * @param string $binary_string |
|
| 65 | + * |
|
| 66 | + * @throws TypeError |
|
| 67 | + * |
|
| 68 | + * @return int |
|
| 69 | + */ |
|
| 70 | + function RandomCompat_strlen($binary_string) |
|
| 71 | + { |
|
| 72 | + if (!is_string($binary_string)) { |
|
| 73 | + throw new TypeError( |
|
| 74 | + 'RandomCompat_strlen() expects a string' |
|
| 75 | + ); |
|
| 76 | + } |
|
| 77 | + return (int) strlen($binary_string); |
|
| 78 | + } |
|
| 79 | + } |
|
| 80 | 80 | } |
| 81 | 81 | |
| 82 | 82 | if (!is_callable('RandomCompat_substr')) { |
| 83 | 83 | |
| 84 | - if ( |
|
| 85 | - defined('MB_OVERLOAD_STRING') |
|
| 86 | - && |
|
| 87 | - ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 88 | - ) { |
|
| 89 | - /** |
|
| 90 | - * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 91 | - * |
|
| 92 | - * This version uses mb_substr() in '8bit' mode to treat strings as raw |
|
| 93 | - * binary rather than UTF-8, ISO-8859-1, etc |
|
| 94 | - * |
|
| 95 | - * @param string $binary_string |
|
| 96 | - * @param int $start |
|
| 97 | - * @param int|null $length (optional) |
|
| 98 | - * |
|
| 99 | - * @throws TypeError |
|
| 100 | - * |
|
| 101 | - * @return string |
|
| 102 | - */ |
|
| 103 | - function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 104 | - { |
|
| 105 | - if (!is_string($binary_string)) { |
|
| 106 | - throw new TypeError( |
|
| 107 | - 'RandomCompat_substr(): First argument should be a string' |
|
| 108 | - ); |
|
| 109 | - } |
|
| 84 | + if ( |
|
| 85 | + defined('MB_OVERLOAD_STRING') |
|
| 86 | + && |
|
| 87 | + ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING |
|
| 88 | + ) { |
|
| 89 | + /** |
|
| 90 | + * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 91 | + * |
|
| 92 | + * This version uses mb_substr() in '8bit' mode to treat strings as raw |
|
| 93 | + * binary rather than UTF-8, ISO-8859-1, etc |
|
| 94 | + * |
|
| 95 | + * @param string $binary_string |
|
| 96 | + * @param int $start |
|
| 97 | + * @param int|null $length (optional) |
|
| 98 | + * |
|
| 99 | + * @throws TypeError |
|
| 100 | + * |
|
| 101 | + * @return string |
|
| 102 | + */ |
|
| 103 | + function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 104 | + { |
|
| 105 | + if (!is_string($binary_string)) { |
|
| 106 | + throw new TypeError( |
|
| 107 | + 'RandomCompat_substr(): First argument should be a string' |
|
| 108 | + ); |
|
| 109 | + } |
|
| 110 | 110 | |
| 111 | - if (!is_int($start)) { |
|
| 112 | - throw new TypeError( |
|
| 113 | - 'RandomCompat_substr(): Second argument should be an integer' |
|
| 114 | - ); |
|
| 115 | - } |
|
| 111 | + if (!is_int($start)) { |
|
| 112 | + throw new TypeError( |
|
| 113 | + 'RandomCompat_substr(): Second argument should be an integer' |
|
| 114 | + ); |
|
| 115 | + } |
|
| 116 | 116 | |
| 117 | - if ($length === null) { |
|
| 118 | - /** |
|
| 119 | - * mb_substr($str, 0, NULL, '8bit') returns an empty string on |
|
| 120 | - * PHP 5.3, so we have to find the length ourselves. |
|
| 121 | - */ |
|
| 122 | - /** @var int $length */ |
|
| 123 | - $length = RandomCompat_strlen($binary_string) - $start; |
|
| 124 | - } elseif (!is_int($length)) { |
|
| 125 | - throw new TypeError( |
|
| 126 | - 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 127 | - ); |
|
| 128 | - } |
|
| 117 | + if ($length === null) { |
|
| 118 | + /** |
|
| 119 | + * mb_substr($str, 0, NULL, '8bit') returns an empty string on |
|
| 120 | + * PHP 5.3, so we have to find the length ourselves. |
|
| 121 | + */ |
|
| 122 | + /** @var int $length */ |
|
| 123 | + $length = RandomCompat_strlen($binary_string) - $start; |
|
| 124 | + } elseif (!is_int($length)) { |
|
| 125 | + throw new TypeError( |
|
| 126 | + 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 127 | + ); |
|
| 128 | + } |
|
| 129 | 129 | |
| 130 | - // Consistency with PHP's behavior |
|
| 131 | - if ($start === RandomCompat_strlen($binary_string) && $length === 0) { |
|
| 132 | - return ''; |
|
| 133 | - } |
|
| 134 | - if ($start > RandomCompat_strlen($binary_string)) { |
|
| 135 | - return ''; |
|
| 136 | - } |
|
| 130 | + // Consistency with PHP's behavior |
|
| 131 | + if ($start === RandomCompat_strlen($binary_string) && $length === 0) { |
|
| 132 | + return ''; |
|
| 133 | + } |
|
| 134 | + if ($start > RandomCompat_strlen($binary_string)) { |
|
| 135 | + return ''; |
|
| 136 | + } |
|
| 137 | 137 | |
| 138 | - return (string) mb_substr( |
|
| 139 | - (string) $binary_string, |
|
| 140 | - (int) $start, |
|
| 141 | - (int) $length, |
|
| 142 | - '8bit' |
|
| 143 | - ); |
|
| 144 | - } |
|
| 138 | + return (string) mb_substr( |
|
| 139 | + (string) $binary_string, |
|
| 140 | + (int) $start, |
|
| 141 | + (int) $length, |
|
| 142 | + '8bit' |
|
| 143 | + ); |
|
| 144 | + } |
|
| 145 | 145 | |
| 146 | - } else { |
|
| 146 | + } else { |
|
| 147 | 147 | |
| 148 | - /** |
|
| 149 | - * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 150 | - * |
|
| 151 | - * This version just uses the default substr() |
|
| 152 | - * |
|
| 153 | - * @param string $binary_string |
|
| 154 | - * @param int $start |
|
| 155 | - * @param int|null $length (optional) |
|
| 156 | - * |
|
| 157 | - * @throws TypeError |
|
| 158 | - * |
|
| 159 | - * @return string |
|
| 160 | - */ |
|
| 161 | - function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 162 | - { |
|
| 163 | - if (!is_string($binary_string)) { |
|
| 164 | - throw new TypeError( |
|
| 165 | - 'RandomCompat_substr(): First argument should be a string' |
|
| 166 | - ); |
|
| 167 | - } |
|
| 148 | + /** |
|
| 149 | + * substr() implementation that isn't brittle to mbstring.func_overload |
|
| 150 | + * |
|
| 151 | + * This version just uses the default substr() |
|
| 152 | + * |
|
| 153 | + * @param string $binary_string |
|
| 154 | + * @param int $start |
|
| 155 | + * @param int|null $length (optional) |
|
| 156 | + * |
|
| 157 | + * @throws TypeError |
|
| 158 | + * |
|
| 159 | + * @return string |
|
| 160 | + */ |
|
| 161 | + function RandomCompat_substr($binary_string, $start, $length = null) |
|
| 162 | + { |
|
| 163 | + if (!is_string($binary_string)) { |
|
| 164 | + throw new TypeError( |
|
| 165 | + 'RandomCompat_substr(): First argument should be a string' |
|
| 166 | + ); |
|
| 167 | + } |
|
| 168 | 168 | |
| 169 | - if (!is_int($start)) { |
|
| 170 | - throw new TypeError( |
|
| 171 | - 'RandomCompat_substr(): Second argument should be an integer' |
|
| 172 | - ); |
|
| 173 | - } |
|
| 169 | + if (!is_int($start)) { |
|
| 170 | + throw new TypeError( |
|
| 171 | + 'RandomCompat_substr(): Second argument should be an integer' |
|
| 172 | + ); |
|
| 173 | + } |
|
| 174 | 174 | |
| 175 | - if ($length !== null) { |
|
| 176 | - if (!is_int($length)) { |
|
| 177 | - throw new TypeError( |
|
| 178 | - 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 179 | - ); |
|
| 180 | - } |
|
| 175 | + if ($length !== null) { |
|
| 176 | + if (!is_int($length)) { |
|
| 177 | + throw new TypeError( |
|
| 178 | + 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
|
| 179 | + ); |
|
| 180 | + } |
|
| 181 | 181 | |
| 182 | - return (string) substr( |
|
| 183 | - (string )$binary_string, |
|
| 184 | - (int) $start, |
|
| 185 | - (int) $length |
|
| 186 | - ); |
|
| 187 | - } |
|
| 182 | + return (string) substr( |
|
| 183 | + (string )$binary_string, |
|
| 184 | + (int) $start, |
|
| 185 | + (int) $length |
|
| 186 | + ); |
|
| 187 | + } |
|
| 188 | 188 | |
| 189 | - return (string) substr( |
|
| 190 | - (string) $binary_string, |
|
| 191 | - (int) $start |
|
| 192 | - ); |
|
| 193 | - } |
|
| 194 | - } |
|
| 189 | + return (string) substr( |
|
| 190 | + (string) $binary_string, |
|
| 191 | + (int) $start |
|
| 192 | + ); |
|
| 193 | + } |
|
| 194 | + } |
|
| 195 | 195 | } |
@@ -180,7 +180,7 @@ |
||
| 180 | 180 | } |
| 181 | 181 | |
| 182 | 182 | return (string) substr( |
| 183 | - (string )$binary_string, |
|
| 183 | + (string) $binary_string, |
|
| 184 | 184 | (int) $start, |
| 185 | 185 | (int) $length |
| 186 | 186 | ); |
@@ -26,7 +26,8 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!is_callable('RandomCompat_strlen')) { |
|
| 29 | +if (!is_callable('RandomCompat_strlen')) |
|
| 30 | +{ |
|
| 30 | 31 | if ( |
| 31 | 32 | defined('MB_OVERLOAD_STRING') |
| 32 | 33 | && |
@@ -46,7 +47,8 @@ discard block |
||
| 46 | 47 | */ |
| 47 | 48 | function RandomCompat_strlen($binary_string) |
| 48 | 49 | { |
| 49 | - if (!is_string($binary_string)) { |
|
| 50 | + if (!is_string($binary_string)) |
|
| 51 | + { |
|
| 50 | 52 | throw new TypeError( |
| 51 | 53 | 'RandomCompat_strlen() expects a string' |
| 52 | 54 | ); |
@@ -55,7 +57,9 @@ discard block |
||
| 55 | 57 | return (int) mb_strlen($binary_string, '8bit'); |
| 56 | 58 | } |
| 57 | 59 | |
| 58 | - } else { |
|
| 60 | + } |
|
| 61 | + else |
|
| 62 | + { |
|
| 59 | 63 | /** |
| 60 | 64 | * strlen() implementation that isn't brittle to mbstring.func_overload |
| 61 | 65 | * |
@@ -69,7 +73,8 @@ discard block |
||
| 69 | 73 | */ |
| 70 | 74 | function RandomCompat_strlen($binary_string) |
| 71 | 75 | { |
| 72 | - if (!is_string($binary_string)) { |
|
| 76 | + if (!is_string($binary_string)) |
|
| 77 | + { |
|
| 73 | 78 | throw new TypeError( |
| 74 | 79 | 'RandomCompat_strlen() expects a string' |
| 75 | 80 | ); |
@@ -79,7 +84,8 @@ discard block |
||
| 79 | 84 | } |
| 80 | 85 | } |
| 81 | 86 | |
| 82 | -if (!is_callable('RandomCompat_substr')) { |
|
| 87 | +if (!is_callable('RandomCompat_substr')) |
|
| 88 | +{ |
|
| 83 | 89 | |
| 84 | 90 | if ( |
| 85 | 91 | defined('MB_OVERLOAD_STRING') |
@@ -102,36 +108,43 @@ discard block |
||
| 102 | 108 | */ |
| 103 | 109 | function RandomCompat_substr($binary_string, $start, $length = null) |
| 104 | 110 | { |
| 105 | - if (!is_string($binary_string)) { |
|
| 111 | + if (!is_string($binary_string)) |
|
| 112 | + { |
|
| 106 | 113 | throw new TypeError( |
| 107 | 114 | 'RandomCompat_substr(): First argument should be a string' |
| 108 | 115 | ); |
| 109 | 116 | } |
| 110 | 117 | |
| 111 | - if (!is_int($start)) { |
|
| 118 | + if (!is_int($start)) |
|
| 119 | + { |
|
| 112 | 120 | throw new TypeError( |
| 113 | 121 | 'RandomCompat_substr(): Second argument should be an integer' |
| 114 | 122 | ); |
| 115 | 123 | } |
| 116 | 124 | |
| 117 | - if ($length === null) { |
|
| 125 | + if ($length === null) |
|
| 126 | + { |
|
| 118 | 127 | /** |
| 119 | 128 | * mb_substr($str, 0, NULL, '8bit') returns an empty string on |
| 120 | 129 | * PHP 5.3, so we have to find the length ourselves. |
| 121 | 130 | */ |
| 122 | 131 | /** @var int $length */ |
| 123 | 132 | $length = RandomCompat_strlen($binary_string) - $start; |
| 124 | - } elseif (!is_int($length)) { |
|
| 133 | + } |
|
| 134 | + elseif (!is_int($length)) |
|
| 135 | + { |
|
| 125 | 136 | throw new TypeError( |
| 126 | 137 | 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
| 127 | 138 | ); |
| 128 | 139 | } |
| 129 | 140 | |
| 130 | 141 | // Consistency with PHP's behavior |
| 131 | - if ($start === RandomCompat_strlen($binary_string) && $length === 0) { |
|
| 142 | + if ($start === RandomCompat_strlen($binary_string) && $length === 0) |
|
| 143 | + { |
|
| 132 | 144 | return ''; |
| 133 | 145 | } |
| 134 | - if ($start > RandomCompat_strlen($binary_string)) { |
|
| 146 | + if ($start > RandomCompat_strlen($binary_string)) |
|
| 147 | + { |
|
| 135 | 148 | return ''; |
| 136 | 149 | } |
| 137 | 150 | |
@@ -143,7 +156,9 @@ discard block |
||
| 143 | 156 | ); |
| 144 | 157 | } |
| 145 | 158 | |
| 146 | - } else { |
|
| 159 | + } |
|
| 160 | + else |
|
| 161 | + { |
|
| 147 | 162 | |
| 148 | 163 | /** |
| 149 | 164 | * substr() implementation that isn't brittle to mbstring.func_overload |
@@ -160,20 +175,24 @@ discard block |
||
| 160 | 175 | */ |
| 161 | 176 | function RandomCompat_substr($binary_string, $start, $length = null) |
| 162 | 177 | { |
| 163 | - if (!is_string($binary_string)) { |
|
| 178 | + if (!is_string($binary_string)) |
|
| 179 | + { |
|
| 164 | 180 | throw new TypeError( |
| 165 | 181 | 'RandomCompat_substr(): First argument should be a string' |
| 166 | 182 | ); |
| 167 | 183 | } |
| 168 | 184 | |
| 169 | - if (!is_int($start)) { |
|
| 185 | + if (!is_int($start)) |
|
| 186 | + { |
|
| 170 | 187 | throw new TypeError( |
| 171 | 188 | 'RandomCompat_substr(): Second argument should be an integer' |
| 172 | 189 | ); |
| 173 | 190 | } |
| 174 | 191 | |
| 175 | - if ($length !== null) { |
|
| 176 | - if (!is_int($length)) { |
|
| 192 | + if ($length !== null) |
|
| 193 | + { |
|
| 194 | + if (!is_int($length)) |
|
| 195 | + { |
|
| 177 | 196 | throw new TypeError( |
| 178 | 197 | 'RandomCompat_substr(): Third argument should be an integer, or omitted' |
| 179 | 198 | ); |
@@ -27,53 +27,53 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * Powered by ext/mcrypt (and thankfully NOT libmcrypt) |
|
| 32 | - * |
|
| 33 | - * @ref https://bugs.php.net/bug.php?id=55169 |
|
| 34 | - * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386 |
|
| 35 | - * |
|
| 36 | - * @param int $bytes |
|
| 37 | - * |
|
| 38 | - * @throws Exception |
|
| 39 | - * |
|
| 40 | - * @return string |
|
| 41 | - */ |
|
| 42 | - function random_bytes($bytes) |
|
| 43 | - { |
|
| 44 | - try { |
|
| 45 | - /** @var int $bytes */ |
|
| 46 | - $bytes = RandomCompat_intval($bytes); |
|
| 47 | - } catch (TypeError $ex) { |
|
| 48 | - throw new TypeError( |
|
| 49 | - 'random_bytes(): $bytes must be an integer' |
|
| 50 | - ); |
|
| 51 | - } |
|
| 30 | + /** |
|
| 31 | + * Powered by ext/mcrypt (and thankfully NOT libmcrypt) |
|
| 32 | + * |
|
| 33 | + * @ref https://bugs.php.net/bug.php?id=55169 |
|
| 34 | + * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386 |
|
| 35 | + * |
|
| 36 | + * @param int $bytes |
|
| 37 | + * |
|
| 38 | + * @throws Exception |
|
| 39 | + * |
|
| 40 | + * @return string |
|
| 41 | + */ |
|
| 42 | + function random_bytes($bytes) |
|
| 43 | + { |
|
| 44 | + try { |
|
| 45 | + /** @var int $bytes */ |
|
| 46 | + $bytes = RandomCompat_intval($bytes); |
|
| 47 | + } catch (TypeError $ex) { |
|
| 48 | + throw new TypeError( |
|
| 49 | + 'random_bytes(): $bytes must be an integer' |
|
| 50 | + ); |
|
| 51 | + } |
|
| 52 | 52 | |
| 53 | - if ($bytes < 1) { |
|
| 54 | - throw new Error( |
|
| 55 | - 'Length must be greater than 0' |
|
| 56 | - ); |
|
| 57 | - } |
|
| 53 | + if ($bytes < 1) { |
|
| 54 | + throw new Error( |
|
| 55 | + 'Length must be greater than 0' |
|
| 56 | + ); |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - /** @var string|bool $buf */ |
|
| 60 | - $buf = @mcrypt_create_iv((int) $bytes, (int) MCRYPT_DEV_URANDOM); |
|
| 61 | - if ( |
|
| 62 | - is_string($buf) |
|
| 63 | - && |
|
| 64 | - RandomCompat_strlen($buf) === $bytes |
|
| 65 | - ) { |
|
| 66 | - /** |
|
| 67 | - * Return our random entropy buffer here: |
|
| 68 | - */ |
|
| 69 | - return $buf; |
|
| 70 | - } |
|
| 59 | + /** @var string|bool $buf */ |
|
| 60 | + $buf = @mcrypt_create_iv((int) $bytes, (int) MCRYPT_DEV_URANDOM); |
|
| 61 | + if ( |
|
| 62 | + is_string($buf) |
|
| 63 | + && |
|
| 64 | + RandomCompat_strlen($buf) === $bytes |
|
| 65 | + ) { |
|
| 66 | + /** |
|
| 67 | + * Return our random entropy buffer here: |
|
| 68 | + */ |
|
| 69 | + return $buf; |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - /** |
|
| 73 | - * If we reach here, PHP has failed us. |
|
| 74 | - */ |
|
| 75 | - throw new Exception( |
|
| 76 | - 'Could not gather sufficient random data' |
|
| 77 | - ); |
|
| 78 | - } |
|
| 72 | + /** |
|
| 73 | + * If we reach here, PHP has failed us. |
|
| 74 | + */ |
|
| 75 | + throw new Exception( |
|
| 76 | + 'Could not gather sufficient random data' |
|
| 77 | + ); |
|
| 78 | + } |
|
| 79 | 79 | } |
@@ -26,7 +26,8 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!is_callable('random_bytes')) { |
|
| 29 | +if (!is_callable('random_bytes')) |
|
| 30 | +{ |
|
| 30 | 31 | /** |
| 31 | 32 | * Powered by ext/mcrypt (and thankfully NOT libmcrypt) |
| 32 | 33 | * |
@@ -41,16 +42,20 @@ discard block |
||
| 41 | 42 | */ |
| 42 | 43 | function random_bytes($bytes) |
| 43 | 44 | { |
| 44 | - try { |
|
| 45 | + try |
|
| 46 | + { |
|
| 45 | 47 | /** @var int $bytes */ |
| 46 | 48 | $bytes = RandomCompat_intval($bytes); |
| 47 | - } catch (TypeError $ex) { |
|
| 49 | + } |
|
| 50 | + catch (TypeError $ex) |
|
| 51 | + { |
|
| 48 | 52 | throw new TypeError( |
| 49 | 53 | 'random_bytes(): $bytes must be an integer' |
| 50 | 54 | ); |
| 51 | 55 | } |
| 52 | 56 | |
| 53 | - if ($bytes < 1) { |
|
| 57 | + if ($bytes < 1) |
|
| 58 | + { |
|
| 54 | 59 | throw new Error( |
| 55 | 60 | 'Length must be greater than 0' |
| 56 | 61 | ); |
@@ -27,65 +27,65 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * Windows with PHP < 5.3.0 will not have the function |
|
| 32 | - * openssl_random_pseudo_bytes() available, so let's use |
|
| 33 | - * CAPICOM to work around this deficiency. |
|
| 34 | - * |
|
| 35 | - * @param int $bytes |
|
| 36 | - * |
|
| 37 | - * @throws Exception |
|
| 38 | - * |
|
| 39 | - * @return string |
|
| 40 | - */ |
|
| 41 | - function random_bytes($bytes) |
|
| 42 | - { |
|
| 43 | - try { |
|
| 44 | - /** @var int $bytes */ |
|
| 45 | - $bytes = RandomCompat_intval($bytes); |
|
| 46 | - } catch (TypeError $ex) { |
|
| 47 | - throw new TypeError( |
|
| 48 | - 'random_bytes(): $bytes must be an integer' |
|
| 49 | - ); |
|
| 50 | - } |
|
| 30 | + /** |
|
| 31 | + * Windows with PHP < 5.3.0 will not have the function |
|
| 32 | + * openssl_random_pseudo_bytes() available, so let's use |
|
| 33 | + * CAPICOM to work around this deficiency. |
|
| 34 | + * |
|
| 35 | + * @param int $bytes |
|
| 36 | + * |
|
| 37 | + * @throws Exception |
|
| 38 | + * |
|
| 39 | + * @return string |
|
| 40 | + */ |
|
| 41 | + function random_bytes($bytes) |
|
| 42 | + { |
|
| 43 | + try { |
|
| 44 | + /** @var int $bytes */ |
|
| 45 | + $bytes = RandomCompat_intval($bytes); |
|
| 46 | + } catch (TypeError $ex) { |
|
| 47 | + throw new TypeError( |
|
| 48 | + 'random_bytes(): $bytes must be an integer' |
|
| 49 | + ); |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - if ($bytes < 1) { |
|
| 53 | - throw new Error( |
|
| 54 | - 'Length must be greater than 0' |
|
| 55 | - ); |
|
| 56 | - } |
|
| 52 | + if ($bytes < 1) { |
|
| 53 | + throw new Error( |
|
| 54 | + 'Length must be greater than 0' |
|
| 55 | + ); |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | - /** @var string $buf */ |
|
| 59 | - $buf = ''; |
|
| 60 | - if (!class_exists('COM')) { |
|
| 61 | - throw new Error( |
|
| 62 | - 'COM does not exist' |
|
| 63 | - ); |
|
| 64 | - } |
|
| 65 | - /** @var COM $util */ |
|
| 66 | - $util = new COM('CAPICOM.Utilities.1'); |
|
| 67 | - $execCount = 0; |
|
| 58 | + /** @var string $buf */ |
|
| 59 | + $buf = ''; |
|
| 60 | + if (!class_exists('COM')) { |
|
| 61 | + throw new Error( |
|
| 62 | + 'COM does not exist' |
|
| 63 | + ); |
|
| 64 | + } |
|
| 65 | + /** @var COM $util */ |
|
| 66 | + $util = new COM('CAPICOM.Utilities.1'); |
|
| 67 | + $execCount = 0; |
|
| 68 | 68 | |
| 69 | - /** |
|
| 70 | - * Let's not let it loop forever. If we run N times and fail to |
|
| 71 | - * get N bytes of random data, then CAPICOM has failed us. |
|
| 72 | - */ |
|
| 73 | - do { |
|
| 74 | - $buf .= base64_decode((string) $util->GetRandom($bytes, 0)); |
|
| 75 | - if (RandomCompat_strlen($buf) >= $bytes) { |
|
| 76 | - /** |
|
| 77 | - * Return our random entropy buffer here: |
|
| 78 | - */ |
|
| 79 | - return (string) RandomCompat_substr($buf, 0, $bytes); |
|
| 80 | - } |
|
| 81 | - ++$execCount; |
|
| 82 | - } while ($execCount < $bytes); |
|
| 69 | + /** |
|
| 70 | + * Let's not let it loop forever. If we run N times and fail to |
|
| 71 | + * get N bytes of random data, then CAPICOM has failed us. |
|
| 72 | + */ |
|
| 73 | + do { |
|
| 74 | + $buf .= base64_decode((string) $util->GetRandom($bytes, 0)); |
|
| 75 | + if (RandomCompat_strlen($buf) >= $bytes) { |
|
| 76 | + /** |
|
| 77 | + * Return our random entropy buffer here: |
|
| 78 | + */ |
|
| 79 | + return (string) RandomCompat_substr($buf, 0, $bytes); |
|
| 80 | + } |
|
| 81 | + ++$execCount; |
|
| 82 | + } while ($execCount < $bytes); |
|
| 83 | 83 | |
| 84 | - /** |
|
| 85 | - * If we reach here, PHP has failed us. |
|
| 86 | - */ |
|
| 87 | - throw new Exception( |
|
| 88 | - 'Could not gather sufficient random data' |
|
| 89 | - ); |
|
| 90 | - } |
|
| 84 | + /** |
|
| 85 | + * If we reach here, PHP has failed us. |
|
| 86 | + */ |
|
| 87 | + throw new Exception( |
|
| 88 | + 'Could not gather sufficient random data' |
|
| 89 | + ); |
|
| 90 | + } |
|
| 91 | 91 | } |
| 92 | 92 | \ No newline at end of file |
@@ -26,7 +26,8 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!is_callable('random_bytes')) { |
|
| 29 | +if (!is_callable('random_bytes')) |
|
| 30 | +{ |
|
| 30 | 31 | /** |
| 31 | 32 | * Windows with PHP < 5.3.0 will not have the function |
| 32 | 33 | * openssl_random_pseudo_bytes() available, so let's use |
@@ -40,16 +41,20 @@ discard block |
||
| 40 | 41 | */ |
| 41 | 42 | function random_bytes($bytes) |
| 42 | 43 | { |
| 43 | - try { |
|
| 44 | + try |
|
| 45 | + { |
|
| 44 | 46 | /** @var int $bytes */ |
| 45 | 47 | $bytes = RandomCompat_intval($bytes); |
| 46 | - } catch (TypeError $ex) { |
|
| 48 | + } |
|
| 49 | + catch (TypeError $ex) |
|
| 50 | + { |
|
| 47 | 51 | throw new TypeError( |
| 48 | 52 | 'random_bytes(): $bytes must be an integer' |
| 49 | 53 | ); |
| 50 | 54 | } |
| 51 | 55 | |
| 52 | - if ($bytes < 1) { |
|
| 56 | + if ($bytes < 1) |
|
| 57 | + { |
|
| 53 | 58 | throw new Error( |
| 54 | 59 | 'Length must be greater than 0' |
| 55 | 60 | ); |
@@ -57,7 +62,8 @@ discard block |
||
| 57 | 62 | |
| 58 | 63 | /** @var string $buf */ |
| 59 | 64 | $buf = ''; |
| 60 | - if (!class_exists('COM')) { |
|
| 65 | + if (!class_exists('COM')) |
|
| 66 | + { |
|
| 61 | 67 | throw new Error( |
| 62 | 68 | 'COM does not exist' |
| 63 | 69 | ); |
@@ -72,7 +78,8 @@ discard block |
||
| 72 | 78 | */ |
| 73 | 79 | do { |
| 74 | 80 | $buf .= base64_decode((string) $util->GetRandom($bytes, 0)); |
| 75 | - if (RandomCompat_strlen($buf) >= $bytes) { |
|
| 81 | + if (RandomCompat_strlen($buf) >= $bytes) |
|
| 82 | + { |
|
| 76 | 83 | /** |
| 77 | 84 | * Return our random entropy buffer here: |
| 78 | 85 | */ |
@@ -1,204 +1,204 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | 3 | if (!is_callable('random_int')) { |
| 4 | - /** |
|
| 5 | - * Random_* Compatibility Library |
|
| 6 | - * for using the new PHP 7 random_* API in PHP 5 projects |
|
| 7 | - * |
|
| 8 | - * The MIT License (MIT) |
|
| 9 | - * |
|
| 10 | - * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises |
|
| 11 | - * |
|
| 12 | - * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
| 13 | - * of this software and associated documentation files (the "Software"), to deal |
|
| 14 | - * in the Software without restriction, including without limitation the rights |
|
| 15 | - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
| 16 | - * copies of the Software, and to permit persons to whom the Software is |
|
| 17 | - * furnished to do so, subject to the following conditions: |
|
| 18 | - * |
|
| 19 | - * The above copyright notice and this permission notice shall be included in |
|
| 20 | - * all copies or substantial portions of the Software. |
|
| 21 | - * |
|
| 22 | - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
| 23 | - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
| 24 | - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
| 25 | - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
| 26 | - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
| 27 | - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
| 28 | - * SOFTWARE. |
|
| 29 | - */ |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * Fetch a random integer between $min and $max inclusive |
|
| 33 | - * |
|
| 34 | - * @param int $min |
|
| 35 | - * @param int $max |
|
| 36 | - * |
|
| 37 | - * @throws Exception |
|
| 38 | - * |
|
| 39 | - * @return int |
|
| 40 | - */ |
|
| 41 | - function random_int($min, $max) |
|
| 42 | - { |
|
| 43 | - /** |
|
| 44 | - * Type and input logic checks |
|
| 45 | - * |
|
| 46 | - * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) |
|
| 47 | - * (non-inclusive), it will sanely cast it to an int. If you it's equal to |
|
| 48 | - * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats |
|
| 49 | - * lose precision, so the <= and => operators might accidentally let a float |
|
| 50 | - * through. |
|
| 51 | - */ |
|
| 52 | - |
|
| 53 | - try { |
|
| 54 | - /** @var int $min */ |
|
| 55 | - $min = RandomCompat_intval($min); |
|
| 56 | - } catch (TypeError $ex) { |
|
| 57 | - throw new TypeError( |
|
| 58 | - 'random_int(): $min must be an integer' |
|
| 59 | - ); |
|
| 60 | - } |
|
| 61 | - |
|
| 62 | - try { |
|
| 63 | - /** @var int $max */ |
|
| 64 | - $max = RandomCompat_intval($max); |
|
| 65 | - } catch (TypeError $ex) { |
|
| 66 | - throw new TypeError( |
|
| 67 | - 'random_int(): $max must be an integer' |
|
| 68 | - ); |
|
| 69 | - } |
|
| 70 | - |
|
| 71 | - /** |
|
| 72 | - * Now that we've verified our weak typing system has given us an integer, |
|
| 73 | - * let's validate the logic then we can move forward with generating random |
|
| 74 | - * integers along a given range. |
|
| 75 | - */ |
|
| 76 | - if ($min > $max) { |
|
| 77 | - throw new Error( |
|
| 78 | - 'Minimum value must be less than or equal to the maximum value' |
|
| 79 | - ); |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - if ($max === $min) { |
|
| 83 | - return (int) $min; |
|
| 84 | - } |
|
| 85 | - |
|
| 86 | - /** |
|
| 87 | - * Initialize variables to 0 |
|
| 88 | - * |
|
| 89 | - * We want to store: |
|
| 90 | - * $bytes => the number of random bytes we need |
|
| 91 | - * $mask => an integer bitmask (for use with the &) operator |
|
| 92 | - * so we can minimize the number of discards |
|
| 93 | - */ |
|
| 94 | - $attempts = $bits = $bytes = $mask = $valueShift = 0; |
|
| 95 | - /** @var int $attempts */ |
|
| 96 | - /** @var int $bits */ |
|
| 97 | - /** @var int $bytes */ |
|
| 98 | - /** @var int $mask */ |
|
| 99 | - /** @var int $valueShift */ |
|
| 100 | - |
|
| 101 | - /** |
|
| 102 | - * At this point, $range is a positive number greater than 0. It might |
|
| 103 | - * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to |
|
| 104 | - * a float and we will lose some precision. |
|
| 105 | - * |
|
| 106 | - * @var int|float $range |
|
| 107 | - */ |
|
| 108 | - $range = $max - $min; |
|
| 109 | - |
|
| 110 | - /** |
|
| 111 | - * Test for integer overflow: |
|
| 112 | - */ |
|
| 113 | - if (!is_int($range)) { |
|
| 114 | - |
|
| 115 | - /** |
|
| 116 | - * Still safely calculate wider ranges. |
|
| 117 | - * Provided by @CodesInChaos, @oittaa |
|
| 118 | - * |
|
| 119 | - * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435 |
|
| 120 | - * |
|
| 121 | - * We use ~0 as a mask in this case because it generates all 1s |
|
| 122 | - * |
|
| 123 | - * @ref https://eval.in/400356 (32-bit) |
|
| 124 | - * @ref http://3v4l.org/XX9r5 (64-bit) |
|
| 125 | - */ |
|
| 126 | - $bytes = PHP_INT_SIZE; |
|
| 127 | - /** @var int $mask */ |
|
| 128 | - $mask = ~0; |
|
| 129 | - |
|
| 130 | - } else { |
|
| 131 | - |
|
| 132 | - /** |
|
| 133 | - * $bits is effectively ceil(log($range, 2)) without dealing with |
|
| 134 | - * type juggling |
|
| 135 | - */ |
|
| 136 | - while ($range > 0) { |
|
| 137 | - if ($bits % 8 === 0) { |
|
| 138 | - ++$bytes; |
|
| 139 | - } |
|
| 140 | - ++$bits; |
|
| 141 | - $range >>= 1; |
|
| 142 | - /** @var int $mask */ |
|
| 143 | - $mask = $mask << 1 | 1; |
|
| 144 | - } |
|
| 145 | - $valueShift = $min; |
|
| 146 | - } |
|
| 147 | - |
|
| 148 | - /** @var int $val */ |
|
| 149 | - $val = 0; |
|
| 150 | - /** |
|
| 151 | - * Now that we have our parameters set up, let's begin generating |
|
| 152 | - * random integers until one falls between $min and $max |
|
| 153 | - */ |
|
| 154 | - /** @psalm-suppress RedundantCondition */ |
|
| 155 | - do { |
|
| 156 | - /** |
|
| 157 | - * The rejection probability is at most 0.5, so this corresponds |
|
| 158 | - * to a failure probability of 2^-128 for a working RNG |
|
| 159 | - */ |
|
| 160 | - if ($attempts > 128) { |
|
| 161 | - throw new Exception( |
|
| 162 | - 'random_int: RNG is broken - too many rejections' |
|
| 163 | - ); |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - /** |
|
| 167 | - * Let's grab the necessary number of random bytes |
|
| 168 | - */ |
|
| 169 | - $randomByteString = random_bytes($bytes); |
|
| 170 | - |
|
| 171 | - /** |
|
| 172 | - * Let's turn $randomByteString into an integer |
|
| 173 | - * |
|
| 174 | - * This uses bitwise operators (<< and |) to build an integer |
|
| 175 | - * out of the values extracted from ord() |
|
| 176 | - * |
|
| 177 | - * Example: [9F] | [6D] | [32] | [0C] => |
|
| 178 | - * 159 + 27904 + 3276800 + 201326592 => |
|
| 179 | - * 204631455 |
|
| 180 | - */ |
|
| 181 | - $val &= 0; |
|
| 182 | - for ($i = 0; $i < $bytes; ++$i) { |
|
| 183 | - $val |= ord($randomByteString[$i]) << ($i * 8); |
|
| 184 | - } |
|
| 185 | - /** @var int $val */ |
|
| 186 | - |
|
| 187 | - /** |
|
| 188 | - * Apply mask |
|
| 189 | - */ |
|
| 190 | - $val &= $mask; |
|
| 191 | - $val += $valueShift; |
|
| 192 | - |
|
| 193 | - ++$attempts; |
|
| 194 | - /** |
|
| 195 | - * If $val overflows to a floating point number, |
|
| 196 | - * ... or is larger than $max, |
|
| 197 | - * ... or smaller than $min, |
|
| 198 | - * then try again. |
|
| 199 | - */ |
|
| 200 | - } while (!is_int($val) || $val > $max || $val < $min); |
|
| 201 | - |
|
| 202 | - return (int) $val; |
|
| 203 | - } |
|
| 4 | + /** |
|
| 5 | + * Random_* Compatibility Library |
|
| 6 | + * for using the new PHP 7 random_* API in PHP 5 projects |
|
| 7 | + * |
|
| 8 | + * The MIT License (MIT) |
|
| 9 | + * |
|
| 10 | + * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises |
|
| 11 | + * |
|
| 12 | + * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
| 13 | + * of this software and associated documentation files (the "Software"), to deal |
|
| 14 | + * in the Software without restriction, including without limitation the rights |
|
| 15 | + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
| 16 | + * copies of the Software, and to permit persons to whom the Software is |
|
| 17 | + * furnished to do so, subject to the following conditions: |
|
| 18 | + * |
|
| 19 | + * The above copyright notice and this permission notice shall be included in |
|
| 20 | + * all copies or substantial portions of the Software. |
|
| 21 | + * |
|
| 22 | + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
| 23 | + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
| 24 | + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
| 25 | + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
| 26 | + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
| 27 | + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
| 28 | + * SOFTWARE. |
|
| 29 | + */ |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * Fetch a random integer between $min and $max inclusive |
|
| 33 | + * |
|
| 34 | + * @param int $min |
|
| 35 | + * @param int $max |
|
| 36 | + * |
|
| 37 | + * @throws Exception |
|
| 38 | + * |
|
| 39 | + * @return int |
|
| 40 | + */ |
|
| 41 | + function random_int($min, $max) |
|
| 42 | + { |
|
| 43 | + /** |
|
| 44 | + * Type and input logic checks |
|
| 45 | + * |
|
| 46 | + * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX) |
|
| 47 | + * (non-inclusive), it will sanely cast it to an int. If you it's equal to |
|
| 48 | + * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats |
|
| 49 | + * lose precision, so the <= and => operators might accidentally let a float |
|
| 50 | + * through. |
|
| 51 | + */ |
|
| 52 | + |
|
| 53 | + try { |
|
| 54 | + /** @var int $min */ |
|
| 55 | + $min = RandomCompat_intval($min); |
|
| 56 | + } catch (TypeError $ex) { |
|
| 57 | + throw new TypeError( |
|
| 58 | + 'random_int(): $min must be an integer' |
|
| 59 | + ); |
|
| 60 | + } |
|
| 61 | + |
|
| 62 | + try { |
|
| 63 | + /** @var int $max */ |
|
| 64 | + $max = RandomCompat_intval($max); |
|
| 65 | + } catch (TypeError $ex) { |
|
| 66 | + throw new TypeError( |
|
| 67 | + 'random_int(): $max must be an integer' |
|
| 68 | + ); |
|
| 69 | + } |
|
| 70 | + |
|
| 71 | + /** |
|
| 72 | + * Now that we've verified our weak typing system has given us an integer, |
|
| 73 | + * let's validate the logic then we can move forward with generating random |
|
| 74 | + * integers along a given range. |
|
| 75 | + */ |
|
| 76 | + if ($min > $max) { |
|
| 77 | + throw new Error( |
|
| 78 | + 'Minimum value must be less than or equal to the maximum value' |
|
| 79 | + ); |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + if ($max === $min) { |
|
| 83 | + return (int) $min; |
|
| 84 | + } |
|
| 85 | + |
|
| 86 | + /** |
|
| 87 | + * Initialize variables to 0 |
|
| 88 | + * |
|
| 89 | + * We want to store: |
|
| 90 | + * $bytes => the number of random bytes we need |
|
| 91 | + * $mask => an integer bitmask (for use with the &) operator |
|
| 92 | + * so we can minimize the number of discards |
|
| 93 | + */ |
|
| 94 | + $attempts = $bits = $bytes = $mask = $valueShift = 0; |
|
| 95 | + /** @var int $attempts */ |
|
| 96 | + /** @var int $bits */ |
|
| 97 | + /** @var int $bytes */ |
|
| 98 | + /** @var int $mask */ |
|
| 99 | + /** @var int $valueShift */ |
|
| 100 | + |
|
| 101 | + /** |
|
| 102 | + * At this point, $range is a positive number greater than 0. It might |
|
| 103 | + * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to |
|
| 104 | + * a float and we will lose some precision. |
|
| 105 | + * |
|
| 106 | + * @var int|float $range |
|
| 107 | + */ |
|
| 108 | + $range = $max - $min; |
|
| 109 | + |
|
| 110 | + /** |
|
| 111 | + * Test for integer overflow: |
|
| 112 | + */ |
|
| 113 | + if (!is_int($range)) { |
|
| 114 | + |
|
| 115 | + /** |
|
| 116 | + * Still safely calculate wider ranges. |
|
| 117 | + * Provided by @CodesInChaos, @oittaa |
|
| 118 | + * |
|
| 119 | + * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435 |
|
| 120 | + * |
|
| 121 | + * We use ~0 as a mask in this case because it generates all 1s |
|
| 122 | + * |
|
| 123 | + * @ref https://eval.in/400356 (32-bit) |
|
| 124 | + * @ref http://3v4l.org/XX9r5 (64-bit) |
|
| 125 | + */ |
|
| 126 | + $bytes = PHP_INT_SIZE; |
|
| 127 | + /** @var int $mask */ |
|
| 128 | + $mask = ~0; |
|
| 129 | + |
|
| 130 | + } else { |
|
| 131 | + |
|
| 132 | + /** |
|
| 133 | + * $bits is effectively ceil(log($range, 2)) without dealing with |
|
| 134 | + * type juggling |
|
| 135 | + */ |
|
| 136 | + while ($range > 0) { |
|
| 137 | + if ($bits % 8 === 0) { |
|
| 138 | + ++$bytes; |
|
| 139 | + } |
|
| 140 | + ++$bits; |
|
| 141 | + $range >>= 1; |
|
| 142 | + /** @var int $mask */ |
|
| 143 | + $mask = $mask << 1 | 1; |
|
| 144 | + } |
|
| 145 | + $valueShift = $min; |
|
| 146 | + } |
|
| 147 | + |
|
| 148 | + /** @var int $val */ |
|
| 149 | + $val = 0; |
|
| 150 | + /** |
|
| 151 | + * Now that we have our parameters set up, let's begin generating |
|
| 152 | + * random integers until one falls between $min and $max |
|
| 153 | + */ |
|
| 154 | + /** @psalm-suppress RedundantCondition */ |
|
| 155 | + do { |
|
| 156 | + /** |
|
| 157 | + * The rejection probability is at most 0.5, so this corresponds |
|
| 158 | + * to a failure probability of 2^-128 for a working RNG |
|
| 159 | + */ |
|
| 160 | + if ($attempts > 128) { |
|
| 161 | + throw new Exception( |
|
| 162 | + 'random_int: RNG is broken - too many rejections' |
|
| 163 | + ); |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + /** |
|
| 167 | + * Let's grab the necessary number of random bytes |
|
| 168 | + */ |
|
| 169 | + $randomByteString = random_bytes($bytes); |
|
| 170 | + |
|
| 171 | + /** |
|
| 172 | + * Let's turn $randomByteString into an integer |
|
| 173 | + * |
|
| 174 | + * This uses bitwise operators (<< and |) to build an integer |
|
| 175 | + * out of the values extracted from ord() |
|
| 176 | + * |
|
| 177 | + * Example: [9F] | [6D] | [32] | [0C] => |
|
| 178 | + * 159 + 27904 + 3276800 + 201326592 => |
|
| 179 | + * 204631455 |
|
| 180 | + */ |
|
| 181 | + $val &= 0; |
|
| 182 | + for ($i = 0; $i < $bytes; ++$i) { |
|
| 183 | + $val |= ord($randomByteString[$i]) << ($i * 8); |
|
| 184 | + } |
|
| 185 | + /** @var int $val */ |
|
| 186 | + |
|
| 187 | + /** |
|
| 188 | + * Apply mask |
|
| 189 | + */ |
|
| 190 | + $val &= $mask; |
|
| 191 | + $val += $valueShift; |
|
| 192 | + |
|
| 193 | + ++$attempts; |
|
| 194 | + /** |
|
| 195 | + * If $val overflows to a floating point number, |
|
| 196 | + * ... or is larger than $max, |
|
| 197 | + * ... or smaller than $min, |
|
| 198 | + * then try again. |
|
| 199 | + */ |
|
| 200 | + } while (!is_int($val) || $val > $max || $val < $min); |
|
| 201 | + |
|
| 202 | + return (int) $val; |
|
| 203 | + } |
|
| 204 | 204 | } |
@@ -1,6 +1,7 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if (!is_callable('random_int')) { |
|
| 3 | +if (!is_callable('random_int')) |
|
| 4 | +{ |
|
| 4 | 5 | /** |
| 5 | 6 | * Random_* Compatibility Library |
| 6 | 7 | * for using the new PHP 7 random_* API in PHP 5 projects |
@@ -50,19 +51,25 @@ discard block |
||
| 50 | 51 | * through. |
| 51 | 52 | */ |
| 52 | 53 | |
| 53 | - try { |
|
| 54 | + try |
|
| 55 | + { |
|
| 54 | 56 | /** @var int $min */ |
| 55 | 57 | $min = RandomCompat_intval($min); |
| 56 | - } catch (TypeError $ex) { |
|
| 58 | + } |
|
| 59 | + catch (TypeError $ex) |
|
| 60 | + { |
|
| 57 | 61 | throw new TypeError( |
| 58 | 62 | 'random_int(): $min must be an integer' |
| 59 | 63 | ); |
| 60 | 64 | } |
| 61 | 65 | |
| 62 | - try { |
|
| 66 | + try |
|
| 67 | + { |
|
| 63 | 68 | /** @var int $max */ |
| 64 | 69 | $max = RandomCompat_intval($max); |
| 65 | - } catch (TypeError $ex) { |
|
| 70 | + } |
|
| 71 | + catch (TypeError $ex) |
|
| 72 | + { |
|
| 66 | 73 | throw new TypeError( |
| 67 | 74 | 'random_int(): $max must be an integer' |
| 68 | 75 | ); |
@@ -73,13 +80,15 @@ discard block |
||
| 73 | 80 | * let's validate the logic then we can move forward with generating random |
| 74 | 81 | * integers along a given range. |
| 75 | 82 | */ |
| 76 | - if ($min > $max) { |
|
| 83 | + if ($min > $max) |
|
| 84 | + { |
|
| 77 | 85 | throw new Error( |
| 78 | 86 | 'Minimum value must be less than or equal to the maximum value' |
| 79 | 87 | ); |
| 80 | 88 | } |
| 81 | 89 | |
| 82 | - if ($max === $min) { |
|
| 90 | + if ($max === $min) |
|
| 91 | + { |
|
| 83 | 92 | return (int) $min; |
| 84 | 93 | } |
| 85 | 94 | |
@@ -110,7 +119,8 @@ discard block |
||
| 110 | 119 | /** |
| 111 | 120 | * Test for integer overflow: |
| 112 | 121 | */ |
| 113 | - if (!is_int($range)) { |
|
| 122 | + if (!is_int($range)) |
|
| 123 | + { |
|
| 114 | 124 | |
| 115 | 125 | /** |
| 116 | 126 | * Still safely calculate wider ranges. |
@@ -127,14 +137,18 @@ discard block |
||
| 127 | 137 | /** @var int $mask */ |
| 128 | 138 | $mask = ~0; |
| 129 | 139 | |
| 130 | - } else { |
|
| 140 | + } |
|
| 141 | + else |
|
| 142 | + { |
|
| 131 | 143 | |
| 132 | 144 | /** |
| 133 | 145 | * $bits is effectively ceil(log($range, 2)) without dealing with |
| 134 | 146 | * type juggling |
| 135 | 147 | */ |
| 136 | - while ($range > 0) { |
|
| 137 | - if ($bits % 8 === 0) { |
|
| 148 | + while ($range > 0) |
|
| 149 | + { |
|
| 150 | + if ($bits % 8 === 0) |
|
| 151 | + { |
|
| 138 | 152 | ++$bytes; |
| 139 | 153 | } |
| 140 | 154 | ++$bits; |
@@ -157,7 +171,8 @@ discard block |
||
| 157 | 171 | * The rejection probability is at most 0.5, so this corresponds |
| 158 | 172 | * to a failure probability of 2^-128 for a working RNG |
| 159 | 173 | */ |
| 160 | - if ($attempts > 128) { |
|
| 174 | + if ($attempts > 128) |
|
| 175 | + { |
|
| 161 | 176 | throw new Exception( |
| 162 | 177 | 'random_int: RNG is broken - too many rejections' |
| 163 | 178 | ); |
@@ -179,7 +194,8 @@ discard block |
||
| 179 | 194 | * 204631455 |
| 180 | 195 | */ |
| 181 | 196 | $val &= 0; |
| 182 | - for ($i = 0; $i < $bytes; ++$i) { |
|
| 197 | + for ($i = 0; $i < $bytes; ++$i) |
|
| 198 | + { |
|
| 183 | 199 | $val |= ord($randomByteString[$i]) << ($i * 8); |
| 184 | 200 | } |
| 185 | 201 | /** @var int $val */ |
@@ -27,23 +27,23 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!class_exists('Error', false)) { |
| 30 | - // We can't really avoid making this extend Exception in PHP 5. |
|
| 31 | - class Error extends Exception |
|
| 32 | - { |
|
| 30 | + // We can't really avoid making this extend Exception in PHP 5. |
|
| 31 | + class Error extends Exception |
|
| 32 | + { |
|
| 33 | 33 | |
| 34 | - } |
|
| 34 | + } |
|
| 35 | 35 | } |
| 36 | 36 | |
| 37 | 37 | if (!class_exists('TypeError', false)) { |
| 38 | - if (is_subclass_of('Error', 'Exception')) { |
|
| 39 | - class TypeError extends Error |
|
| 40 | - { |
|
| 38 | + if (is_subclass_of('Error', 'Exception')) { |
|
| 39 | + class TypeError extends Error |
|
| 40 | + { |
|
| 41 | 41 | |
| 42 | - } |
|
| 43 | - } else { |
|
| 44 | - class TypeError extends Exception |
|
| 45 | - { |
|
| 42 | + } |
|
| 43 | + } else { |
|
| 44 | + class TypeError extends Exception |
|
| 45 | + { |
|
| 46 | 46 | |
| 47 | - } |
|
| 48 | - } |
|
| 47 | + } |
|
| 48 | + } |
|
| 49 | 49 | } |
@@ -26,7 +26,8 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!class_exists('Error', false)) { |
|
| 29 | +if (!class_exists('Error', false)) |
|
| 30 | +{ |
|
| 30 | 31 | // We can't really avoid making this extend Exception in PHP 5. |
| 31 | 32 | class Error extends Exception |
| 32 | 33 | { |
@@ -34,13 +35,17 @@ discard block |
||
| 34 | 35 | } |
| 35 | 36 | } |
| 36 | 37 | |
| 37 | -if (!class_exists('TypeError', false)) { |
|
| 38 | - if (is_subclass_of('Error', 'Exception')) { |
|
| 38 | +if (!class_exists('TypeError', false)) |
|
| 39 | +{ |
|
| 40 | + if (is_subclass_of('Error', 'Exception')) |
|
| 41 | + { |
|
| 39 | 42 | class TypeError extends Error |
| 40 | 43 | { |
| 41 | 44 | |
| 42 | 45 | } |
| 43 | - } else { |
|
| 46 | + } |
|
| 47 | + else |
|
| 48 | + { |
|
| 44 | 49 | class TypeError extends Exception |
| 45 | 50 | { |
| 46 | 51 | |
@@ -27,67 +27,67 @@ |
||
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | 29 | if (!is_callable('random_bytes')) { |
| 30 | - /** |
|
| 31 | - * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | - * solution. |
|
| 33 | - * |
|
| 34 | - * libsodium-php project: |
|
| 35 | - * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | - * |
|
| 37 | - * @param int $bytes |
|
| 38 | - * |
|
| 39 | - * @throws Exception |
|
| 40 | - * |
|
| 41 | - * @return string |
|
| 42 | - */ |
|
| 43 | - function random_bytes($bytes) |
|
| 44 | - { |
|
| 45 | - try { |
|
| 46 | - /** @var int $bytes */ |
|
| 47 | - $bytes = RandomCompat_intval($bytes); |
|
| 48 | - } catch (TypeError $ex) { |
|
| 49 | - throw new TypeError( |
|
| 50 | - 'random_bytes(): $bytes must be an integer' |
|
| 51 | - ); |
|
| 52 | - } |
|
| 30 | + /** |
|
| 31 | + * If the libsodium PHP extension is loaded, we'll use it above any other |
|
| 32 | + * solution. |
|
| 33 | + * |
|
| 34 | + * libsodium-php project: |
|
| 35 | + * @ref https://github.com/jedisct1/libsodium-php |
|
| 36 | + * |
|
| 37 | + * @param int $bytes |
|
| 38 | + * |
|
| 39 | + * @throws Exception |
|
| 40 | + * |
|
| 41 | + * @return string |
|
| 42 | + */ |
|
| 43 | + function random_bytes($bytes) |
|
| 44 | + { |
|
| 45 | + try { |
|
| 46 | + /** @var int $bytes */ |
|
| 47 | + $bytes = RandomCompat_intval($bytes); |
|
| 48 | + } catch (TypeError $ex) { |
|
| 49 | + throw new TypeError( |
|
| 50 | + 'random_bytes(): $bytes must be an integer' |
|
| 51 | + ); |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - if ($bytes < 1) { |
|
| 55 | - throw new Error( |
|
| 56 | - 'Length must be greater than 0' |
|
| 57 | - ); |
|
| 58 | - } |
|
| 54 | + if ($bytes < 1) { |
|
| 55 | + throw new Error( |
|
| 56 | + 'Length must be greater than 0' |
|
| 57 | + ); |
|
| 58 | + } |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * @var string |
|
| 62 | - */ |
|
| 63 | - $buf = ''; |
|
| 60 | + /** |
|
| 61 | + * @var string |
|
| 62 | + */ |
|
| 63 | + $buf = ''; |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 67 | - * generated in one invocation. |
|
| 68 | - */ |
|
| 69 | - if ($bytes > 2147483647) { |
|
| 70 | - for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 71 | - $n = ($bytes - $i) > 1073741824 |
|
| 72 | - ? 1073741824 |
|
| 73 | - : $bytes - $i; |
|
| 74 | - $buf .= Sodium::randombytes_buf((int) $n); |
|
| 75 | - } |
|
| 76 | - } else { |
|
| 77 | - $buf .= Sodium::randombytes_buf((int) $bytes); |
|
| 78 | - } |
|
| 65 | + /** |
|
| 66 | + * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
|
| 67 | + * generated in one invocation. |
|
| 68 | + */ |
|
| 69 | + if ($bytes > 2147483647) { |
|
| 70 | + for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 71 | + $n = ($bytes - $i) > 1073741824 |
|
| 72 | + ? 1073741824 |
|
| 73 | + : $bytes - $i; |
|
| 74 | + $buf .= Sodium::randombytes_buf((int) $n); |
|
| 75 | + } |
|
| 76 | + } else { |
|
| 77 | + $buf .= Sodium::randombytes_buf((int) $bytes); |
|
| 78 | + } |
|
| 79 | 79 | |
| 80 | - if (is_string($buf)) { |
|
| 81 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 82 | - return $buf; |
|
| 83 | - } |
|
| 84 | - } |
|
| 80 | + if (is_string($buf)) { |
|
| 81 | + if (RandomCompat_strlen($buf) === $bytes) { |
|
| 82 | + return $buf; |
|
| 83 | + } |
|
| 84 | + } |
|
| 85 | 85 | |
| 86 | - /** |
|
| 87 | - * If we reach here, PHP has failed us. |
|
| 88 | - */ |
|
| 89 | - throw new Exception( |
|
| 90 | - 'Could not gather sufficient random data' |
|
| 91 | - ); |
|
| 92 | - } |
|
| 86 | + /** |
|
| 87 | + * If we reach here, PHP has failed us. |
|
| 88 | + */ |
|
| 89 | + throw new Exception( |
|
| 90 | + 'Could not gather sufficient random data' |
|
| 91 | + ); |
|
| 92 | + } |
|
| 93 | 93 | } |
@@ -26,7 +26,8 @@ discard block |
||
| 26 | 26 | * SOFTWARE. |
| 27 | 27 | */ |
| 28 | 28 | |
| 29 | -if (!is_callable('random_bytes')) { |
|
| 29 | +if (!is_callable('random_bytes')) |
|
| 30 | +{ |
|
| 30 | 31 | /** |
| 31 | 32 | * If the libsodium PHP extension is loaded, we'll use it above any other |
| 32 | 33 | * solution. |
@@ -42,16 +43,20 @@ discard block |
||
| 42 | 43 | */ |
| 43 | 44 | function random_bytes($bytes) |
| 44 | 45 | { |
| 45 | - try { |
|
| 46 | + try |
|
| 47 | + { |
|
| 46 | 48 | /** @var int $bytes */ |
| 47 | 49 | $bytes = RandomCompat_intval($bytes); |
| 48 | - } catch (TypeError $ex) { |
|
| 50 | + } |
|
| 51 | + catch (TypeError $ex) |
|
| 52 | + { |
|
| 49 | 53 | throw new TypeError( |
| 50 | 54 | 'random_bytes(): $bytes must be an integer' |
| 51 | 55 | ); |
| 52 | 56 | } |
| 53 | 57 | |
| 54 | - if ($bytes < 1) { |
|
| 58 | + if ($bytes < 1) |
|
| 59 | + { |
|
| 55 | 60 | throw new Error( |
| 56 | 61 | 'Length must be greater than 0' |
| 57 | 62 | ); |
@@ -66,19 +71,25 @@ discard block |
||
| 66 | 71 | * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be |
| 67 | 72 | * generated in one invocation. |
| 68 | 73 | */ |
| 69 | - if ($bytes > 2147483647) { |
|
| 70 | - for ($i = 0; $i < $bytes; $i += 1073741824) { |
|
| 74 | + if ($bytes > 2147483647) |
|
| 75 | + { |
|
| 76 | + for ($i = 0; $i < $bytes; $i += 1073741824) |
|
| 77 | + { |
|
| 71 | 78 | $n = ($bytes - $i) > 1073741824 |
| 72 | 79 | ? 1073741824 |
| 73 | 80 | : $bytes - $i; |
| 74 | 81 | $buf .= Sodium::randombytes_buf((int) $n); |
| 75 | 82 | } |
| 76 | - } else { |
|
| 83 | + } |
|
| 84 | + else |
|
| 85 | + { |
|
| 77 | 86 | $buf .= Sodium::randombytes_buf((int) $bytes); |
| 78 | 87 | } |
| 79 | 88 | |
| 80 | - if (is_string($buf)) { |
|
| 81 | - if (RandomCompat_strlen($buf) === $bytes) { |
|
| 89 | + if (is_string($buf)) |
|
| 90 | + { |
|
| 91 | + if (RandomCompat_strlen($buf) === $bytes) |
|
| 92 | + { |
|
| 82 | 93 | return $buf; |
| 83 | 94 | } |
| 84 | 95 | } |
