|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Copyright 2016 Facebook, Inc. |
|
4
|
|
|
* |
|
5
|
|
|
* You are hereby granted a non-exclusive, worldwide, royalty-free license to |
|
6
|
|
|
* use, copy, modify, and distribute this software in source code or binary |
|
7
|
|
|
* form for use in connection with the web services and APIs provided by |
|
8
|
|
|
* Facebook. |
|
9
|
|
|
* |
|
10
|
|
|
* As with any software that integrates with the Facebook platform, your use |
|
11
|
|
|
* of this software is subject to the Facebook Developer Principles and |
|
12
|
|
|
* Policies [http://developers.facebook.com/policy/]. This copyright notice |
|
13
|
|
|
* shall be included in all copies or substantial portions of the software. |
|
14
|
|
|
* |
|
15
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
16
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
17
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL |
|
18
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
19
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
|
20
|
|
|
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
|
21
|
|
|
* DEALINGS IN THE SOFTWARE. |
|
22
|
|
|
* |
|
23
|
|
|
*/ |
|
24
|
|
|
namespace Facebook\PseudoRandomString; |
|
25
|
|
|
|
|
26
|
|
|
use Facebook\Exceptions\FacebookSDKException; |
|
27
|
|
|
|
|
28
|
|
|
class OpenSslPseudoRandomStringGenerator implements PseudoRandomStringGeneratorInterface |
|
29
|
|
|
{ |
|
30
|
|
|
use PseudoRandomStringGeneratorTrait; |
|
31
|
|
|
|
|
32
|
|
|
/** |
|
33
|
|
|
* @const string The error message when generating the string fails. |
|
34
|
|
|
*/ |
|
35
|
|
|
const ERROR_MESSAGE = 'Unable to generate a cryptographically secure pseudo-random string from openssl_random_pseudo_bytes().'; |
|
36
|
|
|
|
|
37
|
|
|
/** |
|
38
|
|
|
* @throws FacebookSDKException |
|
39
|
|
|
*/ |
|
40
|
|
|
public function __construct() |
|
41
|
|
|
{ |
|
42
|
|
|
if (!function_exists('openssl_random_pseudo_bytes')) { |
|
43
|
|
|
throw new FacebookSDKException(static::ERROR_MESSAGE . 'The function openssl_random_pseudo_bytes() does not exist.'); |
|
44
|
|
|
} |
|
45
|
|
|
} |
|
46
|
|
|
|
|
47
|
|
|
/** |
|
48
|
|
|
* @inheritdoc |
|
49
|
|
|
*/ |
|
50
|
|
|
public function getPseudoRandomString($length) |
|
51
|
|
|
{ |
|
52
|
|
|
$this->validateLength($length); |
|
53
|
|
|
|
|
54
|
|
|
$wasCryptographicallyStrong = false; |
|
55
|
|
|
$binaryString = openssl_random_pseudo_bytes($length, $wasCryptographicallyStrong); |
|
56
|
|
|
|
|
57
|
|
|
if ($binaryString === false) { |
|
58
|
|
|
throw new FacebookSDKException(static::ERROR_MESSAGE . 'openssl_random_pseudo_bytes() returned an unknown error.'); |
|
59
|
|
|
} |
|
60
|
|
|
|
|
61
|
|
|
if ($wasCryptographicallyStrong !== true) { |
|
62
|
|
|
throw new FacebookSDKException(static::ERROR_MESSAGE . 'openssl_random_pseudo_bytes() returned a pseudo-random string but it was not cryptographically secure and cannot be used.'); |
|
63
|
|
|
} |
|
64
|
|
|
|
|
65
|
|
|
return $this->binToHex($binaryString, $length); |
|
66
|
|
|
} |
|
67
|
|
|
} |
|
68
|
|
|
|
facebook /
facebook-php-sdk-v4
