Merge "Add support for PHP7 random_bytes in favor of mcrypt_create_iv"

[lhc/web/wiklou.git] / includes / libs / CryptRand.php

diff --git a/includes/libs/CryptRand.php b/includes/libs/CryptRand.php
index 10088f2..0d3613a 100644 (file)
--- a/includes/libs/CryptRand.php
+++ b/includes/libs/CryptRand.php
@@ -242,6 +242,21 @@ class CryptRand {
                        $this->strong = true;
                }
 
+               if ( strlen( $buffer ) < $bytes ) {
+                       // If available make use of PHP 7's random_bytes
+                       // On Linux, getrandom syscall will be used if available.
+                       // On Windows CryptGenRandom will always be used
+                       // On other platforms, /dev/urandom will be used.
+                       // All error situations will throw Exceptions and or Errors
+                       if ( function_exists( 'random_bytes' ) ) {
+                               $rem = $bytes - strlen( $buffer );
+                               $buffer .= random_bytes( $rem );
+                       }
+                       if ( strlen( $buffer ) >= $bytes ) {
+                               $this->strong = true;
+                       }
+               }
+
                if ( strlen( $buffer ) < $bytes ) {
                        // If available make use of mcrypt_create_iv URANDOM source to generate randomness
                        // On unix-like systems this reads from /dev/urandom but does it without any buffering