From 453e829ce056f2ae1462bcd7ed6be92d15134d6c Mon Sep 17 00:00:00 2001
From: Derk-Jan Hartman <hartman.wiki@gmail.com>
Date: Fri, 2 Dec 2016 13:48:19 +0100
Subject: [PATCH] Add support for PHP7 random_bytes in favor of
 mcrypt_create_iv

Bug: T143788
Change-Id: Ib49eab7983a82966d167f03761e32461f9b9f602
---
 includes/libs/CryptRand.php | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/includes/libs/CryptRand.php b/includes/libs/CryptRand.php
index 10088f2363..0d3613ae23 100644
--- a/includes/libs/CryptRand.php
+++ b/includes/libs/CryptRand.php
@@ -242,6 +242,21 @@ class CryptRand {
 			$this->strong = true;
 		}
 
+		if ( strlen( $buffer ) < $bytes ) {
+			// If available make use of PHP 7's random_bytes
+			// On Linux, getrandom syscall will be used if available.
+			// On Windows CryptGenRandom will always be used
+			// On other platforms, /dev/urandom will be used.
+			// All error situations will throw Exceptions and or Errors
+			if ( function_exists( 'random_bytes' ) ) {
+				$rem = $bytes - strlen( $buffer );
+				$buffer .= random_bytes( $rem );
+			}
+			if ( strlen( $buffer ) >= $bytes ) {
+				$this->strong = true;
+			}
+		}
+
 		if ( strlen( $buffer ) < $bytes ) {
 			// If available make use of mcrypt_create_iv URANDOM source to generate randomness
 			// On unix-like systems this reads from /dev/urandom but does it without any buffering
-- 
2.20.1