diff options
| author | Christian Riesen <chris.riesen@gmail.com> | 2015-10-08 10:17:59 +0200 |
|---|---|---|
| committer | Christian Riesen <chris.riesen@gmail.com> | 2015-10-08 10:17:59 +0200 |
| commit | 20a539ce6280eb029030f4e7caefd5709a75e1ad (patch) | |
| tree | 836aa56be355b8cebc6f2c0cdcfc47c5746629f9 | |
| parent | 31fda410cbb7ca632552e8f50069be135455da9f (diff) | |
| download | otp-20a539ce6280eb029030f4e7caefd5709a75e1ad.zip otp-20a539ce6280eb029030f4e7caefd5709a75e1ad.tar.gz otp-20a539ce6280eb029030f4e7caefd5709a75e1ad.tar.bz2 | |
Add random_int with polyfill suggestions as default random generator1.4.3
Not a BC. Just will use that first, if present. In PHP7 it's already part of the core, and the polyfill can be installed to take care of the rest. Always will fall back to the current methods. Fixes #8.
Thanks to @inanimatt for the suggestion.
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | composer.json | 10 | ||||
| -rw-r--r-- | src/Otp/GoogleAuthenticator.php | 10 |
3 files changed, 17 insertions, 5 deletions
@@ -77,6 +77,8 @@ Static function class to generate a correct url for the QR code, so you can easy There are also older open source versions of the Google Authenticator app for both [iPhone](https://github.com/google/google-authenticator) and [Android](https://github.com/google/google-authenticator-android) +This helper class uses the random_int function from PHP7, or the polyfill method from [paragonie/random_compat](https://packagist.org/packages/paragonie/random_compat) if present and falls back on other (less "secure") random generators. + About ===== diff --git a/composer.json b/composer.json index 8f06466..94f16c6 100644 --- a/composer.json +++ b/composer.json @@ -5,7 +5,7 @@ "keywords": ["otp","hotp","totp","googleauthenticator","rfc4226","rfc6238"], "homepage": "https://github.com/ChristianRiesen/otp", "license": "MIT", - "authors": [ + "authors": [ { "name": "Christian Riesen", "email": "chris.riesen@gmail.com", @@ -15,12 +15,14 @@ ], "require": { "php": ">=5.3.0", - "christian-riesen/base32": ">=1.0" + "christian-riesen/base32": ">=1.0" }, - "autoload": { + "suggest": { + "paragonie/random_compat": "Optional polyfill for a more secure random generator for pre PHP7 versions" + }, + "autoload": { "psr-0": { "Otp": "src" } } } - diff --git a/src/Otp/GoogleAuthenticator.php b/src/Otp/GoogleAuthenticator.php index 9f3db9d..23e67ff 100644 --- a/src/Otp/GoogleAuthenticator.php +++ b/src/Otp/GoogleAuthenticator.php @@ -163,9 +163,17 @@ class GoogleAuthenticator return $string; } + /** + * Get random number + * + * @return int Random number between 0 and 31 (including) + */ private static function getRand() { - if (function_exists('openssl_random_pseudo_bytes')) { + if (function_exists('random_int')) { + // Uses either the PHP7 internal function or the polyfill if present + return random_int(0, 31); + } elseif (function_exists('openssl_random_pseudo_bytes')) { $bytes = openssl_random_pseudo_bytes(2); $number = hexdec(bin2hex($bytes)); |