diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/GoogleAuthenticator.php | 32 |
1 files changed, 4 insertions, 28 deletions
diff --git a/src/GoogleAuthenticator.php b/src/GoogleAuthenticator.php index 0925510..48b0a6f 100644 --- a/src/GoogleAuthenticator.php +++ b/src/GoogleAuthenticator.php @@ -2,6 +2,8 @@ namespace Otp; +use ParagonIE\ConstantTime\Encoding; + /** * Google Authenticator * @@ -161,7 +163,7 @@ class GoogleAuthenticator $string = ''; for ($i = 0; $i < $length; $i++) { - $string .= $keys[self::getRand()]; + $string .= $keys[random_int(0, 31)]; } return $string; @@ -187,7 +189,7 @@ class GoogleAuthenticator // Generate codes $code = ''; for ($i = 1; $i <= $length; $i++) { - $code .= self::getRand(9); + $code .= random_int(0, 9); } // To make sure no duplicates get in @@ -198,30 +200,4 @@ class GoogleAuthenticator return $codes; } - - /** - * Get random number - * - * @return integer Random number between 0 and 31 (including) - */ - private static function getRand($max = 31) - { - if (function_exists('random_int')) { - // Uses either the PHP7 internal function or the polyfill if present - return random_int(0, $max); - } elseif (function_exists('openssl_random_pseudo_bytes')) { - // For those not wanting either PHP7 or the polyfill, this works well enough - $bytes = openssl_random_pseudo_bytes(2); - $number = hexdec(bin2hex($bytes)); - - if ($number > $max) { - $number = $number % ($max + 1); - } - - return $number; - } else { - // And last case, this does the trick too - return mt_rand(0, $max); - } - } } |