Move SimpleSAML_Utilities::generateID() to SimpleSAML_Utils_Random::generateID(). Deprecate the former and schedule it for removal in 2.0.

6 files changed, 38 insertions, 10 deletions

diff --git a/lib/SimpleSAML/Auth/State.php b/lib/SimpleSAML/Auth/State.php
index 4684f5d..88d8f85 100644
--- a/lib/SimpleSAML/Auth/State.php
+++ b/lib/SimpleSAML/Auth/State.php
@@ -105,7 +105,7 @@ class SimpleSAML_Auth_State {
 		assert('is_bool($rawId)');
 
 		if (!array_key_exists(self::ID, $state)) {
-			$state[self::ID] = SimpleSAML_Utilities::generateID();
+			$state[self::ID] = SimpleSAML_Utils_Random::generateID();
 		}
 
 		$id = $state[self::ID];
diff --git a/lib/SimpleSAML/Bindings/Shib13/Artifact.php b/lib/SimpleSAML/Bindings/Shib13/Artifact.php
index 3e8f7d3..d211851 100644
--- a/lib/SimpleSAML/Bindings/Shib13/Artifact.php
+++ b/lib/SimpleSAML/Bindings/Shib13/Artifact.php
@@ -48,7 +48,7 @@ class SimpleSAML_Bindings_Shib13_Artifact {
 		$msg = '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">' .
 			'<SOAP-ENV:Body>' .
 			'<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"' .
-			' RequestID="' . SimpleSAML_Utilities::generateID() . '"' .
+			' RequestID="' . SimpleSAML_Utils_Random::generateID() . '"' .
 			' MajorVersion="1" MinorVersion="1"' .
 			' IssueInstant="' . SimpleSAML_Utilities::generateTimestamp() . '"' .
 			'>';
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index df43435..d4bbaac 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -408,7 +408,7 @@ class SimpleSAML_Session
 
         $this->authData[$authority] = $data;
 
-        $this->authToken = SimpleSAML_Utilities::generateID();
+        $this->authToken = SimpleSAML_Utils_Random::generateID();
         $sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
 
         if (!$this->transient && (!empty($data['RememberMe']) || $this->rememberMeExpire) &&
diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php
index b71a6e2..148be6e 100644
--- a/lib/SimpleSAML/Utilities.php
+++ b/lib/SimpleSAML/Utilities.php
@@ -381,10 +381,13 @@ class SimpleSAML_Utilities {
 	}
 
 
+	/**
+	 * @deprecated This function will be removed in SSP 2.0. Please use SimpleSAML_Utils_Random::generateID() instead.
+	 */
 	public static function generateID() {
-		return '_' . bin2hex(openssl_random_pseudo_bytes(21));
+		return SimpleSAML_Utils_Random::generateID();
 	}
-	
+
 
 	/**
 	 * This function generates a timestamp on the form used by the SAML protocols.
@@ -1465,7 +1468,7 @@ class SimpleSAML_Utilities {
 		if ($httpRedirect && preg_match("#^http:#", $destination) && self::isHTTPS()) {
 			$url = self::createHttpPostRedirectLink($destination, $post);
 		} else {
-			$postId = SimpleSAML_Utilities::generateID();
+			$postId = SimpleSAML_Utils_Random::generateID();
 			$postData = array(
 				'post' => $post,
 				'url' => $destination,
@@ -1492,7 +1495,7 @@ class SimpleSAML_Utilities {
 		assert('is_string($destination)');
 		assert('is_array($post)');
 
-		$postId = SimpleSAML_Utilities::generateID();
+		$postId = SimpleSAML_Utils_Random::generateID();
 		$postData = array(
 			'post' => $post,
 			'url' => $destination,
diff --git a/lib/SimpleSAML/Utils/Random.php b/lib/SimpleSAML/Utils/Random.php
new file mode 100644
index 0000000..11b8a19
--- /dev/null
+++ b/lib/SimpleSAML/Utils/Random.php
@@ -0,0 +1,25 @@
+<?php
+
+
+/**
+ * Utility class for random data generation and manipulation.
+ *
+ * @package SimpleSAMLphp
+ */
+class SimpleSAML_Utils_Random
+{
+
+    /**
+     * Generate a random identifier, 22 bytes long.
+     *
+     * @return string A 22-bytes long string with a random, hex string.
+     *
+     * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no>
+     * @author Olav Morken, UNINETT AS <olav.morken@uninett.no>
+     * @author Jaime Perez, UNINETT AS <jaime.perez@uninett.no>
+     */
+    public static function generateID()
+    {
+        return '_'.bin2hex(openssl_random_pseudo_bytes(21));
+    }
+}
\ No newline at end of file
diff --git a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
index 2d65be5..563882e 100644
--- a/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
+++ b/lib/SimpleSAML/XML/Shib13/AuthnResponse.php
@@ -304,7 +304,7 @@ class SimpleSAML_XML_Shib13_AuthnResponse {
 			$scopedAttributes = array();
 		}
 
-		$id = SimpleSAML_Utilities::generateID();
+		$id = SimpleSAML_Utils_Random::generateID();
 		
 		$issueInstant = SimpleSAML_Utilities::generateTimestamp();
 		
@@ -313,7 +313,7 @@ class SimpleSAML_XML_Shib13_AuthnResponse {
 		
 		
 		$assertionExpire = SimpleSAML_Utilities::generateTimestamp(time() + 60 * 5);# 5 minutes
-		$assertionid = SimpleSAML_Utilities::generateID();
+		$assertionid = SimpleSAML_Utils_Random::generateID();
 
 		$spEntityId = $sp->getString('entityid');
 
@@ -321,7 +321,7 @@ class SimpleSAML_XML_Shib13_AuthnResponse {
 		$base64 = $sp->getBoolean('base64attributes', FALSE);
 
 		$namequalifier = $sp->getString('NameQualifier', $spEntityId);
-		$nameid = SimpleSAML_Utilities::generateID();
+		$nameid = SimpleSAML_Utils_Random::generateID();
 		$subjectNode =
 			'<Subject>' .
 			'<NameIdentifier' .