do not ship with a custom rng implementation

3 files changed, 5 insertions, 88 deletions

diff --git a/Core/Util/SecureRandom.php b/Core/Util/SecureRandom.php
index c0924df..478f556 100644
--- a/Core/Util/SecureRandom.php
+++ b/Core/Util/SecureRandom.php
@@ -11,8 +11,6 @@
 
 namespace Symfony\Component\Security\Core\Util;
 
-use Psr\Log\LoggerInterface;
-
 /**
  * A secure random number generator implementation.
  *
@@ -21,94 +19,11 @@ use Psr\Log\LoggerInterface;
  */
 final class SecureRandom implements SecureRandomInterface
 {
-    private $logger;
-    private $useOpenSsl;
-    private $seed;
-    private $seedUpdated;
-    private $seedLastUpdatedAt;
-    private $seedFile;
-
-    /**
-     * Constructor.
-     *
-     * Be aware that a guessable seed will severely compromise the PRNG
-     * algorithm that is employed.
-     *
-     * @param string          $seedFile
-     * @param LoggerInterface $logger
-     */
-    public function __construct($seedFile = null, LoggerInterface $logger = null)
-    {
-        $this->seedFile = $seedFile;
-        $this->logger = $logger;
-
-        // determine whether to use OpenSSL
-        if ('\\' === DIRECTORY_SEPARATOR && PHP_VERSION_ID < 50304) {
-            $this->useOpenSsl = false;
-        } elseif (!function_exists('openssl_random_pseudo_bytes')) {
-            if (null !== $this->logger) {
-                $this->logger->notice('It is recommended that you enable the "openssl" extension for random number generation.');
-            }
-            $this->useOpenSsl = false;
-        } else {
-            $this->useOpenSsl = true;
-        }
-    }
-
     /**
      * {@inheritdoc}
      */
     public function nextBytes($nbBytes)
     {
-        // try OpenSSL
-        if ($this->useOpenSsl) {
-            $bytes = openssl_random_pseudo_bytes($nbBytes, $strong);
-
-            if (false !== $bytes && true === $strong) {
-                return $bytes;
-            }
-
-            if (null !== $this->logger) {
-                $this->logger->info('OpenSSL did not produce a secure random number.');
-            }
-        }
-
-        // initialize seed
-        if (null === $this->seed) {
-            if (null === $this->seedFile) {
-                throw new \RuntimeException('You need to specify a file path to store the seed.');
-            }
-
-            if (is_file($this->seedFile)) {
-                list($this->seed, $this->seedLastUpdatedAt) = $this->readSeed();
-            } else {
-                $this->seed = uniqid(mt_rand(), true);
-                $this->updateSeed();
-            }
-        }
-
-        $bytes = '';
-        while (strlen($bytes) < $nbBytes) {
-            static $incr = 1;
-            $bytes .= hash('sha512', $incr++.$this->seed.uniqid(mt_rand(), true).$nbBytes, true);
-            $this->seed = base64_encode(hash('sha512', $this->seed.$bytes.$nbBytes, true));
-            $this->updateSeed();
-        }
-
-        return substr($bytes, 0, $nbBytes);
-    }
-
-    private function readSeed()
-    {
-        return json_decode(file_get_contents($this->seedFile));
-    }
-
-    private function updateSeed()
-    {
-        if (!$this->seedUpdated && $this->seedLastUpdatedAt < time() - mt_rand(1, 10)) {
-            file_put_contents($this->seedFile, json_encode(array($this->seed, microtime(true))));
-        }
-
-        $this->seedUpdated = true;
+        return random_bytes($nbBytes);
     }
 }
diff --git a/Core/composer.json b/Core/composer.json
index 7bc1bf0..226e843 100644
--- a/Core/composer.json
+++ b/Core/composer.json
@@ -16,7 +16,8 @@
         }
     ],
     "require": {
-        "php": ">=5.3.3"
+        "php": ">=5.3.3",
+        "paragonie/random_compat": "~1.0"
     },
     "require-dev": {
         "symfony/phpunit-bridge": "~2.7",
diff --git a/composer.json b/composer.json
index 1705183..9506eab 100644
--- a/composer.json
+++ b/composer.json
@@ -19,7 +19,8 @@
         "php": ">=5.3.3",
         "symfony/event-dispatcher": "~2.2",
         "symfony/http-foundation": "~2.1",
-        "symfony/http-kernel": "~2.4"
+        "symfony/http-kernel": "~2.4",
+        "paragonie/random_compat": "~1.0"
     },
     "replace": {
         "symfony/security-acl": "self.version",