diff options
| author | Pierre du Plessis <pierre@pcservice.co.za> | 2015-09-23 11:48:44 +0200 |
|---|---|---|
| committer | Pierre du Plessis <pierre@pcservice.co.za> | 2015-09-23 21:31:18 +0200 |
| commit | 7aac5b9786bacbf018c2c6519df666b666bf652e (patch) | |
| tree | 6b9932135bb652b2e8774c976b0484e7a5eda919 | |
| parent | e8a908c89e4be6db9d4b901086ae4d4e1e2c44eb (diff) | |
| download | symfony-security-7aac5b9786bacbf018c2c6519df666b666bf652e.zip symfony-security-7aac5b9786bacbf018c2c6519df666b666bf652e.tar.gz symfony-security-7aac5b9786bacbf018c2c6519df666b666bf652e.tar.bz2 | |
Use random_bytes function if it is available for random number generation
| -rw-r--r-- | Core/Util/SecureRandom.php | 12 | ||||
| -rw-r--r-- | composer.json | 3 |
2 files changed, 10 insertions, 5 deletions
diff --git a/Core/Util/SecureRandom.php b/Core/Util/SecureRandom.php index c0924df..3461b4e 100644 --- a/Core/Util/SecureRandom.php +++ b/Core/Util/SecureRandom.php @@ -42,12 +42,12 @@ final class SecureRandom implements SecureRandomInterface $this->seedFile = $seedFile; $this->logger = $logger; + $isUnsupportedPhp = '\\' === DIRECTORY_SEPARATOR && PHP_VERSION_ID < 50304; + // determine whether to use OpenSSL - if ('\\' === DIRECTORY_SEPARATOR && PHP_VERSION_ID < 50304) { - $this->useOpenSsl = false; - } elseif (!function_exists('openssl_random_pseudo_bytes')) { + if (!function_exists('random_bytes') && ($isUnsupportedPhp || !function_exists('openssl_random_pseudo_bytes'))) { if (null !== $this->logger) { - $this->logger->notice('It is recommended that you enable the "openssl" extension for random number generation.'); + $this->logger->notice('It is recommended that you install the "paragonie/random_compat" library or enable the "openssl" extension for random number generation.'); } $this->useOpenSsl = false; } else { @@ -60,6 +60,10 @@ final class SecureRandom implements SecureRandomInterface */ public function nextBytes($nbBytes) { + if (function_exists('random_bytes')) { + return random_bytes($nbBytes); + } + // try OpenSSL if ($this->useOpenSsl) { $bytes = openssl_random_pseudo_bytes($nbBytes, $strong); diff --git a/composer.json b/composer.json index d18b644..2026fc4 100644 --- a/composer.json +++ b/composer.json @@ -39,7 +39,8 @@ "symfony/validator": "", "symfony/routing": "", "doctrine/dbal": "to use the built-in ACL implementation", - "ircmaxell/password-compat": "" + "ircmaxell/password-compat": "", + "paragonie/random_compat": "" }, "autoload": { "psr-0": { "Symfony\\Component\\Security\\": "" } |