mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-12-30 12:50:38 +00:00
Use random_bytes() when appropriate.
This commit is contained in:
parent
0f1d043428
commit
5a5edc7798
@ -53,6 +53,20 @@ class Random
|
|||||||
*/
|
*/
|
||||||
public static function string($length)
|
public static function string($length)
|
||||||
{
|
{
|
||||||
|
if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
|
||||||
|
try {
|
||||||
|
$string = random_bytes($length);
|
||||||
|
return $string;
|
||||||
|
}
|
||||||
|
catch (\EngineException $e) {
|
||||||
|
// If a sufficient source of randomness is unavailable, random_bytes() will emit a warning.
|
||||||
|
// We don't actually need to do anything here. The string() method should just continue
|
||||||
|
// as normal. Note, however, that if we don't have a sufficient source of randomness for
|
||||||
|
// random_bytes(), most of the other calls here will fail too, so we'll end up using
|
||||||
|
// the PHP implementation.
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
|
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
|
||||||
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
|
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
|
||||||
// ie. class_alias is a function that was introduced in PHP 5.3
|
// ie. class_alias is a function that was introduced in PHP 5.3
|
||||||
|
Loading…
Reference in New Issue
Block a user