[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * CryptUtil: A suite of wrapper utility functions for the OpenID
   5   * library.
   6   *
   7   * PHP versions 4 and 5
   8   *
   9   * LICENSE: See the COPYING file included in this distribution.
  10   *
  11   * @access private
  12   * @package OpenID
  13   * @author JanRain, Inc. <openid@janrain.com>
  14   * @copyright 2005-2008 Janrain, Inc.
  15   * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
  16   */
  17  
  18  // Do not allow direct access
  19  defined( '_JEXEC' ) or die( 'Restricted access' );
  20  
  21  if (!defined('Auth_OpenID_RAND_SOURCE')) {
  22      /**
  23       * The filename for a source of random bytes. Define this yourself
  24       * if you have a different source of randomness.
  25       */
  26      define('Auth_OpenID_RAND_SOURCE', '/dev/urandom');
  27  }
  28  
  29  class Auth_OpenID_CryptUtil {
  30      /**
  31       * Get the specified number of random bytes.
  32       *
  33       * Attempts to use a cryptographically secure (not predictable)
  34       * source of randomness if available. If there is no high-entropy
  35       * randomness source available, it will fail. As a last resort,
  36       * for non-critical systems, define
  37       * <code>Auth_OpenID_RAND_SOURCE</code> as <code>null</code>, and
  38       * the code will fall back on a pseudo-random number generator.
  39       *
  40       * @param int $num_bytes The length of the return value
  41       * @return string $bytes random bytes
  42       */
  43      function getBytes($num_bytes)
  44      {
  45          static $f = null;
  46          $bytes = '';
  47          if ($f === null) {
  48              if (Auth_OpenID_RAND_SOURCE === null) {
  49                  $f = false;
  50              } else {
  51                  $f = @fopen(Auth_OpenID_RAND_SOURCE, "r");
  52                  if ($f === false) {
  53                      $msg = 'Define Auth_OpenID_RAND_SOURCE as null to ' .
  54                          ' continue with an insecure random number generator.';
  55                      trigger_error($msg, E_USER_ERROR);
  56                  }
  57              }
  58          }
  59          if ($f === false) {
  60              // pseudorandom used
  61              $bytes = '';
  62              for ($i = 0; $i < $num_bytes; $i += 4) {
  63                  $bytes .= pack('L', mt_rand());
  64              }
  65              $bytes = substr($bytes, 0, $num_bytes);
  66          } else {
  67              $bytes = fread($f, $num_bytes);
  68          }
  69          return $bytes;
  70      }
  71  
  72      /**
  73       * Produce a string of length random bytes, chosen from chrs.  If
  74       * $chrs is null, the resulting string may contain any characters.
  75       *
  76       * @param integer $length The length of the resulting
  77       * randomly-generated string
  78       * @param string $chrs A string of characters from which to choose
  79       * to build the new string
  80       * @return string $result A string of randomly-chosen characters
  81       * from $chrs
  82       */
  83      function randomString($length, $population = null)
  84      {
  85          if ($population === null) {
  86              return Auth_OpenID_CryptUtil::getBytes($length);
  87          }
  88  
  89          $popsize = strlen($population);
  90  
  91          if ($popsize > 256) {
  92              $msg = 'More than 256 characters supplied to ' . __FUNCTION__;
  93              trigger_error($msg, E_USER_ERROR);
  94          }
  95  
  96          $duplicate = 256 % $popsize;
  97  
  98          $str = "";
  99          for ($i = 0; $i < $length; $i++) {
 100              do {
 101                  $n = ord(Auth_OpenID_CryptUtil::getBytes(1));
 102              } while ($n < $duplicate);
 103  
 104              $n %= $popsize;
 105              $str .= $population[$n];
 106          }
 107  
 108          return $str;
 109      }
 110  }
 111  
 112  ?>