// Include some information about the filesystem's current state in the random state
$files = array();
+
// We know this file is here so grab some info about ourself
$files[] = __FILE__;
+
+ // We must also have a parent folder, and with the usual file structure, a grandparent
+ $files[] = dirname( __FILE__ );
+ $files[] = dirname( dirname( __FILE__ ) );
+
// The config file is likely the most often edited file we know should be around
// so if the constant with it's location is defined include it's stat info into the state
if ( defined( 'MW_CONFIG_FILE' ) ) {
/**
* Randomly hash data while mixing in clock drift data for randomness
*
- * @param $data The data to randomly hash.
+ * @param $data string The data to randomly hash.
* @return String The hashed bytes
* @author Tim Starling
*/
/**
* Return a rolling random state initially build using data from unstable sources
- * @return A new weak random state
+ * @return string A new weak random state
*/
protected function randomState() {
static $state = null;
/**
* Decide on the best acceptable hash algorithm we have available for hash()
+ * @throws MWException
* @return String A hash algorithm
*/
protected function hashAlgo() {
- if ( !is_null( $algo ) ) {
- return $algo;
+ if ( !is_null( $this->algo ) ) {
+ return $this->algo;
}
$algos = hash_algos();
foreach ( $preference as $algorithm ) {
if ( in_array( $algorithm, $algos ) ) {
- $algo = $algorithm; # assign to static
- wfDebug( __METHOD__ . ": Using the $algo hash algorithm.\n" );
- return $algo;
+ $this->algo = $algorithm;
+ wfDebug( __METHOD__ . ": Using the {$this->algo} hash algorithm.\n" );
+ return $this->algo;
}
}
* @return int Number of bytes the hash outputs
*/
protected function hashLength() {
- if ( is_null( $hashLength ) ) {
- $hashLength = strlen( $this->hash( '' ) );
+ if ( is_null( $this->hashLength ) ) {
+ $this->hashLength = strlen( $this->hash( '' ) );
}
- return $hashLength;
+ return $this->hashLength;
}
/**
* Generate an acceptably unstable one-way-hash of some text
* making use of the best hash algorithm that we have available.
*
+ * @param $data string
* @return String A raw hash of the data
*/
protected function hash( $data ) {
* Generate an acceptably unstable one-way-hmac of some text
* making use of the best hash algorithm that we have available.
*
+ * @param $data string
+ * @param $key string
* @return String A raw hash of the data
*/
protected function hmac( $data, $key ) {
/**
* @see self::generate()
*/
- public function realGenerate( $bytes, $forceStrong = false, $method = null ) {
+ public function realGenerate( $bytes, $forceStrong = false ) {
wfProfileIn( __METHOD__ );
- if ( is_string( $forceStrong ) && is_null( $method ) ) {
- // If $forceStrong is a string then it's really $method
- $method = $forceStrong;
- $forceStrong = false;
- }
- if ( !is_null( $method ) ) {
- wfDebug( __METHOD__ . ": Generating cryptographic random bytes for $method\n" );
- }
+ wfDebug( __METHOD__ . ": Generating cryptographic random bytes for " . wfGetAllCallers( 5 ) . "\n" );
$bytes = floor( $bytes );
static $buffer = '';
if ( function_exists( 'mcrypt_create_iv' ) ) {
wfProfileIn( __METHOD__ . '-mcrypt' );
$rem = $bytes - strlen( $buffer );
- wfDebug( __METHOD__ . ": Trying to generate $rem bytes of randomness using mcrypt_create_iv.\n" );
$iv = mcrypt_create_iv( $rem, MCRYPT_DEV_URANDOM );
if ( $iv === false ) {
wfDebug( __METHOD__ . ": mcrypt_create_iv returned false.\n" );
} else {
- $bytes .= $iv;
+ $buffer .= $iv;
wfDebug( __METHOD__ . ": mcrypt_create_iv generated " . strlen( $iv ) . " bytes of randomness.\n" );
}
wfProfileOut( __METHOD__ . '-mcrypt' );
) {
wfProfileIn( __METHOD__ . '-openssl' );
$rem = $bytes - strlen( $buffer );
- wfDebug( __METHOD__ . ": Trying to generate $rem bytes of randomness using openssl_random_pseudo_bytes.\n" );
$openssl_bytes = openssl_random_pseudo_bytes( $rem, $openssl_strong );
if ( $openssl_bytes === false ) {
wfDebug( __METHOD__ . ": openssl_random_pseudo_bytes returned false.\n" );
if ( strlen( $buffer ) < $bytes && ( function_exists( 'stream_set_read_buffer' ) || $forceStrong ) ) {
wfProfileIn( __METHOD__ . '-fopen-urandom' );
$rem = $bytes - strlen( $buffer );
- wfDebug( __METHOD__ . ": Trying to generate $rem bytes of randomness using /dev/urandom.\n" );
if ( !function_exists( 'stream_set_read_buffer' ) && $forceStrong ) {
wfDebug( __METHOD__ . ": Was forced to read from /dev/urandom without control over the buffer size.\n" );
}
stream_set_read_buffer( $urandom, $rem );
$chunk_size = $rem;
}
- wfDebug( __METHOD__ . ": Reading from /dev/urandom with a buffer size of $chunk_size.\n" );
$random_bytes = fread( $urandom, max( $chunk_size, $rem ) );
$buffer .= $random_bytes;
fclose( $urandom );
/**
* @see self::generateHex()
*/
- public function realGenerateHex( $chars, $forceStrong = false, $method = null ) {
+ public function realGenerateHex( $chars, $forceStrong = false ) {
// hex strings are 2x the length of raw binary so we divide the length in half
// odd numbers will result in a .5 that leads the generate() being 1 character
// short, so we use ceil() to ensure that we always have enough bytes
$bytes = ceil( $chars / 2 );
// Generate the data and then convert it to a hex string
- $hex = bin2hex( $this->generate( $bytes, $forceStrong, $method ) );
+ $hex = bin2hex( $this->generate( $bytes, $forceStrong ) );
// A bit of paranoia here, the caller asked for a specific length of string
// here, and it's possible (eg when given an odd number) that we may actually
// have at least 1 char more than they asked for. Just in case they made this
/**
* Return a singleton instance of MWCryptRand
+ * @return MWCryptRand
*/
protected static function singleton() {
if ( is_null( self::$singleton ) ) {
* @param $forceStrong bool Pass true if you want generate to prefer cryptographically
* strong sources of entropy even if reading from them may steal
* more entropy from the system than optimal.
- * @param $method The calling method, for debug info. May be the second argument if you are not using forceStrong
* @return String Raw binary random data
*/
- public static function generate( $bytes, $forceStrong = false, $method = null ) {
- return self::singleton()->realGenerate( $bytes, $forceStrong, $method );
+ public static function generate( $bytes, $forceStrong = false ) {
+ return self::singleton()->realGenerate( $bytes, $forceStrong );
}
/**
* @param $forceStrong bool Pass true if you want generate to prefer cryptographically
* strong sources of entropy even if reading from them may steal
* more entropy from the system than optimal.
- * @param $method The calling method, for debug info. May be the second argument if you are not using forceStrong
* @return String Hexadecimal random data
*/
- public static function generateHex( $chars, $forceStrong = false, $method = null ) {
- return self::singleton()->realGenerateHex( $chars, $forceStrong, $method );
+ public static function generateHex( $chars, $forceStrong = false ) {
+ return self::singleton()->realGenerateHex( $chars, $forceStrong );
}
}