Otherwise shorter strings might be generated.
Bug: T115522
Signed-off-by: Chad Horohoe <chadh@wikimedia.org>
Change-Id: I110d873d56762552060fd428c236c8b0e9a859b0
// stopping at a minimum of 10 chars.
$length = max( 10, $minLength );
// Multiply by 1.25 to get the number of hex characters we need
// stopping at a minimum of 10 chars.
$length = max( 10, $minLength );
// Multiply by 1.25 to get the number of hex characters we need
- $length = $length * 1.25;
// Generate random hex chars
// Generate random hex chars
- $hex = MWCryptRand::generateHex( $length );
+ $hex = MWCryptRand::generateHex( ceil( $length * 1.25 ) );
// Convert from base 16 to base 32 to get a proper password like string
// Convert from base 16 to base 32 to get a proper password like string
- return Wikimedia\base_convert( $hex, 16, 32 );
+ return substr( Wikimedia\base_convert( $hex, 16, 32, $length ), -$length );