-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathCryptoProvider.php
50 lines (39 loc) · 1.72 KB
/
CryptoProvider.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
namespace Kunststube\CSRFP;
require_once __DIR__ . DIRECTORY_SEPARATOR . 'ICryptoProvider.php';
class CryptoProvider implements ICryptoProvider {
public function getRandomHexString($length) {
// `random_bytes()` is available in PHP 7+. more performant and platform independent than subsequent generators
if (function_exists('random_bytes')) {
return bin2hex(random_bytes($length / 2));
}
try {
return $this->getRandomHexStringFromDevRandom($length);
} catch (\RuntimeException $e) {
trigger_error($e->getMessage() . ' Falling back to internal generator.', E_USER_NOTICE);
return $this->getRandomHexStringFromMtRand($length);
}
}
protected function getRandomHexStringFromDevRandom($length) {
static $sources = array('/dev/urandom', '/dev/random');
foreach ($sources as $source) {
if (@is_readable($source)) {
// NOTE: the following line produces an error in PHP 7+ related to the offset value. reference
// documentation notes that remote files cannot seek, so it seems that since PHP 7.0, `/dev/urandom`
// is considered a remote file.
return bin2hex(file_get_contents($source, false, null, -1, $length / 2));
}
}
throw new \RuntimeException('No system source for randomness available.');
}
protected function getRandomHexStringFromMtRand($length) {
$hex = null;
for ($i = 0; $i < $length; $i++) {
$hex .= base_convert(mt_rand(0, 15), 10, 16);
}
return $hex;
}
public function hash($data, $secret) {
return hash_hmac('sha512', $data, $secret);
}
}