Example #1
0
 public function isSupported(FOFUtilsPhpfunc $phpfunc = null)
 {
     if (!is_object($phpfunc) || !$phpfunc instanceof $phpfunc) {
         $phpfunc = new FOFUtilsPhpfunc();
     }
     if (!$phpfunc->function_exists('openssl_get_cipher_methods')) {
         return false;
     }
     if (!$phpfunc->function_exists('openssl_random_pseudo_bytes')) {
         return false;
     }
     if (!$phpfunc->function_exists('openssl_cipher_iv_length')) {
         return false;
     }
     if (!$phpfunc->function_exists('openssl_encrypt')) {
         return false;
     }
     if (!$phpfunc->function_exists('openssl_decrypt')) {
         return false;
     }
     if (!$phpfunc->function_exists('hash')) {
         return false;
     }
     if (!$phpfunc->function_exists('hash_algos')) {
         return false;
     }
     $algorightms = $phpfunc->openssl_get_cipher_methods();
     if (!in_array('aes-128-cbc', $algorightms)) {
         return false;
     }
     $algorightms = $phpfunc->hash_algos();
     if (!in_array('sha256', $algorightms)) {
         return false;
     }
     return true;
 }
Example #2
0
 public function isSupported(FOFUtilsPhpfunc $phpfunc = null)
 {
     if (!is_object($phpfunc) || !$phpfunc instanceof $phpfunc) {
         $phpfunc = new FOFUtilsPhpfunc();
     }
     if (!$phpfunc->function_exists('mcrypt_get_key_size')) {
         return false;
     }
     if (!$phpfunc->function_exists('mcrypt_get_iv_size')) {
         return false;
     }
     if (!$phpfunc->function_exists('mcrypt_create_iv')) {
         return false;
     }
     if (!$phpfunc->function_exists('mcrypt_encrypt')) {
         return false;
     }
     if (!$phpfunc->function_exists('mcrypt_decrypt')) {
         return false;
     }
     if (!$phpfunc->function_exists('mcrypt_list_algorithms')) {
         return false;
     }
     if (!$phpfunc->function_exists('hash')) {
         return false;
     }
     if (!$phpfunc->function_exists('hash_algos')) {
         return false;
     }
     $algorightms = $phpfunc->mcrypt_list_algorithms();
     if (!in_array('rijndael-128', $algorightms)) {
         return false;
     }
     if (!in_array('rijndael-192', $algorightms)) {
         return false;
     }
     if (!in_array('rijndael-256', $algorightms)) {
         return false;
     }
     $algorightms = $phpfunc->hash_algos();
     if (!in_array('sha256', $algorightms)) {
         return false;
     }
     return true;
 }
Example #3
0
 /**
  * Generate random bytes. Adapted from Joomla! 3.2.
  *
  * @param   integer  $length  Length of the random data to generate
  *
  * @return  string  Random binary data
  */
 public function genRandomBytes($length = 32)
 {
     $length = (int) $length;
     $sslStr = '';
     /*
      * Collect any entropy available in the system along with a number
      * of time measurements of operating system randomness.
      */
     $bitsPerRound = 2;
     $maxTimeMicro = 400;
     $shaHashLength = 20;
     $randomStr = '';
     $total = $length;
     // Check if we can use /dev/urandom.
     $urandom = false;
     $handle = null;
     // This is PHP 5.3.3 and up
     if ($this->phpfunc->function_exists('stream_set_read_buffer') && @is_readable('/dev/urandom')) {
         $handle = @fopen('/dev/urandom', 'rb');
         if ($handle) {
             $urandom = true;
         }
     }
     while ($length > strlen($randomStr)) {
         $bytes = $total > $shaHashLength ? $shaHashLength : $total;
         $total -= $bytes;
         /*
          * Collect any entropy available from the PHP system and filesystem.
          * If we have ssl data that isn't strong, we use it once.
          */
         $entropy = rand() . uniqid(mt_rand(), true) . $sslStr;
         $entropy .= implode('', @fstat(fopen(__FILE__, 'r')));
         $entropy .= memory_get_usage();
         $sslStr = '';
         if ($urandom) {
             stream_set_read_buffer($handle, 0);
             $entropy .= @fread($handle, $bytes);
         } else {
             /*
              * There is no external source of entropy so we repeat calls
              * to mt_rand until we are assured there's real randomness in
              * the result.
              *
              * Measure the time that the operations will take on average.
              */
             $samples = 3;
             $duration = 0;
             for ($pass = 0; $pass < $samples; ++$pass) {
                 $microStart = microtime(true) * 1000000;
                 $hash = sha1(mt_rand(), true);
                 for ($count = 0; $count < 50; ++$count) {
                     $hash = sha1($hash, true);
                 }
                 $microEnd = microtime(true) * 1000000;
                 $entropy .= $microStart . $microEnd;
                 if ($microStart >= $microEnd) {
                     $microEnd += 1000000;
                 }
                 $duration += $microEnd - $microStart;
             }
             $duration = $duration / $samples;
             /*
              * Based on the average time, determine the total rounds so that
              * the total running time is bounded to a reasonable number.
              */
             $rounds = (int) ($maxTimeMicro / $duration * 50);
             /*
              * Take additional measurements. On average we can expect
              * at least $bitsPerRound bits of entropy from each measurement.
              */
             $iter = $bytes * (int) ceil(8 / $bitsPerRound);
             for ($pass = 0; $pass < $iter; ++$pass) {
                 $microStart = microtime(true);
                 $hash = sha1(mt_rand(), true);
                 for ($count = 0; $count < $rounds; ++$count) {
                     $hash = sha1($hash, true);
                 }
                 $entropy .= $microStart . microtime(true);
             }
         }
         $randomStr .= sha1($entropy, true);
     }
     if ($urandom) {
         @fclose($handle);
     }
     return substr($randomStr, 0, $length);
 }