public static function bytes($length) { if (!(ctype_digit(@(string) $length) && ($length = (int) $length) > 0)) { throw new InvalidArgumentException('Random::bytes(): A positive integer value as parameter is expected.'); } return secure_random_bytes($length); }
function security_code() { // Import secure random bytes function require_once './srand.php'; // Let's generate a totally random string using SHA-1 $sha1_hash = sha1(secure_random_bytes(100)); // Start the session so we can store what the security code actually is session_start(); // We don't need a 32 character long string so we trim it down to 6 $security_code = substr($sha1_hash, 15, 6); // Set the session to store the security code $_SESSION['captcha'] = $security_code; // Close the session session_write_close(); return $security_code; }
private function _generate_key() { do { // Generate a random salt // Modified by Ivan Tcholakov, 28-JUN-2015. //$salt = mcrypt_create_iv(16, MCRYPT_DEV_URANDOM); $salt = secure_random_bytes(16); // $new_key = substr($salt, 0, config_item('rest_key_length')); } while (self::_key_exists($new_key)); // Already in the DB? Fail. Try again return $new_key; }
function random_key($len, $readable = false, $hash = false) { if (!function_exists('secure_random_bytes')) { include PUN_ROOT . 'include/srand.php'; } $key = secure_random_bytes($len); if ($hash) { return substr(bin2hex($key), 0, $len); } else { if ($readable) { $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $result = ''; for ($i = 0; $i < $len; ++$i) { $result .= substr($chars, ord($key[$i]) % strlen($chars), 1); } return $result; } } return $key; }
/** * * @param int $num_bytes [optional] * @return string */ function generate_csrf_token($num_bytes = 16) { require_once 'lib/srand.php'; return bin2hex(secure_random_bytes($num_bytes)); }
function updateAccount($user_id, $oldPassword, $newPassword, $newPasswordConfirm, $newEmail) { $user_id = escape($user_id); $oldPassword = escape($oldPassword); $newPassword = escape($newPassword); $newPasswordConfirm = escape($newPasswordConfirm); $newEmail = escape($newEmail); $result = verifyLogin($_SESSION['user_id'], $_POST['old_password']); if ($result === TRUE) { $set_string = ""; //decrypt the password if needed require_once includePath() . "/crypto.php"; $newPassword = decryptPassword($newPassword); $newPasswordConfirm = decryptPassword($newPasswordConfirm); if (strlen($newPassword) > 0 || strlen($newPasswordConfirm) > 0) { if (strlen($newPassword) >= 6) { //enforce minimum password length of six if ($newPassword == $newPasswordConfirm) { $validPassword = validPassword($newPassword); if ($validPassword == 0) { $gen_salt = secure_random_bytes(20); $db_salt = escape(bin2hex($gen_salt)); $set_string .= "password = '******', salt = '{$db_salt}', "; } else { return $validPassword; } } else { return 11; } } else { return 1; } } if (strlen($newEmail) > 0) { if (validEmail($newEmail)) { $set_string .= "email = '" . escape($newEmail) . "', "; } else { return 10; } } if (strlen($set_string) > 0) { $set_string = substr($set_string, 0, strlen($set_string) - 2); //get rid of trailing comma and space mysql_query("UPDATE users SET " . $set_string . " WHERE id='{$user_id}'"); } return 0; } else { return $result; } }
function secure_random() { return hexdec(bin2hex(secure_random_bytes(3))); }
public static function getRandomInts($numInts) { $ints = array(); if ($numInts <= 0) { return $ints; } // Modified by Deepak Patil <*****@*****.**>, 21-DEC-2014. // The purpose of this change is making this method tollerant to different system configurations. //$rawBinary = mcrypt_create_iv($numInts * PHP_INT_SIZE, MCRYPT_DEV_URANDOM); $rawBinary = secure_random_bytes($numInts * PHP_INT_SIZE); // for ($i = 0; $i < $numInts; ++$i) { $thisInt = 0; for ($j = 0; $j < PHP_INT_SIZE; ++$j) { $thisInt = $thisInt << 8 | ord($rawBinary[$i * PHP_INT_SIZE + $j]) & 0xff; } // Absolute value in two's compliment (with min int going to zero) $thisInt = $thisInt & PHP_INT_MAX; $ints[] = $thisInt; } return $ints; }
function resetPassword($user_id, $password) { $user_id = escape($user_id); $gen_salt = secure_random_bytes(20); $db_salt = escape(bin2hex($gen_salt)); //decrypt the password if needed require_once includePath() . "/crypto.php"; $password = decryptPassword($password); $password = escape(chash2($password, $gen_salt)); mysql_query("UPDATE users SET password='******', salt = '{$db_salt}' WHERE id='{$user_id}'"); mysql_query("DELETE FROM reset WHERE user_id='{$user_id}'"); //make sure user doesn't reset again with same link }
/** * Drop in replacement for rand() or mt_rand(). * * @param int $min [optional] * @param int $max [optional] * @return int */ function crypto_rand_secure($min = null, $max = null) { require_once 'lib/srand.php'; // default values for optional min/max if ($min === null) { $min = 0; } if ($max === null) { $max = getrandmax(); } else { $max += 1; } // for being inclusive $range = $max - $min; if ($range <= 0) { return $min; } // not so random... $log = log($range, 2); $bytes = (int) ($log / 8) + 1; // length in bytes $bits = (int) $log + 1; // length in bits $filter = (int) (1 << $bits) - 1; // set all lower bits to 1 do { $rnd = hexdec(bin2hex(secure_random_bytes($bytes))); $rnd = $rnd & $filter; // discard irrelevant bits } while ($rnd >= $range); return $min + $rnd; }
<? include("../include/common.php"); include("../config.php"); include("../include/db_connect.php"); include("../include/session.php"); if($config['rsa_modulus'] != '' && $config['rsa_exponent'] != '' && $config['rsa_key'] != '') { //generate a random salt for the password encryption; this is saved in session // set the current time so that we don't permit old salts to be reused // note: the random salt is encrypted in hexadecimal to prevent encoding issues; shouldn't be a problem though... $crypt_key = bin2hex(secure_random_bytes(20)); if(!isset($_SESSION['crypt_key'])) { $_SESSION['crypt_key'] = array(); } $_SESSION['crypt_key'][] = array(time(), $crypt_key); ?> function pcryptf() { var rsa = new RSAKey(); rsa.setPublic("<?php echo $config['rsa_modulus']; ?> ", "<?php echo $config['rsa_exponent']; ?> "); var salt = "<?php echo $crypt_key; ?>
private function _generate_key() { do { // Generate a random salt // Modified by Deepak Patil <*****@*****.**>, 10-JUL-2015. //$salt = $this->security->get_random_bytes(64); // //// If an error occurred, then fall back to the previous method //if ($salt === FALSE) //{ // $salt = hash('sha256', time() . mt_rand()); //} $salt = secure_random_bytes(64); // $new_key = substr($salt, 0, config_item('rest_key_length')); } while ($this->_key_exists($new_key)); return $new_key; }
private function _generate_key() { do { // Generate a random salt // Modified by Ivan Tcholakov, 10-JUL-2015. //$salt = $this->security->get_random_bytes(64); // //// If an error occurred, then fall back to the previous method //if ($salt === FALSE) //{ // $salt = hash('sha256', time() . mt_rand()); //} $salt = secure_random_bytes(64); // $new_key = substr($salt, 0, config_item('rest_key_length')); } while (self::_key_exists($new_key)); // Already in the DB? Fail. Try again return $new_key; }
private function _generate_key() { do { // Generate a random salt // Modified by Ivan Tcholakov, 13-SEP-2015. //$salt = base_convert(bin2hex($this->security->get_random_bytes(64)), 16, 36); $salt = base_convert(bin2hex(secure_random_bytes(64)), 16, 36); // // Removed by Ivan Tcholakov, 13-SEP-2015. //// If an error occurred, then fall back to the previous method //if ($salt === FALSE) //{ // $salt = hash('sha256', time() . mt_rand()); //} // $new_key = substr($salt, 0, config_item('rest_key_length')); } while ($this->_key_exists($new_key)); return $new_key; }