public function testRand()
{
$math = new Zend_Crypt_Math();
$higher = '155172898181473697471232257763715539915724801966915404479707795314057629378541917580651227423698188993727816152646631438561595825688188889951272158842675419950341258706556549803580104870537681476726513255747040765857479291291572334510643245094715007229621094194349783925984760375594985848253359305585439638443';
$lower = '155172898181473697471232257763715539915724801966915404479707795314057629378541917580651227423698188993727816152646631438561595825688188889951272158842675419950341258706556549803580104870537681476726513255747040765857479291291572334510643245094715007229621094194349783925984760375594985848253359305585439638442';
$result = $math->rand($lower, $higher);
$this->assertTrue(bccomp($result, $higher) !== '1');
$this->assertTrue(bccomp($result, $lower) !== '-1');
}
public function testRand()
{
try {
$math = new Zend_Crypt_Math_BigInteger();
} catch (Zend_Crypt_Math_BigInteger_Exception $e) {
if (strpos($e->getMessage(), 'big integer precision math support not detected') !== false) {
$this->markTestSkipped($e->getMessage());
} else {
throw $e;
}
}
$math = new Zend_Crypt_Math();
$higher = '155172898181473697471232257763715539915724801966915404479707795314057629378541917580651227423698188993727816152646631438561595825688188889951272158842675419950341258706556549803580104870537681476726513255747040765857479291291572334510643245094715007229621094194349783925984760375594985848253359305585439638443';
$lower = '155172898181473697471232257763715539915724801966915404479707795314057629378541917580651227423698188993727816152646631438561595825688188889951272158842675419950341258706556549803580104870537681476726513255747040765857479291291572334510643245094715007229621094194349783925984760375594985848253359305585439638442';
$result = $math->rand($lower, $higher);
$this->assertTrue(bccomp($result, $higher) !== '1');
$this->assertTrue(bccomp($result, $lower) !== '-1');
}
/**
* Generate CSRF token
*
* Generates CSRF token and stores both in {@link $_hash} and element
* value.
*
* @return void
*/
protected function _generateHash()
{
$this->_hash = md5(Zend_Crypt_Math::randBytes(32));
$this->setValue($this->_hash);
}
/**
* Filters the HTTP requests being sent to add the Authorization header.
*
* If both AuthSub and ClientLogin tokens are set,
* AuthSub takes precedence. If an AuthSub key is set, then
* secure AuthSub authentication is used, and the request is signed.
* Requests must be signed only with the private key corresponding to the
* public key registered with Google. If an AuthSub key is set, but
* openssl support is not enabled in the PHP installation, an exception is
* thrown.
*
* @param string $method The HTTP method
* @param string $url The URL
* @param array $headers An associate array of headers to be
* sent with the request or null
* @param string $body The body of the request or null
* @param string $contentType The MIME content type of the body or null
* @throws Zend_Gdata_App_Exception if there was a signing failure
* @return array The processed values in an associative array,
* using the same names as the params
*/
public function filterHttpRequest($method, $url, $headers = array(), $body = null, $contentType = null)
{
if ($this->getAuthSubToken() != null) {
// AuthSub authentication
if ($this->getAuthSubPrivateKeyId() != null) {
// secure AuthSub
$time = time();
$nonce = Zend_Crypt_Math::randInteger(0, 999999999);
$dataToSign = $method . ' ' . $url . ' ' . $time . ' ' . $nonce;
// compute signature
$pKeyId = $this->getAuthSubPrivateKeyId();
$signSuccess = openssl_sign($dataToSign, $signature, $pKeyId, OPENSSL_ALGO_SHA1);
if (!$signSuccess) {
// require_once 'Zend/Gdata/App/Exception.php';
throw new Zend_Gdata_App_Exception('openssl_signing failure - returned false');
}
// encode signature
$encodedSignature = base64_encode($signature);
// final header
$headers['authorization'] = 'AuthSub token="' . $this->getAuthSubToken() . '" ' . 'data="' . $dataToSign . '" ' . 'sig="' . $encodedSignature . '" ' . 'sigalg="rsa-sha1"';
} else {
// AuthSub without secure tokens
$headers['authorization'] = 'AuthSub token="' . $this->getAuthSubToken() . '"';
}
} elseif ($this->getClientLoginToken() != null) {
$headers['authorization'] = 'GoogleLogin auth=' . $this->getClientLoginToken();
}
return array('method' => $method, 'url' => $url, 'body' => $body, 'headers' => $headers, 'contentType' => $contentType);
}
/**
* _srand() interception
*
* @see ZF-8742
*/
protected function _srand()
{
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
return;
}
if (!self::$_srandCalled) {
srand(Zend_Crypt_Math::randInteger(0, PHP_INT_MAX));
self::$_srandCalled = true;
}
}
/**
* Produces string of random byte of given length.
*
* @param integer $len length of requested string
* @return string RAW random binary string
*/
public static function randomBytes($len)
{
return (string) Zend_Crypt_Math::randBytes($len);
}
/**
* Creates a LDAP password.
*
* @param string $password
* @param string $hashType
* @return string
*/
public static function createPassword($password, $hashType = self::PASSWORD_HASH_MD5)
{
switch ($hashType) {
case self::PASSWORD_UNICODEPWD:
/* see:
* http://msdn.microsoft.com/en-us/library/cc223248(PROT.10).aspx
*/
$password = '******' . $password . '"';
if (function_exists('mb_convert_encoding')) {
$password = mb_convert_encoding($password, 'UTF-16LE', 'UTF-8');
} else {
if (function_exists('iconv')) {
$password = iconv('UTF-8', 'UTF-16LE', $password);
} else {
$len = strlen($password);
$new = '';
for ($i = 0; $i < $len; $i++) {
$new .= $password[$i] . "";
}
$password = $new;
}
}
return $password;
case self::PASSWORD_HASH_SSHA:
$salt = Zend_Crypt_Math::randBytes(4);
$rawHash = sha1($password . $salt, true) . $salt;
$method = '{SSHA}';
break;
case self::PASSWORD_HASH_SHA:
$rawHash = sha1($password, true);
$method = '{SHA}';
break;
case self::PASSWORD_HASH_SMD5:
$salt = Zend_Crypt_Math::randBytes(4);
$rawHash = md5($password . $salt, true) . $salt;
$method = '{SMD5}';
break;
case self::PASSWORD_HASH_MD5:
default:
$rawHash = md5($password, true);
$method = '{MD5}';
break;
}
return $method . base64_encode($rawHash);
}
protected function _generateRandomId()
{
return md5(Zend_Crypt_Math::randBytes(32));
}
