PHP 5.x support for random_bytes() and random_int()
lib/error_polyfill.php
to resolve corner cases.Added a consistency check (discovered by Taylor Hornby in his PHP encryption library). It wasn't likely causing any trouble for us.
Update comment in random.php
Update comment in random.php
Due to downstream errors, the OpenSSL removal now belongs in version 2.0.0.
Restored OpenSSL in the version 1 branch in preparation to remove OpenSSL in version 2.
open_baseir
check. Thanks @narfbgopen_baseir
check. Thanks @narfbgRemoved openssl_random_pseudo_bytes()
entirely. If you are using random_compat in PHP on a Unix-like OS but cannot access /dev/urandom
, version 1.3+ will throw an Exception
. If you want to trust OpenSSL, feel free to write your own fallback code. e.g.
try {
$bytes = random_bytes(32);
} catch (Exception $ex) {
$strong = false;
$bytes = openssl_random_pseudo_bytes(32, $strong);
if (!$strong) {
throw $ex;
}
}
/dev/urandom
is not
accessible to PHP, skip mcrypt (which just fails before giving OpenSSL
a chance and was morally equivalent to not offering OpenSSL at all).