Subversion Repositories Applications.annuaire

Rev

Rev 42 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
42 aurelien 1
<?php
2
 
3
/**
4
 * CryptUtil: A suite of wrapper utility functions for the OpenID
5
 * library.
6
 *
7
 * PHP versions 4 and 5
8
 *
9
 * LICENSE: See the COPYING file included in this distribution.
10
 *
11
 * @access private
12
 * @package OpenID
13
 * @author JanRain, Inc. <openid@janrain.com>
14
 * @copyright 2005 Janrain, Inc.
15
 * @license http://www.gnu.org/copyleft/lesser.html LGPL
16
 */
17
 
18
if (!defined('Auth_OpenID_RAND_SOURCE')) {
19
    /**
20
     * The filename for a source of random bytes. Define this yourself
21
     * if you have a different source of randomness.
22
     */
23
    define('Auth_OpenID_RAND_SOURCE', '/dev/urandom');
24
}
25
 
26
class Auth_OpenID_CryptUtil {
27
    /**
28
     * Get the specified number of random bytes.
29
     *
30
     * Attempts to use a cryptographically secure (not predictable)
31
     * source of randomness if available. If there is no high-entropy
32
     * randomness source available, it will fail. As a last resort,
33
     * for non-critical systems, define
34
     * <code>Auth_OpenID_RAND_SOURCE</code> as <code>null</code>, and
35
     * the code will fall back on a pseudo-random number generator.
36
     *
37
     * @param int $num_bytes The length of the return value
38
     * @return string $bytes random bytes
39
     */
40
    function getBytes($num_bytes)
41
    {
42
        static $f = null;
43
        $bytes = '';
44
        if ($f === null) {
45
            if (Auth_OpenID_RAND_SOURCE === null) {
46
                $f = false;
47
            } else {
48
                $f = @fopen(Auth_OpenID_RAND_SOURCE, "r");
49
                if ($f === false) {
50
                    $msg = 'Define Auth_OpenID_RAND_SOURCE as null to ' .
51
                        ' continue with an insecure random number generator.';
52
                    trigger_error($msg, E_USER_ERROR);
53
                }
54
            }
55
        }
56
        if ($f === false) {
57
            // pseudorandom used
58
            $bytes = '';
59
            for ($i = 0; $i < $num_bytes; $i += 4) {
60
                $bytes .= pack('L', mt_rand());
61
            }
62
            $bytes = substr($bytes, 0, $num_bytes);
63
        } else {
64
            $bytes = fread($f, $num_bytes);
65
        }
66
        return $bytes;
67
    }
68
 
69
    /**
70
     * Produce a string of length random bytes, chosen from chrs.  If
71
     * $chrs is null, the resulting string may contain any characters.
72
     *
73
     * @param integer $length The length of the resulting
74
     * randomly-generated string
75
     * @param string $chrs A string of characters from which to choose
76
     * to build the new string
77
     * @return string $result A string of randomly-chosen characters
78
     * from $chrs
79
     */
80
    function randomString($length, $population = null)
81
    {
82
        if ($population === null) {
83
            return Auth_OpenID_CryptUtil::getBytes($length);
84
        }
85
 
86
        $popsize = strlen($population);
87
 
88
        if ($popsize > 256) {
89
            $msg = 'More than 256 characters supplied to ' . __FUNCTION__;
90
            trigger_error($msg, E_USER_ERROR);
91
        }
92
 
93
        $duplicate = 256 % $popsize;
94
 
95
        $str = "";
96
        for ($i = 0; $i < $length; $i++) {
97
            do {
98
                $n = ord(Auth_OpenID_CryptUtil::getBytes(1));
99
            } while ($n < $duplicate);
100
 
101
            $n %= $popsize;
102
            $str .= $population[$n];
103
        }
104
 
105
        return $str;
106
    }
107
}
108
 
109
?>