pax_global_header00006660000000000000000000000064131630153270014513gustar00rootroot0000000000000052 comment=5da4d3c796c275c55f057af5a643ae297d96b4d8 random_compat-2.0.11/000077500000000000000000000000001316301532700144175ustar00rootroot00000000000000random_compat-2.0.11/LICENSE000066400000000000000000000021121316301532700154200ustar00rootroot00000000000000The MIT License (MIT) Copyright (c) 2015 Paragon Initiative Enterprises Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. random_compat-2.0.11/build-phar.sh000077500000000000000000000002061316301532700170030ustar00rootroot00000000000000#!/usr/bin/env bash basedir=$( dirname $( readlink -f ${BASH_SOURCE[0]} ) ) php -dphar.readonly=0 "$basedir/other/build_phar.php" $*random_compat-2.0.11/composer.json000066400000000000000000000016011316301532700171370ustar00rootroot00000000000000{ "name": "paragonie/random_compat", "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", "keywords": [ "csprng", "random", "pseudorandom" ], "license": "MIT", "type": "library", "authors": [ { "name": "Paragon Initiative Enterprises", "email": "security@paragonie.com", "homepage": "https://paragonie.com" } ], "support": { "issues": "https://github.com/paragonie/random_compat/issues", "email": "info@paragonie.com", "source": "https://github.com/paragonie/random_compat" }, "require": { "php": ">=5.2.0" }, "require-dev": { "phpunit/phpunit": "4.*|5.*" }, "suggest": { "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." }, "autoload": { "files": [ "lib/random.php" ] } } random_compat-2.0.11/dist/000077500000000000000000000000001316301532700153625ustar00rootroot00000000000000random_compat-2.0.11/dist/random_compat.phar.pubkey000066400000000000000000000003271316301532700223610ustar00rootroot00000000000000-----BEGIN PUBLIC KEY----- MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEEd+wCqJDrx5B4OldM0dQE0ZMX+lx1ZWm pui0SUqD4G29L3NGsz9UhJ/0HjBdbnkhIK5xviT0X5vtjacF6ajgcCArbTB+ds+p +h7Q084NuSuIpNb6YPfoUFgC/CL9kAoc -----END PUBLIC KEY----- random_compat-2.0.11/dist/random_compat.phar.pubkey.asc000066400000000000000000000007501316301532700231260ustar00rootroot00000000000000-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAABAgAGBQJWtW1hAAoJEGuXocKCZATaJf0H+wbZGgskK1dcRTsuVJl9IWip QwGw/qIKI280SD6/ckoUMxKDCJiFuPR14zmqnS36k7N5UNPnpdTJTS8T11jttSpg 1LCmgpbEIpgaTah+cELDqFCav99fS+bEiAL5lWDAHBTE/XPjGVCqeehyPYref4IW NDBIEsvnHPHPLsn6X5jq4+Yj5oUixgxaMPiR+bcO4Sh+RzOVB6i2D0upWfRXBFXA NNnsg9/zjvoC7ZW73y9uSH+dPJTt/Vgfeiv52/v41XliyzbUyLalf02GNPY+9goV JHG1ulEEBJOCiUD9cE1PUIJwHA/HqyhHIvV350YoEFiHl8iSwm7SiZu5kPjaq74= =B6+8 -----END PGP SIGNATURE----- random_compat-2.0.11/lib/000077500000000000000000000000001316301532700151655ustar00rootroot00000000000000random_compat-2.0.11/lib/byte_safe_strings.php000066400000000000000000000135251316301532700214160ustar00rootroot00000000000000 RandomCompat_strlen($binary_string)) { return ''; } return (string) mb_substr($binary_string, $start, $length, '8bit'); } } else { /** * substr() implementation that isn't brittle to mbstring.func_overload * * This version just uses the default substr() * * @param string $binary_string * @param int $start * @param int $length (optional) * * @throws TypeError * * @return string */ function RandomCompat_substr($binary_string, $start, $length = null) { if (!is_string($binary_string)) { throw new TypeError( 'RandomCompat_substr(): First argument should be a string' ); } if (!is_int($start)) { throw new TypeError( 'RandomCompat_substr(): Second argument should be an integer' ); } if ($length !== null) { if (!is_int($length)) { throw new TypeError( 'RandomCompat_substr(): Third argument should be an integer, or omitted' ); } return (string) substr($binary_string, $start, $length); } return (string) substr($binary_string, $start); } } } random_compat-2.0.11/lib/cast_to_int.php000066400000000000000000000051061316301532700202060ustar00rootroot00000000000000 operators might accidentally let a float * through. * * @param int|float $number The number we want to convert to an int * @param bool $fail_open Set to true to not throw an exception * * @return float|int * @psalm-suppress InvalidReturnType * * @throws TypeError */ function RandomCompat_intval($number, $fail_open = false) { if (is_int($number) || is_float($number)) { $number += 0; } elseif (is_numeric($number)) { $number += 0; } if ( is_float($number) && $number > ~PHP_INT_MAX && $number < PHP_INT_MAX ) { $number = (int) $number; } if (is_int($number)) { return (int) $number; } elseif (!$fail_open) { throw new TypeError( 'Expected an integer.' ); } return $number; } } random_compat-2.0.11/lib/error_polyfill.php000066400000000000000000000032411316301532700207410ustar00rootroot00000000000000= 70000) { return; } if (!defined('RANDOM_COMPAT_READ_BUFFER')) { define('RANDOM_COMPAT_READ_BUFFER', 8); } $RandomCompatDIR = dirname(__FILE__); require_once $RandomCompatDIR . '/byte_safe_strings.php'; require_once $RandomCompatDIR . '/cast_to_int.php'; require_once $RandomCompatDIR . '/error_polyfill.php'; if (!is_callable('random_bytes')) { /** * PHP 5.2.0 - 5.6.x way to implement random_bytes() * * We use conditional statements here to define the function in accordance * to the operating environment. It's a micro-optimization. * * In order of preference: * 1. Use libsodium if available. * 2. fread() /dev/urandom if available (never on Windows) * 3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM) * 4. COM('CAPICOM.Utilities.1')->GetRandom() * * See RATIONALE.md for our reasoning behind this particular order */ if (extension_loaded('libsodium')) { // See random_bytes_libsodium.php if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) { require_once $RandomCompatDIR . '/random_bytes_libsodium.php'; } elseif (method_exists('Sodium', 'randombytes_buf')) { require_once $RandomCompatDIR . '/random_bytes_libsodium_legacy.php'; } } /** * Reading directly from /dev/urandom: */ if (DIRECTORY_SEPARATOR === '/') { // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast // way to exclude Windows. $RandomCompatUrandom = true; $RandomCompat_basedir = ini_get('open_basedir'); if (!empty($RandomCompat_basedir)) { $RandomCompat_open_basedir = explode( PATH_SEPARATOR, strtolower($RandomCompat_basedir) ); $RandomCompatUrandom = (array() !== array_intersect( array('/dev', '/dev/', '/dev/urandom'), $RandomCompat_open_basedir )); $RandomCompat_open_basedir = null; } if ( !is_callable('random_bytes') && $RandomCompatUrandom && @is_readable('/dev/urandom') ) { // Error suppression on is_readable() in case of an open_basedir // or safe_mode failure. All we care about is whether or not we // can read it at this point. If the PHP environment is going to // panic over trying to see if the file can be read in the first // place, that is not helpful to us here. // See random_bytes_dev_urandom.php require_once $RandomCompatDIR . '/random_bytes_dev_urandom.php'; } // Unset variables after use $RandomCompat_basedir = null; } else { $RandomCompatUrandom = false; } /** * mcrypt_create_iv() * * We only want to use mcypt_create_iv() if: * * - random_bytes() hasn't already been defined * - the mcrypt extensions is loaded * - One of these two conditions is true: * - We're on Windows (DIRECTORY_SEPARATOR !== '/') * - We're not on Windows and /dev/urandom is readabale * (i.e. we're not in a chroot jail) * - Special case: * - If we're not on Windows, but the PHP version is between * 5.6.10 and 5.6.12, we don't want to use mcrypt. It will * hang indefinitely. This is bad. * - If we're on Windows, we want to use PHP >= 5.3.7 or else * we get insufficient entropy errors. */ if ( !is_callable('random_bytes') && // Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be. (DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307) && // Prevent this code from hanging indefinitely on non-Windows; // see https://bugs.php.net/bug.php?id=69833 ( DIRECTORY_SEPARATOR !== '/' || (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613) ) && extension_loaded('mcrypt') ) { // See random_bytes_mcrypt.php require_once $RandomCompatDIR . '/random_bytes_mcrypt.php'; } $RandomCompatUrandom = null; /** * This is a Windows-specific fallback, for when the mcrypt extension * isn't loaded. */ if ( !is_callable('random_bytes') && extension_loaded('com_dotnet') && class_exists('COM') ) { $RandomCompat_disabled_classes = preg_split( '#\s*,\s*#', strtolower(ini_get('disable_classes')) ); if (!in_array('com', $RandomCompat_disabled_classes)) { try { $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1'); if (method_exists($RandomCompatCOMtest, 'GetRandom')) { // See random_bytes_com_dotnet.php require_once $RandomCompatDIR . '/random_bytes_com_dotnet.php'; } } catch (com_exception $e) { // Don't try to use it. } } $RandomCompat_disabled_classes = null; $RandomCompatCOMtest = null; } /** * throw new Exception */ if (!is_callable('random_bytes')) { /** * We don't have any more options, so let's throw an exception right now * and hope the developer won't let it fail silently. * * @param mixed $length * @return void * @throws Exception */ function random_bytes($length) { unset($length); // Suppress "variable not used" warnings. throw new Exception( 'There is no suitable CSPRNG installed on your system' ); } } } if (!is_callable('random_int')) { require_once $RandomCompatDIR . '/random_int.php'; } $RandomCompatDIR = null; random_compat-2.0.11/lib/random_bytes_com_dotnet.php000066400000000000000000000055271316301532700226100ustar00rootroot00000000000000GetRandom($bytes, 0)); if (RandomCompat_strlen($buf) >= $bytes) { /** * Return our random entropy buffer here: */ return RandomCompat_substr($buf, 0, $bytes); } ++$execCount; } while ($execCount < $bytes); /** * If we reach here, PHP has failed us. */ throw new Exception( 'Could not gather sufficient random data' ); } }random_compat-2.0.11/lib/random_bytes_dev_urandom.php000066400000000000000000000125001316301532700227450ustar00rootroot00000000000000 0); /** * Is our result valid? */ if (is_string($buf)) { if (RandomCompat_strlen($buf) === $bytes) { /** * Return our random entropy buffer here: */ return $buf; } } } /** * If we reach here, PHP has failed us. */ throw new Exception( 'Error reading from source device' ); } } random_compat-2.0.11/lib/random_bytes_libsodium.php000066400000000000000000000054241316301532700224400ustar00rootroot00000000000000 2147483647) { $buf = ''; for ($i = 0; $i < $bytes; $i += 1073741824) { $n = ($bytes - $i) > 1073741824 ? 1073741824 : $bytes - $i; $buf .= \Sodium\randombytes_buf($n); } } else { $buf = \Sodium\randombytes_buf($bytes); } if ($buf !== false) { if (RandomCompat_strlen($buf) === $bytes) { return $buf; } } /** * If we reach here, PHP has failed us. */ throw new Exception( 'Could not gather sufficient random data' ); } } random_compat-2.0.11/lib/random_bytes_libsodium_legacy.php000066400000000000000000000055161316301532700237660ustar00rootroot00000000000000 2147483647) { for ($i = 0; $i < $bytes; $i += 1073741824) { $n = ($bytes - $i) > 1073741824 ? 1073741824 : $bytes - $i; $buf .= Sodium::randombytes_buf((int) $n); } } else { $buf .= Sodium::randombytes_buf((int) $bytes); } if (is_string($buf)) { if (RandomCompat_strlen($buf) === $bytes) { return $buf; } } /** * If we reach here, PHP has failed us. */ throw new Exception( 'Could not gather sufficient random data' ); } } random_compat-2.0.11/lib/random_bytes_mcrypt.php000066400000000000000000000047311316301532700217670ustar00rootroot00000000000000 operators might accidentally let a float * through. */ try { $min = RandomCompat_intval($min); } catch (TypeError $ex) { throw new TypeError( 'random_int(): $min must be an integer' ); } try { $max = RandomCompat_intval($max); } catch (TypeError $ex) { throw new TypeError( 'random_int(): $max must be an integer' ); } /** * Now that we've verified our weak typing system has given us an integer, * let's validate the logic then we can move forward with generating random * integers along a given range. */ if ($min > $max) { throw new Error( 'Minimum value must be less than or equal to the maximum value' ); } if ($max === $min) { return (int) $min; } /** * Initialize variables to 0 * * We want to store: * $bytes => the number of random bytes we need * $mask => an integer bitmask (for use with the &) operator * so we can minimize the number of discards */ $attempts = $bits = $bytes = $mask = $valueShift = 0; /** * At this point, $range is a positive number greater than 0. It might * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to * a float and we will lose some precision. */ $range = $max - $min; /** * Test for integer overflow: */ if (!is_int($range)) { /** * Still safely calculate wider ranges. * Provided by @CodesInChaos, @oittaa * * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435 * * We use ~0 as a mask in this case because it generates all 1s * * @ref https://eval.in/400356 (32-bit) * @ref http://3v4l.org/XX9r5 (64-bit) */ $bytes = PHP_INT_SIZE; $mask = ~0; } else { /** * $bits is effectively ceil(log($range, 2)) without dealing with * type juggling */ while ($range > 0) { if ($bits % 8 === 0) { ++$bytes; } ++$bits; $range >>= 1; $mask = $mask << 1 | 1; } $valueShift = $min; } $val = 0; /** * Now that we have our parameters set up, let's begin generating * random integers until one falls between $min and $max */ do { /** * The rejection probability is at most 0.5, so this corresponds * to a failure probability of 2^-128 for a working RNG */ if ($attempts > 128) { throw new Exception( 'random_int: RNG is broken - too many rejections' ); } /** * Let's grab the necessary number of random bytes */ $randomByteString = random_bytes($bytes); /** * Let's turn $randomByteString into an integer * * This uses bitwise operators (<< and |) to build an integer * out of the values extracted from ord() * * Example: [9F] | [6D] | [32] | [0C] => * 159 + 27904 + 3276800 + 201326592 => * 204631455 */ $val &= 0; for ($i = 0; $i < $bytes; ++$i) { $val |= ord($randomByteString[$i]) << ($i * 8); } /** * Apply mask */ $val &= $mask; $val += $valueShift; ++$attempts; /** * If $val overflows to a floating point number, * ... or is larger than $max, * ... or smaller than $min, * then try again. */ } while (!is_int($val) || $val > $max || $val < $min); return (int) $val; } } random_compat-2.0.11/other/000077500000000000000000000000001316301532700155405ustar00rootroot00000000000000random_compat-2.0.11/other/build_phar.php000066400000000000000000000031411316301532700203610ustar00rootroot00000000000000buildFromDirectory(dirname(__DIR__).'/lib'); rename( dirname(__DIR__).'/lib/index.php', dirname(__DIR__).'/lib/random.php' ); /** * If we pass an (optional) path to a private key as a second argument, we will * sign the Phar with OpenSSL. * * If you leave this out, it will produce an unsigned .phar! */ if ($argc > 1) { if (!@is_readable($argv[1])) { echo 'Could not read the private key file:', $argv[1], "\n"; exit(255); } $pkeyFile = file_get_contents($argv[1]); $private = openssl_get_privatekey($pkeyFile); if ($private !== false) { $pkey = ''; openssl_pkey_export($private, $pkey); $phar->setSignatureAlgorithm(Phar::OPENSSL, $pkey); /** * Save the corresponding public key to the file */ if (!@is_readable($dist.'/random_compat.phar.pubkey')) { $details = openssl_pkey_get_details($private); file_put_contents( $dist.'/random_compat.phar.pubkey', $details['key'] ); } } else { echo 'An error occurred reading the private key from OpenSSL.', "\n"; exit(255); } } random_compat-2.0.11/psalm-autoload.php000066400000000000000000000003471316301532700200560ustar00rootroot00000000000000