Annajwaszahro
/
MIF_E31222691
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added better random sources in crypter, seed random number generator on every call.

This commit is contained in:
Taylor Otwell 2012-02-12 19:45:04 -06:00
parent 74887986a7
commit 0438c69648
1 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
laravel/crypter.php
View File

@ -26,7 +26,7 @@ class Crypter {
*/ */
public static function encrypt($value) public static function encrypt($value)
{ {
$iv = mcrypt_create_iv(static::iv_size(), MCRYPT_RAND); $iv = mcrypt_create_iv(static::iv_size(), static::randomizer());
$value = mcrypt_encrypt(static::$cipher, static::key(), $value, static::$mode, $iv); $value = mcrypt_encrypt(static::$cipher, static::key(), $value, static::$mode, $iv);
@ -58,6 +58,35 @@ public static function decrypt($value)
return rtrim(mcrypt_decrypt(static::$cipher, $key, $value, static::$mode, $iv), "\0"); return rtrim(mcrypt_decrypt(static::$cipher, $key, $value, static::$mode, $iv), "\0");
} }
/**
* Get the most secure random number generator for the system.
*
* @return int
*/
protected static function randomizer()
{
// There are various sources from which we can get random numbers
// but some are more random than others. We'll choose the most
// random source we can for this server environment.
if (defined('MCRYPT_DEV_URANDOM'))
{
return MCRYPT_DEV_URANDOM;
}
elseif (defined('MCRYPT_DEV_RANDOM'))
{
return MCRYPT_DEV_RANDOM;
}
// When using the default random number generator, we'll seed
// the generator on each call to ensure the results are as
// random as we can possibly get them.
else
{
mt_srand();
return MCRYPT_RAND;
}
}
/** /**
* Get the input vector size for the cipher and mode. * Get the input vector size for the cipher and mode.
* *