From 5a4c489916e8ac386a25c296bdf6a2be96b5ca22 Mon Sep 17 00:00:00 2001 From: epriestley Date: Tue, 2 Oct 2018 10:44:35 -0700 Subject: [PATCH] [Wilds] Use "random_bytes()" if it is available (after PHP7) Summary: Ref T13209. In PHP7 and newer, the function `random_bytes()` gives us simple access to cryptographic randomness across platforms. Prefer it if it's available. Notably, the other sources often aren't available on Windows, and particularly aren't available on a clean/default install with modern software versions. So the major motivation is to make things work better out-of-the-box on Windows. Test Plan: On Windows, saw Filesystem unit tests which call `readRandomBytes()` now pass. Reviewers: amckinley Reviewed By: amckinley Maniphest Tasks: T13209 Differential Revision: https://secure.phabricator.com/D19726 --- src/filesystem/Filesystem.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/filesystem/Filesystem.php b/src/filesystem/Filesystem.php index 492242cc..cdcb22a7 100644 --- a/src/filesystem/Filesystem.php +++ b/src/filesystem/Filesystem.php @@ -421,6 +421,12 @@ final class Filesystem extends Phobject { throw new Exception(pht('You must generate at least 1 byte of entropy.')); } + // Under PHP7, the "random_bytes()" function provides a simpler and more + // portable way to accomplish what the rest of this function accomplishes. + if (function_exists('random_bytes')) { + return random_bytes($number_of_bytes); + } + // Try to use `openssl_random_pseudo_bytes()` if it's available. This source // is the most widely available source, and works on Windows/Linux/OSX/etc. @@ -481,9 +487,8 @@ final class Filesystem extends Phobject { pht( '%s requires the PHP OpenSSL extension to be installed and enabled '. 'to access an entropy source. On Windows, this extension is usually '. - 'installed but not enabled by default. Enable it in your "s".', - __METHOD__.'()', - 'php.ini')); + 'installed but not enabled by default. Enable it in your "php.ini".', + __METHOD__.'()')); } throw new Exception(