Merge pull request #109 from geekwright/repair-random

Revert workarounds added if random_bytes is not available

Author: geekwright

src/Random.php

@@ -17,7 +17,7 @@
  * @category  Xmf\Random
  * @package   Xmf
  * @author    Richard Griffith <richard@geekwright.com>
- * @copyright 2015-2018 XOOPS Project (https://xoops.org)
+ * @copyright 2015-2023 XOOPS Project (https://xoops.org)
  * @license   GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html)
  * @link      https://xoops.org
  */
@@ -37,29 +37,7 @@ class Random
      */
     public static function generateOneTimeToken($hash = 'sha512', $bytes = 64)
     {
-        if (function_exists('random_bytes')) {
-            $randomData = random_bytes($bytes);
-        } elseif (function_exists('openssl_random_pseudo_bytes')) {
-            $crypto_strong = false;
-            $randomData = openssl_random_pseudo_bytes($bytes, $crypto_strong);
-
-            if ($randomData === false) {
-                throw new Exception("Could not generate secure random bytes.");
-            }
-
-            if (!$crypto_strong) {
-                throw new Exception("Non-cryptographically strong algorithm used for random bytes.");
-            }
-        } else {
-            $randomData = md5(uniqid(mt_rand(), true));
-        }
-
-        if ($randomData === null) {
-            throw new Exception("Failed to generate random data.");
-        }
-
-        $token = hash($hash, $randomData);
-
+        $token = hash($hash, random_bytes($bytes));
         return $token;
     }
 
@@ -77,28 +55,7 @@ public static function generateOneTimeToken($hash = 'sha512', $bytes = 64)
      */
     public static function generateKey($hash = 'sha512', $bytes = 128)
     {
-        if (function_exists('random_bytes')) {
-            $randomData = random_bytes($bytes);
-        } elseif (function_exists('openssl_random_pseudo_bytes')) {
-            $crypto_strong = false;
-            $randomData = openssl_random_pseudo_bytes($bytes, $crypto_strong);
-
-            if ($randomData === false) {
-                throw new Exception("Could not generate secure random bytes.");
-            }
-
-            if (!$crypto_strong) {
-                throw new Exception("Non-cryptographically strong algorithm used for random bytes.");
-            }
-        } else {
-            $randomData = md5(uniqid(mt_rand(), true));
-        }
-
-        if ($randomData === null) {
-            throw new Exception("Failed to generate random data.");
-        }
-
-        $token = hash($hash, $randomData);
+        $token = hash($hash, random_bytes($bytes));
         return $token;
     }
 }

src/Ulid.php

@@ -30,7 +30,7 @@ class Ulid
      *
      * @return string The generated ULID.
      */
-    public static function generate(bool $upperCase = true): string
+    public static function generate($upperCase = true)
     {
         $time = self::microtimeToUlidTime(\microtime(true));
         $timeChars = self::encodeTime($time);
@@ -47,7 +47,7 @@ public static function generate(bool $upperCase = true): string
      *
      * @return string
      */
-    public static function encodeTime(int $time): string
+    public static function encodeTime($time)
     {
         $encodingCharsArray = str_split(self::ENCODING_CHARS);
         $timeChars = '';
@@ -59,7 +59,7 @@ public static function encodeTime(int $time): string
         return $timeChars;
     }
 
-    public static function encodeRandomness(): string
+    public static function encodeRandomness()
     {
         $encodingCharsArray = str_split(self::ENCODING_CHARS);
         $randomBytes = \random_bytes(10); // 80 bits
@@ -86,7 +86,7 @@ public static function encodeRandomness(): string
      *
      * @return array
      */
-    public static function decode(string $ulid): array
+    public static function decode($ulid)
     {
         if (!self::isValid($ulid)) {
             throw new \InvalidArgumentException('Invalid ULID string');
@@ -106,7 +106,7 @@ public static function decode(string $ulid): array
      *
      * @return int
      */
-    public static function decodeTime(string $ulid): int
+    public static function decodeTime($ulid)
     {
 //        $encodingCharsArray = str_split(self::ENCODING_CHARS);
 
@@ -131,7 +131,7 @@ public static function decodeTime(string $ulid): int
      *
      * @return int
      */
-    public static function decodeRandomness(string $ulid): int
+    public static function decodeRandomness($ulid)
     {
         if (26 !== strlen($ulid)) {
             throw new \InvalidArgumentException('Invalid ULID length');  // Changed line
@@ -158,7 +158,7 @@ public static function decodeRandomness(string $ulid): int
      *
      * @return bool
      */
-    public static function isValid(string $ulid): bool
+    public static function isValid($ulid)
     {
         // Check the length of the ULID string before throwing an exception.
         if (26 !== strlen($ulid)) {
@@ -180,14 +180,11 @@ public static function isValid(string $ulid): bool
      *
      * @return int
      */
-    public static function microtimeToUlidTime(float $microtime): int
+    public static function microtimeToUlidTime($microtime)
     {
         $timestamp = $microtime * 1000000;
         $unixEpoch = 946684800000000; // Microseconds since the Unix epoch.
 
         return (int)($timestamp - $unixEpoch);
     }
 }
-
-
-