Skip to content

Commit e74f05e

Browse files
committed
Corrections about random bytes generation, dealing with some PHP versions.
1 parent 43cbe89 commit e74f05e

File tree

1 file changed

+23
-5
lines changed

1 file changed

+23
-5
lines changed

GibberishAES.php

Lines changed: 23 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,11 @@
1212
*
1313
* OpenSSL functions installed and PHP version >= 5.3.3 (preferred case)
1414
* or
15-
* Mcrypt functions installed.
15+
* Mcrypt functions installed.
1616
*
1717
* If none of these functions exist, the class will try to use openssl
1818
* from the command line (avoid this case).
19-
*
19+
*
2020
* Usage:
2121
*
2222
* // This is a secret key, keep it in a safe place and don't loose it.
@@ -42,11 +42,11 @@
4242
* $decrypted_string = GibberishAES::dec($encrypted_string, $key);
4343
* GibberishAES::size($old_key_size);
4444
* echo $decrypted_string;
45-
*
45+
*
4646
* @author Ivan Tcholakov <ivantcholakov@gmail.com>, 2012-2014.
4747
* Code repository: @link https://github.com/ivantcholakov/gibberish-aes-php
4848
*
49-
* @version 1.1
49+
* @version 1.1.1
5050
*
5151
* @license The MIT License (MIT)
5252
* @link http://opensource.org/licenses/MIT
@@ -58,6 +58,7 @@ class GibberishAES {
5858
protected static $valid_key_sizes = array(128, 192, 256); // Sizes in bits
5959

6060
protected static $openssl_random_pseudo_bytes_exists = null;
61+
protected static $mcrypt_dev_urandom_exists = null;
6162
protected static $openssl_encrypt_exists = null;
6263
protected static $openssl_decrypt_exists = null;
6364
protected static $mcrypt_exists = null;
@@ -200,13 +201,30 @@ public static function size($newsize = null) {
200201
protected static function random_pseudo_bytes($length) {
201202

202203
if (!isset(self::$openssl_random_pseudo_bytes_exists)) {
203-
self::$openssl_random_pseudo_bytes_exists = function_exists('openssl_random_pseudo_bytes');
204+
205+
self::$openssl_random_pseudo_bytes_exists = function_exists('openssl_random_pseudo_bytes') &&
206+
(version_compare(PHP_VERSION, '5.3.4') >= 0 || substr(PHP_OS, 0, 3) !== 'WIN');
204207
}
205208

206209
if (self::$openssl_random_pseudo_bytes_exists) {
207210
return openssl_random_pseudo_bytes($length);
208211
}
209212

213+
if (!isset(self::$mcrypt_dev_urandom_exists)) {
214+
215+
self::$mcrypt_dev_urandom_exists = function_exists('mcrypt_create_iv') &&
216+
(version_compare(PHP_VERSION, '5.3.7') >= 0 || substr(PHP_OS, 0, 3) !== 'WIN');
217+
}
218+
219+
if (self::$mcrypt_dev_urandom_exists) {
220+
221+
$rnd = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
222+
223+
if ($rnd !== false) {
224+
return $rnd;
225+
}
226+
}
227+
210228
// Borrowed from http://phpseclib.com/
211229

212230
$rnd = '';

0 commit comments

Comments
 (0)