From 260f1225dfdb10412578d22f43e24a0e66f435b7 Mon Sep 17 00:00:00 2001 From: Steve Hulet Date: Fri, 10 Mar 2017 22:56:02 -0800 Subject: [PATCH] backport 1788eb2 "Add redundant checks to shut linters up." --- lib/random_bytes_com_dotnet.php | 100 +++++++------- lib/random_bytes_dev_urandom.php | 190 +++++++++++++------------- lib/random_bytes_libsodium.php | 104 +++++++------- lib/random_bytes_libsodium_legacy.php | 104 +++++++------- lib/random_bytes_mcrypt.php | 83 +++++------ lib/random_bytes_openssl.php | 102 +++++++------- 6 files changed, 347 insertions(+), 336 deletions(-) diff --git a/lib/random_bytes_com_dotnet.php b/lib/random_bytes_com_dotnet.php index 3422825..828b337 100644 --- a/lib/random_bytes_com_dotnet.php +++ b/lib/random_bytes_com_dotnet.php @@ -26,56 +26,58 @@ * SOFTWARE. */ -/** - * Windows with PHP < 5.3.0 will not have the function - * openssl_random_pseudo_bytes() available, so let's use - * CAPICOM to work around this deficiency. - * - * @param int $bytes - * - * @throws Exception - * - * @return string - */ -function random_bytes($bytes) -{ - try { - $bytes = RandomCompat_intval($bytes); - } catch (TypeError $ex) { - throw new TypeError( - 'random_bytes(): $bytes must be an integer' - ); - } - - if ($bytes < 1) { - throw new Error( - 'Length must be greater than 0' - ); - } - - $buf = ''; - $util = new COM('CAPICOM.Utilities.1'); - $execCount = 0; - +if (!is_callable('random_bytes')) { /** - * Let's not let it loop forever. If we run N times and fail to - * get N bytes of random data, then CAPICOM has failed us. + * Windows with PHP < 5.3.0 will not have the function + * openssl_random_pseudo_bytes() available, so let's use + * CAPICOM to work around this deficiency. + * + * @param int $bytes + * + * @throws Exception + * + * @return string */ - do { - $buf .= base64_decode($util->GetRandom($bytes, 0)); - if (RandomCompat_strlen($buf) >= $bytes) { - /** - * Return our random entropy buffer here: - */ - return RandomCompat_substr($buf, 0, $bytes); + function random_bytes($bytes) + { + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); } - ++$execCount; - } while ($execCount < $bytes); - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); -} + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); + } + + $buf = ''; + $util = new COM('CAPICOM.Utilities.1'); + $execCount = 0; + + /** + * Let's not let it loop forever. If we run N times and fail to + * get N bytes of random data, then CAPICOM has failed us. + */ + do { + $buf .= base64_decode($util->GetRandom($bytes, 0)); + if (RandomCompat_strlen($buf) >= $bytes) { + /** + * Return our random entropy buffer here: + */ + return RandomCompat_substr($buf, 0, $bytes); + } + ++$execCount; + } while ($execCount < $bytes); + + /** + * If we reach here, PHP has failed us. + */ + throw new Exception( + 'Could not gather sufficient random data' + ); + } +} \ No newline at end of file diff --git a/lib/random_bytes_dev_urandom.php b/lib/random_bytes_dev_urandom.php index db93b07..8bf7034 100644 --- a/lib/random_bytes_dev_urandom.php +++ b/lib/random_bytes_dev_urandom.php @@ -30,119 +30,121 @@ define('RANDOM_COMPAT_READ_BUFFER', 8); } -/** - * Unless open_basedir is enabled, use /dev/urandom for - * random numbers in accordance with best practices - * - * Why we use /dev/urandom and not /dev/random - * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers - * - * @param int $bytes - * - * @throws Exception - * - * @return string - */ -function random_bytes($bytes) -{ - static $fp = null; +if (!is_callable('random_bytes')) { /** - * This block should only be run once + * Unless open_basedir is enabled, use /dev/urandom for + * random numbers in accordance with best practices + * + * Why we use /dev/urandom and not /dev/random + * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers + * + * @param int $bytes + * + * @throws Exception + * + * @return string */ - if (empty($fp)) { + function random_bytes($bytes) + { + static $fp = null; /** - * We use /dev/urandom if it is a char device. - * We never fall back to /dev/random + * This block should only be run once */ - $fp = fopen('/dev/urandom', 'rb'); - if (!empty($fp)) { - $st = fstat($fp); - if (($st['mode'] & 0170000) !== 020000) { - fclose($fp); - $fp = false; - } - } - - if (!empty($fp)) { + if (empty($fp)) { /** - * stream_set_read_buffer() does not exist in HHVM - * - * If we don't set the stream's read buffer to 0, PHP will - * internally buffer 8192 bytes, which can waste entropy - * - * stream_set_read_buffer returns 0 on success + * We use /dev/urandom if it is a char device. + * We never fall back to /dev/random */ - if (function_exists('stream_set_read_buffer')) { - stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); + $fp = fopen('/dev/urandom', 'rb'); + if (!empty($fp)) { + $st = fstat($fp); + if (($st['mode'] & 0170000) !== 020000) { + fclose($fp); + $fp = false; + } } - if (function_exists('stream_set_chunk_size')) { - stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); + + if (!empty($fp)) { + /** + * stream_set_read_buffer() does not exist in HHVM + * + * If we don't set the stream's read buffer to 0, PHP will + * internally buffer 8192 bytes, which can waste entropy + * + * stream_set_read_buffer returns 0 on success + */ + if (function_exists('stream_set_read_buffer')) { + stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER); + } + if (function_exists('stream_set_chunk_size')) { + stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER); + } } } - } - - try { - $bytes = RandomCompat_intval($bytes); - } catch (TypeError $ex) { - throw new TypeError( - 'random_bytes(): $bytes must be an integer' - ); - } - if ($bytes < 1) { - throw new Error( - 'Length must be greater than 0' - ); - } + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); + } - /** - * This if() block only runs if we managed to open a file handle - * - * It does not belong in an else {} block, because the above - * if (empty($fp)) line is logic that should only be run once per - * page load. - */ - if (!empty($fp)) { - $remaining = $bytes; - $buf = ''; + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); + } /** - * We use fread() in a loop to protect against partial reads + * This if() block only runs if we managed to open a file handle + * + * It does not belong in an else {} block, because the above + * if (empty($fp)) line is logic that should only be run once per + * page load. */ - do { - $read = fread($fp, $remaining); - if ($read === false) { - /** - * We cannot safely read from the file. Exit the - * do-while loop and trigger the exception condition - */ - $buf = false; - break; - } + if (!empty($fp)) { + $remaining = $bytes; + $buf = ''; + /** - * Decrease the number of bytes returned from remaining + * We use fread() in a loop to protect against partial reads */ - $remaining -= RandomCompat_strlen($read); - $buf .= $read; - } while ($remaining > 0); - - /** - * Is our result valid? - */ - if ($buf !== false) { - if (RandomCompat_strlen($buf) === $bytes) { + do { + $read = fread($fp, $remaining); + if ($read === false) { + /** + * We cannot safely read from the file. Exit the + * do-while loop and trigger the exception condition + */ + $buf = false; + break; + } /** - * Return our random entropy buffer here: + * Decrease the number of bytes returned from remaining */ - return $buf; + $remaining -= RandomCompat_strlen($read); + $buf .= $read; + } while ($remaining > 0); + + /** + * Is our result valid? + */ + if ($buf !== false) { + if (RandomCompat_strlen($buf) === $bytes) { + /** + * Return our random entropy buffer here: + */ + return $buf; + } } } - } - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Error reading from source device' - ); + /** + * If we reach here, PHP has failed us. + */ + throw new Exception( + 'Error reading from source device' + ); + } } diff --git a/lib/random_bytes_libsodium.php b/lib/random_bytes_libsodium.php index f802d4e..7b7e0aa 100644 --- a/lib/random_bytes_libsodium.php +++ b/lib/random_bytes_libsodium.php @@ -26,61 +26,63 @@ * SOFTWARE. */ -/** - * If the libsodium PHP extension is loaded, we'll use it above any other - * solution. - * - * libsodium-php project: - * @ref https://github.com/jedisct1/libsodium-php - * - * @param int $bytes - * - * @throws Exception - * - * @return string - */ -function random_bytes($bytes) -{ - try { - $bytes = RandomCompat_intval($bytes); - } catch (TypeError $ex) { - throw new TypeError( - 'random_bytes(): $bytes must be an integer' - ); - } - - if ($bytes < 1) { - throw new Error( - 'Length must be greater than 0' - ); - } - +if (!is_callable('random_bytes')) { /** - * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be - * generated in one invocation. + * If the libsodium PHP extension is loaded, we'll use it above any other + * solution. + * + * libsodium-php project: + * @ref https://github.com/jedisct1/libsodium-php + * + * @param int $bytes + * + * @throws Exception + * + * @return string */ - if ($bytes > 2147483647) { - $buf = ''; - for ($i = 0; $i < $bytes; $i += 1073741824) { - $n = ($bytes - $i) > 1073741824 - ? 1073741824 - : $bytes - $i; - $buf .= \Sodium\randombytes_buf($n); + function random_bytes($bytes) + { + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); } - } else { - $buf = \Sodium\randombytes_buf($bytes); - } - if ($buf !== false) { - if (RandomCompat_strlen($buf) === $bytes) { - return $buf; + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); } - } - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); + /** + * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be + * generated in one invocation. + */ + if ($bytes > 2147483647) { + $buf = ''; + for ($i = 0; $i < $bytes; $i += 1073741824) { + $n = ($bytes - $i) > 1073741824 + ? 1073741824 + : $bytes - $i; + $buf .= \Sodium\randombytes_buf($n); + } + } else { + $buf = \Sodium\randombytes_buf($bytes); + } + + if ($buf !== false) { + if (RandomCompat_strlen($buf) === $bytes) { + return $buf; + } + } + + /** + * If we reach here, PHP has failed us. + */ + throw new Exception( + 'Could not gather sufficient random data' + ); + } } diff --git a/lib/random_bytes_libsodium_legacy.php b/lib/random_bytes_libsodium_legacy.php index 44fddbf..3aec723 100644 --- a/lib/random_bytes_libsodium_legacy.php +++ b/lib/random_bytes_libsodium_legacy.php @@ -26,61 +26,63 @@ * SOFTWARE. */ -/** - * If the libsodium PHP extension is loaded, we'll use it above any other - * solution. - * - * libsodium-php project: - * @ref https://github.com/jedisct1/libsodium-php - * - * @param int $bytes - * - * @throws Exception - * - * @return string - */ -function random_bytes($bytes) -{ - try { - $bytes = RandomCompat_intval($bytes); - } catch (TypeError $ex) { - throw new TypeError( - 'random_bytes(): $bytes must be an integer' - ); - } - - if ($bytes < 1) { - throw new Error( - 'Length must be greater than 0' - ); - } - +if (!is_callable('random_bytes')) { /** - * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be - * generated in one invocation. + * If the libsodium PHP extension is loaded, we'll use it above any other + * solution. + * + * libsodium-php project: + * @ref https://github.com/jedisct1/libsodium-php + * + * @param int $bytes + * + * @throws Exception + * + * @return string */ - if ($bytes > 2147483647) { - $buf = ''; - for ($i = 0; $i < $bytes; $i += 1073741824) { - $n = ($bytes - $i) > 1073741824 - ? 1073741824 - : $bytes - $i; - $buf .= Sodium::randombytes_buf($n); + function random_bytes($bytes) + { + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); } - } else { - $buf = Sodium::randombytes_buf($bytes); - } - if ($buf !== false) { - if (RandomCompat_strlen($buf) === $bytes) { - return $buf; + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); } - } - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); + /** + * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be + * generated in one invocation. + */ + if ($bytes > 2147483647) { + $buf = ''; + for ($i = 0; $i < $bytes; $i += 1073741824) { + $n = ($bytes - $i) > 1073741824 + ? 1073741824 + : $bytes - $i; + $buf .= Sodium::randombytes_buf($n); + } + } else { + $buf = Sodium::randombytes_buf($bytes); + } + + if ($buf !== false) { + if (RandomCompat_strlen($buf) === $bytes) { + return $buf; + } + } + + /** + * If we reach here, PHP has failed us. + */ + throw new Exception( + 'Could not gather sufficient random data' + ); + } } diff --git a/lib/random_bytes_mcrypt.php b/lib/random_bytes_mcrypt.php index 7ac9d91..00f0e60 100644 --- a/lib/random_bytes_mcrypt.php +++ b/lib/random_bytes_mcrypt.php @@ -26,51 +26,52 @@ * SOFTWARE. */ +if (!is_callable('random_bytes')) { + /** + * Powered by ext/mcrypt (and thankfully NOT libmcrypt) + * + * @ref https://bugs.php.net/bug.php?id=55169 + * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386 + * + * @param int $bytes + * + * @throws Exception + * + * @return string + */ + function random_bytes($bytes) + { + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); + } -/** - * Powered by ext/mcrypt (and thankfully NOT libmcrypt) - * - * @ref https://bugs.php.net/bug.php?id=55169 - * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386 - * - * @param int $bytes - * - * @throws Exception - * - * @return string - */ -function random_bytes($bytes) -{ - try { - $bytes = RandomCompat_intval($bytes); - } catch (TypeError $ex) { - throw new TypeError( - 'random_bytes(): $bytes must be an integer' - ); - } + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); + } - if ($bytes < 1) { - throw new Error( - 'Length must be greater than 0' - ); - } + $buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM); + if ( + $buf !== false + && + RandomCompat_strlen($buf) === $bytes + ) { + /** + * Return our random entropy buffer here: + */ + return $buf; + } - $buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM); - if ( - $buf !== false - && - RandomCompat_strlen($buf) === $bytes - ) { /** - * Return our random entropy buffer here: + * If we reach here, PHP has failed us. */ - return $buf; + throw new Exception( + 'Could not gather sufficient random data' + ); } - - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); } diff --git a/lib/random_bytes_openssl.php b/lib/random_bytes_openssl.php index 62bf770..a871b23 100644 --- a/lib/random_bytes_openssl.php +++ b/lib/random_bytes_openssl.php @@ -26,58 +26,60 @@ * SOFTWARE. */ -/** - * Since openssl_random_pseudo_bytes() uses openssl's - * RAND_pseudo_bytes() API, which has been marked as deprecated by the - * OpenSSL team, this is our last resort before failure. - * - * @ref https://www.openssl.org/docs/crypto/RAND_bytes.html - * - * @param int $bytes - * - * @throws Exception - * - * @return string - */ -function random_bytes($bytes) -{ - try { - $bytes = RandomCompat_intval($bytes); - } catch (TypeError $ex) { - throw new TypeError( - 'random_bytes(): $bytes must be an integer' - ); - } - - if ($bytes < 1) { - throw new Error( - 'Length must be greater than 0' - ); - } - +if (!is_callable('random_bytes')) { /** - * $secure is passed by reference. If it's set to false, fail. Note - * that this will only return false if this function fails to return - * any data. + * Since openssl_random_pseudo_bytes() uses openssl's + * RAND_pseudo_bytes() API, which has been marked as deprecated by the + * OpenSSL team, this is our last resort before failure. + * + * @ref https://www.openssl.org/docs/crypto/RAND_bytes.html + * + * @param int $bytes * - * @ref https://github.com/paragonie/random_compat/issues/6#issuecomment-119564973 + * @throws Exception + * + * @return string */ - $secure = true; - $buf = openssl_random_pseudo_bytes($bytes, $secure); - if ( - $buf !== false - && - $secure - && - RandomCompat_strlen($buf) === $bytes - ) { - return $buf; - } + function random_bytes($bytes) + { + try { + $bytes = RandomCompat_intval($bytes); + } catch (TypeError $ex) { + throw new TypeError( + 'random_bytes(): $bytes must be an integer' + ); + } - /** - * If we reach here, PHP has failed us. - */ - throw new Exception( - 'Could not gather sufficient random data' - ); + if ($bytes < 1) { + throw new Error( + 'Length must be greater than 0' + ); + } + + /** + * $secure is passed by reference. If it's set to false, fail. Note + * that this will only return false if this function fails to return + * any data. + * + * @ref https://github.com/paragonie/random_compat/issues/6#issuecomment-119564973 + */ + $secure = true; + $buf = openssl_random_pseudo_bytes($bytes, $secure); + if ( + $buf !== false + && + $secure + && + RandomCompat_strlen($buf) === $bytes + ) { + return $buf; + } + + /** + * If we reach here, PHP has failed us. + */ + throw new Exception( + 'Could not gather sufficient random data' + ); + } }