From aa0b378a0397c2f970e80bafb0a2c435c956aaea Mon Sep 17 00:00:00 2001 From: Roel Harbers Date: Fri, 5 Jun 2015 17:46:46 +0200 Subject: [PATCH] use Cryptographically secure mcrypt rng instead of mt_rand, if possible --- PWGen.php | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/PWGen.php b/PWGen.php index 67e5aa4..88d1626 100644 --- a/PWGen.php +++ b/PWGen.php @@ -327,10 +327,25 @@ private function pw_rand() { /** * Generate a random number n, where $min <= n < $max - * Mersenne Twister is used as an algorithm + * mcrypt's RNG is used if the mcrypt extension has been installed. + * Mersenne Twister is used as a cryptographically insecure fallback algorithm. */ public static function my_rand($min=0, $max=0) { - return mt_rand($min, $max); + if ($min > $max) { + return false; + } + if (function_exists('mcrypt_create_iv')) { + $rnd = unpack('L',mcrypt_create_iv(4,MCRYPT_DEV_URANDOM)); + // Because you can't unpack an unsigned long on a 32bit system (or rather, you can, + // but it won't be unsigned), we need to clear the sign bit. mt_getrandmax() seems to + // be 2147483647 (0x7FFFFFFF) on all platforms I've tested, so this doesn't change the + // supported range. + $rnd = $rnd[1] & 0x7FFFFFFF; + return $rnd % (1 + $max - $min) + $min; + } else { + // fall back on cryptographically insecure rng + return mt_rand($min, $max); + } } /**