return $pageURL;
}
-function random_digits($digits)
-{
- $rn = '';
- for ($i = 0; $i < $digits; $i++) {
- /// @TODO Avoid rand/mt_rand, when it comes to cryptography, they are generating predictable (seedable) numbers.
- $rn .= rand(0, 9);
- }
- return $rn;
-}
-
function get_server()
{
$server = Config::get("system", "directory");
use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Temporal;
use Friendica\Util\XML;
+use Friendica\Util\Crypto;
function item_extract_images($body) {
'$notes_cid' => $notes_cid,
'$sourceapp' => L10n::t($a->sourcename),
'$cancel' => L10n::t('Cancel'),
- '$rand_num' => random_digits(12),
+ '$rand_num' => Crypto::randomDigits(12),
// ACL permissions box
'$acl' => $x['acl'],
use Friendica\Model\FileTag;
use Friendica\Model\Item;
use Friendica\Database\DBA;
+use Friendica\Util\Crypto;
function editpost_content(App $a)
{
'$jotplugins' => $jotplugins,
'$sourceapp' => L10n::t($a->sourcename),
'$cancel' => L10n::t('Cancel'),
- '$rand_num' => random_digits(12),
+ '$rand_num' => Crypto::randomDigits(12),
//jot nav tab (used in some themes)
'$message' => L10n::t('Message'),
use Friendica\Network\Probe;
use Friendica\Object\Image;
use Friendica\Protocol\DFRN;
+use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Map;
use Friendica\Util\Security;
'$preview' => L10n::t('Preview'),
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
}
'$preview' => L10n::t('Preview'),
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
'$preview' => L10n::t('Preview'),
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
}
function notice($s)
function info($s)
function is_site_admin()
- function random_digits($digits)
function get_server()
function get_temppath()
function get_cachefile($file, $writemode = true)
use Friendica\Model\Contact;
use Friendica\Model\Item;
use Friendica\Model\Term;
+use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Proxy as ProxyUtils;
use Friendica\Util\Temporal;
'$indent' => $indent,
'$sourceapp' => L10n::t($a->sourcename),
'$ww' => $conv->getMode() === 'network' ? $ww : '',
- '$rand_num' => random_digits(12)
+ '$rand_num' => Crypto::randomDigits(12)
]);
}
return self::decryptAES256CBC(base64url_decode($data['data']), $k, $i);
}
+
+
+ /**
+ * Creates cryptographic secure random digits
+ *
+ * @param string $digits The count of digits
+ * @return int The random Digits
+ */
+ public static function randomDigits($digits)
+ {
+ $rn = '';
+
+ if (!function_exists('random_int')) {
+ // using rand() function for PHP 5.x compatibility
+ for ($i = 0; $i < $digits; $i++) {
+ $rn .= rand(0, 9);
+ }
+ } else {
+ // generating cryptographically secure pseudo-random integers
+ for ($i = 0; $i < $digits; $i++) {
+ $rn .= random_int(0, 9);
+ }
+ }
+
+ return $rn;
+ }
}
--- /dev/null
+<?php
+
+// this is in the same namespace as Install for mocking 'rand' and 'random_init'
+namespace Friendica\Util;
+
+use PHPUnit\Framework\TestCase;
+
+class CryptoTest extends TestCase
+{
+ /**
+ * Replaces function_exists results with given mocks
+ *
+ * @param array $functions a list from function names and their result
+ */
+ private function setFunctions($functions)
+ {
+ global $phpMock;
+ $phpMock['function_exists'] = function($function) use ($functions) {
+ foreach ($functions as $name => $value) {
+ if ($function == $name) {
+ return $value;
+ }
+ }
+ return '__phpunit_continue__';
+ };
+ }
+
+ /**
+ * Replaces rand results with given mocks
+ *
+ */
+ private function assertRand($min, $max)
+ {
+ global $phpMock;
+ $phpMock['rand'] = function($mMin, $mMax) use ($min, $max) {
+ $this->assertEquals($min, $mMin);
+ $this->assertEquals($max, $mMax);
+ return 1;
+ };
+ }
+
+ /**
+ * Replaces rand results with given mocks
+ *
+ */
+ private function assertRandomInt($min, $max)
+ {
+ global $phpMock;
+ $phpMock['random_int'] = function($mMin, $mMax) use ($min, $max) {
+ $this->assertEquals($min, $mMin);
+ $this->assertEquals($max, $mMax);
+ return 1;
+ };
+ }
+
+ public function testRandomDigitsRand()
+ {
+ $this->setFunctions(['random_int' => false]);
+ $this->assertRand(0, 9);
+
+ $test = Crypto::randomDigits(1);
+ $this->assertEquals(1, strlen($test));
+ $this->assertEquals(1, $test);
+
+ $test = Crypto::randomDigits(8);
+ $this->assertEquals(8, strlen($test));
+ $this->assertEquals(11111111, $test);
+ }
+
+
+ public function testRandomDigitsRandomInt()
+ {
+ $this->setFunctions(['random_int' => true]);
+ $this->assertRandomInt(0, 9);
+
+ $test = Crypto::randomDigits(1);
+ $this->assertEquals(1, strlen($test));
+ $this->assertEquals(1, $test);
+
+ $test = Crypto::randomDigits(8);
+ $this->assertEquals(8, strlen($test));
+ $this->assertEquals(11111111, $test);
+ }
+}
+
+/**
+ * A workaround to replace the PHP native function_exists() with a mocked function
+ *
+ * @param string $function_name the Name of the function
+ *
+ * @return bool true or false
+ */
+function function_exists($function_name)
+{
+ global $phpMock;
+ if (isset($phpMock['function_exists'])) {
+ $result = call_user_func_array($phpMock['function_exists'], func_get_args());
+ if ($result !== '__phpunit_continue__') {
+ return $result;
+ }
+ }
+ return call_user_func_array('\function_exists', func_get_args());
+}
+
+/**
+ * A workaround to replace the PHP native rand() (< 7.0) with a mocked function
+ *
+ * @return int
+ */
+function rand($min, $max)
+{
+ global $phpMock;
+ if (isset($phpMock['rand'])) {
+ $result = call_user_func_array($phpMock['rand'], func_get_args());
+ return $result;
+ }
+}
+
+/**
+ * A workaround to replace the PHP native random_int() (>= 7.0) with a mocked function
+ *
+ * @return int
+ */
+function random_int($min, $max)
+{
+ global $phpMock;
+ if (isset($phpMock['random_int'])) {
+ $result = call_user_func_array($phpMock['random_int'], func_get_args());
+ return $result;
+ }
+}
projects / friendica.git / commitdiff