Commit 0438c696 authored by Taylor Otwell's avatar Taylor Otwell

added better random sources in crypter, seed random number generator on every call.

parent 74887986
...@@ -26,7 +26,7 @@ class Crypter { ...@@ -26,7 +26,7 @@ class Crypter {
*/ */
public static function encrypt($value) public static function encrypt($value)
{ {
$iv = mcrypt_create_iv(static::iv_size(), MCRYPT_RAND); $iv = mcrypt_create_iv(static::iv_size(), static::randomizer());
$value = mcrypt_encrypt(static::$cipher, static::key(), $value, static::$mode, $iv); $value = mcrypt_encrypt(static::$cipher, static::key(), $value, static::$mode, $iv);
...@@ -58,6 +58,35 @@ class Crypter { ...@@ -58,6 +58,35 @@ class Crypter {
return rtrim(mcrypt_decrypt(static::$cipher, $key, $value, static::$mode, $iv), "\0"); return rtrim(mcrypt_decrypt(static::$cipher, $key, $value, static::$mode, $iv), "\0");
} }
/**
* Get the most secure random number generator for the system.
*
* @return int
*/
protected static function randomizer()
{
// There are various sources from which we can get random numbers
// but some are more random than others. We'll choose the most
// random source we can for this server environment.
if (defined('MCRYPT_DEV_URANDOM'))
{
return MCRYPT_DEV_URANDOM;
}
elseif (defined('MCRYPT_DEV_RANDOM'))
{
return MCRYPT_DEV_RANDOM;
}
// When using the default random number generator, we'll seed
// the generator on each call to ensure the results are as
// random as we can possibly get them.
else
{
mt_srand();
return MCRYPT_RAND;
}
}
/** /**
* Get the input vector size for the cipher and mode. * Get the input vector size for the cipher and mode.
* *
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment