renamed Prng to SecureRandom

src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml

@@ -140,9 +140,9 @@
         </service>
 
         <!-- Pseudorandom Number Generator -->
-        <service id="security.prng" class="Symfony\Component\Security\Core\Util\Prng">
+        <service id="security.secure_random" class="Symfony\Component\Security\Core\Util\SecureRandom">
             <tag name="monolog.logger" channel="security" />
-            <argument>%kernel.cache_dir%/prng.seed</argument>
+            <argument>%kernel.cache_dir%/secure_random.seed</argument>
             <argument type="service" id="logger" on-invalid="ignore" />
         </service>
     </services>

src/Symfony/Bundle/SecurityBundle/Resources/config/security_rememberme.xml

@@ -45,7 +45,7 @@
                  class="%security.authentication.rememberme.services.persistent.class%"
                  parent="security.authentication.rememberme.services.abstract"
                  abstract="true">
-            <call method="setPrng"><argument type="service" id="security.prng" /></call>
+            <call method="setSecureRandom"><argument type="service" id="security.secure_random" /></call>
         </service>
 
         <service id="security.authentication.rememberme.services.simplehash"

src/Symfony/Component/Security/CHANGELOG.md

@@ -4,12 +4,12 @@ CHANGELOG
 2.2.0
 -----
 
-* Added PBKDF2 Password encoder
+ * added secure random number generator
+ * added PBKDF2 Password encoder
 
 2.1.0
 -----
 
- * added secure random number generator
  * [BC BREAK] The signature of ExceptionListener has changed
  * changed the HttpUtils constructor signature to take a UrlGenerator and a UrlMatcher instead of a Router
  * EncoderFactoryInterface::getEncoder() can now also take a class name as an argument

src/Symfony/Component/Security/Core/Util/Prng.php → src/Symfony/Component/Security/Core/Util/SecureRandom.php

@@ -19,7 +19,7 @@
  * @author Fabien Potencier <fabien@symfony.com>
  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
-final class Prng
+final class SecureRandom
 {
     private $logger;
     private $useOpenSsl;

src/Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices.php

@@ -19,7 +19,7 @@
 use Symfony\Component\Security\Core\Exception\CookieTheftException;
 use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentToken;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
-use Symfony\Component\Security\Core\Util\Prng;
+use Symfony\Component\Security\Core\Util\SecureRandom;
 
 /**
  * Concrete implementation of the RememberMeServicesInterface which needs
@@ -31,11 +31,11 @@
 class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices
 {
     private $tokenProvider;
-    private $prng;
+    private $secureRandom;
 
-    public function setPrng(Prng $prng)
+    public function setSecureRandom(SecureRandom $secureRandom)
     {
-        $this->prng = $prng;
+        $this->secureRandom = $secureRandom;
     }
 
     /**
@@ -86,7 +86,7 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
         }
 
         $series = $persistentToken->getSeries();
-        $tokenValue = $this->prng->nextBytes(64);
+        $tokenValue = $this->secureRandom->nextBytes(64);
         $this->tokenProvider->updateToken($series, $tokenValue, new \DateTime());
         $request->attributes->set(self::COOKIE_ATTR_NAME,
             new Cookie(
@@ -108,8 +108,8 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
      */
     protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token)
     {
-        $series = $this->prng->nextBytes(64);
-        $tokenValue = $this->prng->nextBytes(64);
+        $series = $this->secureRandom->nextBytes(64);
+        $tokenValue = $this->secureRandom->nextBytes(64);
 
         $this->tokenProvider->createNewToken(
             new PersistentToken(

src/Symfony/Component/Security/Tests/Core/Util/PrngTest.php → src/Symfony/Component/Security/Tests/Core/Util/SecureRandomTest.php

@@ -3,30 +3,29 @@
 namespace Symfony\Component\Security\Tests\Core\Util;
 
 use Symfony\Component\Security\Core\Util\NullSeedProvider;
-use Symfony\Component\Security\Core\Util\PrngSchema;
-use Symfony\Component\Security\Core\Util\Prng;
+use Symfony\Component\Security\Core\Util\SecureRandom;
 
-class PrngTest extends \PHPUnit_Framework_TestCase
+class SecureRandomTest extends \PHPUnit_Framework_TestCase
 {
     /**
      * T1: Monobit test
      *
-     * @dataProvider getPrngs
+     * @dataProvider getSecureRandoms
      */
-    public function testMonobit($prng)
+    public function testMonobit($secureRandom)
     {
-        $nbOnBits = substr_count($this->getBitSequence($prng, 20000), '1');
+        $nbOnBits = substr_count($this->getBitSequence($secureRandom, 20000), '1');
         $this->assertTrue($nbOnBits > 9654 && $nbOnBits < 10346, 'Monobit test failed, number of turned on bits: '.$nbOnBits);
     }
 
     /**
      * T2: Chi-square test with 15 degrees of freedom (chi-Quadrat-Anpassungstest)
      *
-     * @dataProvider getPrngs
+     * @dataProvider getSecureRandoms
      */
-    public function testPoker($prng)
+    public function testPoker($secureRandom)
     {
-        $b = $this->getBitSequence($prng, 20000);
+        $b = $this->getBitSequence($secureRandom, 20000);
         $c = array();
         for ($i=0;$i<=15;$i++) {
             $c[$i] = 0;
@@ -50,11 +49,11 @@ public function testPoker($prng)
     /**
      * Run test
      *
-     * @dataProvider getPrngs
+     * @dataProvider getSecureRandoms
      */
-    public function testRun($prng)
+    public function testRun($secureRandom)
     {
-        $b = $this->getBitSequence($prng, 20000);
+        $b = $this->getBitSequence($secureRandom, 20000);
 
         $runs = array();
         for ($i=1; $i<=6; $i++) {
@@ -98,11 +97,11 @@ public function testRun($prng)
     /**
      * Long-run test
      *
-     * @dataProvider getPrngs
+     * @dataProvider getSecureRandoms
      */
-    public function testLongRun($prng)
+    public function testLongRun($secureRandom)
     {
-        $b = $this->getBitSequence($prng, 20000);
+        $b = $this->getBitSequence($secureRandom, 20000);
 
         $longestRun = 0;
         $currentRun = $lastBit = null;
@@ -127,12 +126,12 @@ public function testLongRun($prng)
     /**
      * Serial Correlation (Autokorrelationstest)
      *
-     * @dataProvider getPrngs
+     * @dataProvider getSecureRandoms
      */
-    public function testSerialCorrelation($prng)
+    public function testSerialCorrelation($secureRandom)
     {
         $shift = rand(1, 5000);
-        $b = $this->getBitSequence($prng, 20000);
+        $b = $this->getBitSequence($secureRandom, 20000);
 
         $Z = 0;
         for ($i=0; $i<5000; $i++) {
@@ -142,34 +141,34 @@ public function testSerialCorrelation($prng)
         $this->assertTrue($Z > 2326 && $Z < 2674, 'Failed serial correlation test: '.$Z);
     }
 
-    public function getPrngs()
+    public function getSecureRandoms()
     {
-        $prngs = array();
+        $secureRandoms = array();
 
         // openssl with fallback
-        $prng = new Prng();
-        $prngs[] = array($prng);
+        $secureRandom = new SecureRandom();
+        $secureRandoms[] = array($secureRandom);
 
         // no-openssl with custom seed provider
-        $prng = new Prng(sys_get_temp_dir().'/_sf2.seed');
-        $this->disableOpenSsl($prng);
-        $prngs[] = array($prng);
+        $secureRandom = new SecureRandom(sys_get_temp_dir().'/_sf2.seed');
+        $this->disableOpenSsl($secureRandom);
+        $secureRandoms[] = array($secureRandom);
 
-        return $prngs;
+        return $secureRandoms;
     }
 
-    protected function disableOpenSsl($prng)
+    protected function disableOpenSsl($secureRandom)
     {
-        $ref = new \ReflectionProperty($prng, 'useOpenSsl');
+        $ref = new \ReflectionProperty($secureRandom, 'useOpenSsl');
         $ref->setAccessible(true);
-        $ref->setValue($prng, false);
+        $ref->setValue($secureRandom, false);
     }
 
-    private function getBitSequence($prng, $length)
+    private function getBitSequence($secureRandom, $length)
     {
         $bitSequence = '';
         for ($i=0;$i<$length; $i+=40) {
-            $value = unpack('H*', $prng->nextBytes(5));
+            $value = unpack('H*', $secureRandom->nextBytes(5));
             $value = str_pad(base_convert($value[1], 16, 2), 40, '0', STR_PAD_LEFT);
             $bitSequence .= $value;
         }

src/Symfony/Component/Security/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php

@@ -22,7 +22,7 @@
 use Symfony\Component\Security\Http\RememberMe\PersistentTokenBasedRememberMeServices;
 use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
 use Symfony\Component\Security\Core\Exception\CookieTheftException;
-use Symfony\Component\Security\Core\Util\Prng;
+use Symfony\Component\Security\Core\Util\SecureRandom;
 
 class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
 {
@@ -320,7 +320,7 @@ protected function getService($userProvider = null, $options = array(), $logger
         }
 
         $r = new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
-        $r->setPrng(new Prng());
+        $r->setSecureRandom(new SecureRandom());
 
         return $r;
     }