Permalink
Browse files

CS fixes and dependencies for RNG changes

- CS fixes:
  - imports
  - docblocks
  - braces
- dependencies
  - RandomLib is a "suggested" dependency
  - For the framework, it's a "require-dev" dependency. Also added security-lib,
    as it is required by random-lib
  • Loading branch information...
1 parent 8de133b commit ff80be33a0df871e60adc2084f2999f87b8398f4 @weierophinney weierophinney committed Mar 13, 2013
Showing with 84 additions and 75 deletions.
  1. +4 −3 composer.json
  2. +19 −9 library/Zend/Math/Rand.php
  3. +61 −62 library/Zend/Math/Source/HashTiming.php
  4. +0 −1 library/Zend/Math/composer.json
View
7 composer.json
@@ -8,18 +8,19 @@
],
"homepage": "http://framework.zend.com/",
"license": "BSD-3-Clause",
- "minimum-stability": "dev",
"require": {
"php": ">=5.3.3"
},
"require-dev": {
"doctrine/common": ">=2.1",
- "phpunit/PHPUnit": "3.7.*",
- "ircmaxell/random-lib": "dev-master"
+ "ircmaxell/random-lib": "dev-master",
+ "ircmaxell/security-lib": "dev-master",
+ "phpunit/PHPUnit": "3.7.*"
},
"suggest": {
"doctrine/common": "Doctrine\\Common >=2.1 for annotation features",
"ext-intl": "ext/intl for i18n features",
+ "ircmaxell/random-lib": "Fallback random byte generator for Zend\\Math\\Rand if OpenSSL/Mcrypt extensions are unavailable",
"pecl-weakref": "Implementation of weak references for Zend\\Stdlib\\CallbackHandler",
"zendframework/zendpdf": "ZendPdf for creating PDF representations of barcodes",
"zendframework/zendservice-recaptcha": "ZendService\\ReCaptcha for rendering ReCaptchas in Zend\\Captcha and/or Zend\\Form"
View
28 library/Zend/Math/Rand.php
@@ -9,6 +9,8 @@
namespace Zend\Math;
+use RandomLib;
+
/**
* Pseudorandom number generator (PRNG)
*/
@@ -18,7 +20,7 @@
/**
* Alternative random byte generator using RandomLib
*
- * @var \RandomLib\Generator
+ * @var RandomLib\Generator
*/
protected static $generator = null;
@@ -37,15 +39,18 @@ public static function getBytes($length, $strong = false)
}
$bytes = '';
if (function_exists('openssl_random_pseudo_bytes')
- && (version_compare(PHP_VERSION, '5.3.4') >= 0
- || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) {
+ && (version_compare(PHP_VERSION, '5.3.4') >= 0
+ || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')
+ ) {
$bytes = openssl_random_pseudo_bytes($length, $usable);
if (true === $usable) {
return $bytes;
}
- } elseif (function_exists('mcrypt_create_iv')
- && (version_compare(PHP_VERSION, '5.3.7') >= 0
- || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) {
+ }
+ if (function_exists('mcrypt_create_iv')
+ && (version_compare(PHP_VERSION, '5.3.7') >= 0
+ || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')
+ ) {
$bytes = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
if ($bytes !== false && strlen($bytes) === $length) {
return $bytes;
@@ -63,22 +68,27 @@ public static function getBytes($length, $strong = false)
return $generator->generate($length);
}
+ /**
+ * Retrieve a fallback/alternative RNG generator
+ *
+ * @return RandomLib\Generator
+ */
public static function getAlternativeGenerator()
{
if (!is_null(self::$generator)) {
return self::$generator;
}
- if (!class_exists('\\RandomLib\\Factory')) {
+ if (!class_exists('RandomLib\\Factory')) {
throw new Exception\RuntimeException(
'The RandomLib fallback pseudorandom number generator (PRNG) '
. ' must be installed in the absence of the OpenSSL and '
. 'Mcrypt extensions'
);
}
- $factory = new \RandomLib\Factory;
+ $factory = new RandomLib\Factory;
$factory->registerSource(
'HashTiming',
- '\Zend\Math\Source\HashTiming'
+ 'Zend\Math\Source\HashTiming'
);
self::$generator = $factory->getMediumStrengthGenerator();
return self::$generator;
View
123 library/Zend/Math/Source/HashTiming.php
@@ -11,78 +11,79 @@
use RandomLib;
use SecurityLib\Strength;
-/*
-* Author:
-* George Argyros <argyros.george@gmail.com>
-*
-* Copyright (c) 2012, George Argyros
-* All rights reserved.
-*
-* Redistribution and use in source and binary forms, with or without
-* modification, are permitted provided that the following conditions are met:
-* * Redistributions of source code must retain the above copyright
-* notice, this list of conditions and the following disclaimer.
-* * Redistributions in binary form must reproduce the above copyright
-* notice, this list of conditions and the following disclaimer in the
-* documentation and/or other materials provided with the distribution.
-* * Neither the name of the <organization> nor the
-* names of its contributors may be used to endorse or promote products
-* derived from this software without specific prior written permission.
-*
-* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-* DISCLAIMED. IN NO EVENT SHALL GEORGE ARGYROS BE LIABLE FOR ANY
-* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*
-*
-*
-* The function is providing, at least at the systems tested :),
-* $len bytes of entropy under any PHP installation or operating system.
-* The execution time should be at most 10-20 ms in any system.
-*
-* Modified by Padraic Brady as part of Zend Framework to use 25% of the
-* original version's iterations.
-*/
+/**
+ * Author:
+ * George Argyros <argyros.george@gmail.com>
+ *
+ * Copyright (c) 2012, George Argyros
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * * Neither the name of the <organization> nor the
+ * names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL GEORGE ARGYROS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ *
+ *
+ * The function is providing, at least at the systems tested :),
+ * $len bytes of entropy under any PHP installation or operating system.
+ * The execution time should be at most 10-20 ms in any system.
+ *
+ * Modified by Padraic Brady as part of Zend Framework to use 25% of the
+ * original version's iterations.
+ */
class HashTiming implements RandomLib\Source
{
/**
- * Return an instance of Strength indicating the strength of the source
- *
- * @return Strength An instance of one of the strength classes
- */
+ * Return an instance of Strength indicating the strength of the source
+ *
+ * @return Strength An instance of one of the strength classes
+ */
public static function getStrength()
{
return new Strength(Strength::VERYLOW);
}
/**
- * Generate a random string of the specified size
- *
- * @param int $size The size of the requested random string
- *
- * @return string A string of the requested size
- */
- public function generate($size) {
- $result = '';
- $entropy = '';
+ * Generate a random string of the specified size
+ *
+ * @param int $size The size of the requested random string
+ *
+ * @return string A string of the requested size
+ */
+ public function generate($size)
+ {
+ $result = '';
+ $entropy = '';
$msec_per_round = 400;
$bits_per_round = 2;
- $total = $size;
- $bytes = 0;
- $hash_length = 20;
- $rounds = 0;
+ $total = $size;
+ $bytes = 0;
+ $hash_length = 20;
+ $rounds = 0;
while (strlen($result) < $size) {
- $bytes = ($total > $hash_length)? $hash_length : $total;
+ $bytes = ($total > $hash_length)? $hash_length : $total;
$total -= $bytes;
for ($i=1; $i < 3; $i++) {
- $t1 = microtime(true);
+ $t1 = microtime(true);
$seed = mt_rand();
for ($j=1; $j < 50; $j++) {
$seed = sha1($seed);
@@ -96,12 +97,10 @@ public function generate($size) {
}
$rounds = (int) ($msec_per_round * 50 / $div);
$iter = $bytes * (int) (ceil(8 / $bits_per_round));
- for ($i = 0; $i < $iter; $i ++)
- {
+ for ($i = 0; $i < $iter; $i ++) {
$t1 = microtime();
$seed = sha1(mt_rand());
- for ($j = 0; $j < $rounds; $j++)
- {
+ for ($j = 0; $j < $rounds; $j++) {
$seed = sha1($seed);
}
$t2 = microtime();
@@ -112,4 +111,4 @@ public function generate($size) {
return substr($result, 0, $size);
}
-}
+}
View
1 library/Zend/Math/composer.json
@@ -2,7 +2,6 @@
"name": "zendframework/zend-math",
"description": " ",
"license": "BSD-3-Clause",
- "minimum-stability": "dev",
"keywords": [
"zf2",
"math"

0 comments on commit ff80be3

Please sign in to comment.